Spaces:

SANDEEPRAMPRASAD
/

AI_powered_network_scanner

Sleeping

App Files Files Community

SANDEEPRAMPRASAD commited on Jan 6

Commit

d6f95f8

verified ·

1 Parent(s): b157bda

Upload 5 files

Browse files

Files changed (6) hide show

.gitattributes +1 -0
Friday-WorkingHours-Afternoon-DDos.pcap_ISCX.csv +3 -0
README.md +28 -0
app.py +151 -0
gitattributes +36 -0
requirements.txt +5 -0

.gitattributes ADDED Viewed

	@@ -0,0 +1 @@


1	+ Friday-WorkingHours-Afternoon-DDos.pcap_ISCX.csv filter=lfs diff=lfs merge=lfs -text

Friday-WorkingHours-Afternoon-DDos.pcap_ISCX.csv ADDED Viewed

	@@ -0,0 +1,3 @@

+version https://git-lfs.github.com/spec/v1
+oid sha256:1f779b4f0d78f9225554c4de53b5a2c07912b60dcd136ee4c5c1d0d2496b7cc4
+size 96101069

README.md ADDED Viewed

	@@ -0,0 +1,28 @@

+---
+title: AI NIDS Student Project
+emoji: 🛡️
+colorFrom: blue
+colorTo: green
+sdk: streamlit
+sdk_version: 1.39.0
+app_file: app.py
+pinned: false
+---
+# 🛡️ AI-Based Network Intrusion Detection System (Student Project)
+This project demonstrates how to use **Machine Learning (Random Forest)** and **Generative AI (Grok)** to detect and explain network attacks (specifically DDoS).
+## 🚀 How to Use
+1. **Enter API Key:** Paste your Grok API key in the sidebar (optional, for AI explanations).
+2. **Train Model:** Click the "Train AI Model" button. The system loads the `Friday-WorkingHours...` dataset automatically.
+3. **Simulate:** Click "Simulate Random Packet" to pick a real network packet from the test set.
+4. **Analyze:** See if the model flags it as **BENIGN** or **DDoS**, and ask Grok to explain why.
+## 📂 Files
+- `app.py`: The main Python application code.
+- `requirements.txt`: List of libraries used.
+- `Friday-WorkingHours-Afternoon-DDos.pcap_ISCX.csv`: The dataset (CIC-IDS2017 subset).
+## 🎓 About
+Created for a university cybersecurity project to demonstrate the integration of traditional ML and LLMs in security operations.

app.py ADDED Viewed

	@@ -0,0 +1,151 @@

+import streamlit as st
+import pandas as pd
+import numpy as np
+from sklearn.ensemble import RandomForestClassifier
+from sklearn.model_selection import train_test_split
+from sklearn.metrics import accuracy_score
+from groq import Groq
+import os
+# --- PAGE SETUP ---
+st.set_page_config(page_title="AI-NIDS Student Project", layout="wide")
+st.title("AI-Based Network Intrusion Detection System")
+st.markdown("""
+**Student Project**: This system uses **Random Forest** to detect Network attacks and **Groq AI** to explain the packets.
+""")
+# --- CONFIGURATION ---
+DATA_FILE = "Friday-WorkingHours-Afternoon-DDos.pcap_ISCX.csv"
+# --- SIDEBAR: SETTINGS ---
+st.sidebar.header("1. Settings")
+groq_api_key = st.sidebar.text_input("Groq API Key (starts with gsk_)", type="password")
+st.sidebar.caption("[Get a free key here](https://console.groq.com/keys)")
+st.sidebar.header("2. Model Training")
+@st.cache_data
+def load_data(filepath):
+    try:
+        df = pd.read_csv(filepath, nrows=15000)
+        df.columns = df.columns.str.strip()
+        df.replace([np.inf, -np.inf], np.nan, inplace=True)
+        df.dropna(inplace=True)
+        return df
+    except FileNotFoundError:
+        return None
+def train_model(df):
+    features = ['Flow Duration', 'Total Fwd Packets', 'Total Backward Packets',
+                'Total Length of Fwd Packets', 'Fwd Packet Length Max',
+                'Flow IAT Mean', 'Flow IAT Std', 'Flow Packets/s']
+    target = 'Label'
+    missing_cols = [c for c in features if c not in df.columns]
+    if missing_cols:
+        st.error(f"Missing columns in CSV: {missing_cols}")
+        return None, 0, [], None, None
+    X = df[features]
+    y = df[target]
+    X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.3, random_state=42)
+    clf = RandomForestClassifier(n_estimators=10, max_depth=10, random_state=42)
+    clf.fit(X_train, y_train)
+    score = accuracy_score(y_test, clf.predict(X_test))
+    return clf, score, features, X_test, y_test
+# --- APP LOGIC ---
+df = load_data(DATA_FILE)
+if df is None:
+    st.error(f"Error: File '{DATA_FILE}' not found. Please upload it to the Files tab.")
+    st.stop()
+st.sidebar.success(f"Dataset Loaded: {len(df)} rows")
+if st.sidebar.button("Train Model Now"):
+    with st.spinner("Training model..."):
+        clf, accuracy, feature_names, X_test, y_test = train_model(df)
+        if clf:
+            st.session_state['model'] = clf
+            st.session_state['features'] = feature_names
+            st.session_state['X_test'] = X_test
+            st.session_state['y_test'] = y_test
+            st.sidebar.success(f"Training Complete! Accuracy: {accuracy:.2%}")
+st.header("3. Threat Analysis Dashboard")
+if 'model' in st.session_state:
+    col1, col2 = st.columns(2)
+    with col1:
+        st.subheader("Simulation")
+        st.info("Pick a random packet from the test data to simulate live traffic.")
+        if st.button("🎲 Capture Random Packet"):
+            random_idx = np.random.randint(0, len(st.session_state['X_test']))
+            packet_data = st.session_state['X_test'].iloc[random_idx]
+            actual_label = st.session_state['y_test'].iloc[random_idx]
+            st.session_state['current_packet'] = packet_data
+            st.session_state['actual_label'] = actual_label
+    if 'current_packet' in st.session_state:
+        packet = st.session_state['current_packet']
+        with col1:
+            st.write("**Packet Header Info:**")
+            st.dataframe(packet, use_container_width=True)
+        with col2:
+            st.subheader("AI Detection Result")
+            prediction = st.session_state['model'].predict([packet])[0]
+            if prediction == "BENIGN":
+                st.success(f" STATUS: **SAFE (BENIGN)**")
+            else:
+                st.error(f"🚨 STATUS: **ATTACK DETECTED ({prediction})**")
+            st.caption(f"Ground Truth Label: {st.session_state['actual_label']}")
+            st.markdown("---")
+            st.subheader(" Ask AI Analyst (Groq)")
+            if st.button("Generate Explanation"):
+                if not groq_api_key:
+                    st.warning(" Please enter your Groq API Key in the sidebar first.")
+                else:
+                    try:
+                        client = Groq(api_key=groq_api_key)
+                        prompt = f"""
+                        You are a cybersecurity analyst.
+                        A network packet was detected as: {prediction}.
+                        Packet Technical Details:
+                        {packet.to_string()}
+                        Please explain:
+                        1. Why these specific values (like Flow Duration or Packet Length) might indicate {prediction}.
+                        2. If it is BENIGN, explain why it looks normal.
+                        3. Keep the answer short and simple for a student.
+                        """
+                        with st.spinner("Groq is analyzing the packet..."):
+                            completion = client.chat.completions.create(
+                                model="llama-3.3-70b-versatile",  # <--- UPDATED MODEL NAME
+                                messages=[
+                                    {"role": "user", "content": prompt}
+                                ],
+                                temperature=0.6,
+                            )
+                            st.info(completion.choices[0].message.content)
+                    except Exception as e:
+                        st.error(f"API Error: {e}")
+else:
+    st.info(" Waiting for model training. Click **'Train Model Now'** in the sidebar.")

gitattributes ADDED Viewed

	@@ -0,0 +1,36 @@

+*.7z filter=lfs diff=lfs merge=lfs -text
+*.arrow filter=lfs diff=lfs merge=lfs -text
+*.bin filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.ckpt filter=lfs diff=lfs merge=lfs -text
+*.ftz filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.h5 filter=lfs diff=lfs merge=lfs -text
+*.joblib filter=lfs diff=lfs merge=lfs -text
+*.lfs.* filter=lfs diff=lfs merge=lfs -text
+*.mlmodel filter=lfs diff=lfs merge=lfs -text
+*.model filter=lfs diff=lfs merge=lfs -text
+*.msgpack filter=lfs diff=lfs merge=lfs -text
+*.npy filter=lfs diff=lfs merge=lfs -text
+*.npz filter=lfs diff=lfs merge=lfs -text
+*.onnx filter=lfs diff=lfs merge=lfs -text
+*.ot filter=lfs diff=lfs merge=lfs -text
+*.parquet filter=lfs diff=lfs merge=lfs -text
+*.pb filter=lfs diff=lfs merge=lfs -text
+*.pickle filter=lfs diff=lfs merge=lfs -text
+*.pkl filter=lfs diff=lfs merge=lfs -text
+*.pt filter=lfs diff=lfs merge=lfs -text
+*.pth filter=lfs diff=lfs merge=lfs -text
+*.rar filter=lfs diff=lfs merge=lfs -text
+*.safetensors filter=lfs diff=lfs merge=lfs -text
+saved_model/**/* filter=lfs diff=lfs merge=lfs -text
+*.tar.* filter=lfs diff=lfs merge=lfs -text
+*.tar filter=lfs diff=lfs merge=lfs -text
+*.tflite filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.wasm filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
+*tfevents* filter=lfs diff=lfs merge=lfs -text
+Friday-WorkingHours-Afternoon-DDos.pcap_ISCX.csv filter=lfs diff=lfs merge=lfs -text

requirements.txt ADDED Viewed

	@@ -0,0 +1,5 @@

+streamlit
+pandas
+numpy
+scikit-learn
+groq