Hugging Face's logo

Spaces:
dev1461
/
IDS_project_app
Sleeping

App Files Community
dev1461 commited on
Commit
b5ed450
Β·
verified Β·
1 Parent(s): caf7068

Update app.py

Browse files
Files changed (1) hide show
  1. app.py +31 -22
app.py CHANGED
@@ -8,36 +8,45 @@ def predict(duration, src_bytes, dst_bytes, failed_logins,
8
  count, error_rate, same_srv_rate, diff_srv_rate,
9
  host_count, login_attempts):
10
 
11
- # Convert input into array
12
  data = np.array([
13
  duration, src_bytes, dst_bytes, failed_logins,
14
  count, error_rate, same_srv_rate, diff_srv_rate,
15
  host_count, login_attempts
16
  ])
17
 
18
- # Simple logic (for demo)
19
  score = np.sum(data)
20
- result = 1 if score > 50 else 0
21
-
22
- # Interpretation
23
- if result == 1:
24
- return (
25
- "⚠️ **Attack Detected!**\n\n"
26
- f"Risk Score: {score:.2f}\n\n"
27
- "The network behavior appears suspicious.\n"
28
- "Possible reasons:\n"
29
- "- High traffic volume\n"
30
- "- Multiple login attempts\n"
31
- "- Unusual connection patterns\n\n"
32
- "πŸ‘‰ Recommended Action: Monitor or block this activity."
33
- )
34
  else:
35
- return (
36
- "βœ… **Normal Traffic**\n\n"
37
- f"Risk Score: {score:.2f}\n\n"
38
- "The network activity appears safe and normal.\n"
39
- "No immediate threat detected."
40
- )
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
41
 
42
 
43
  # =========================
 
8
  count, error_rate, same_srv_rate, diff_srv_rate,
9
  host_count, login_attempts):
10
 
 
11
  data = np.array([
12
  duration, src_bytes, dst_bytes, failed_logins,
13
  count, error_rate, same_srv_rate, diff_srv_rate,
14
  host_count, login_attempts
15
  ])
16
 
 
17
  score = np.sum(data)
18
+
19
+ # Define ranges
20
+ if score < 30:
21
+ status = "βœ… Normal Traffic"
22
+ explanation = "Low activity and safe behavior detected."
23
+ risk_level = "Low"
24
+ elif score < 60:
25
+ status = "⚠️ Suspicious Activity"
26
+ explanation = "Moderate anomaly detected. Could indicate unusual behavior."
27
+ risk_level = "Medium"
 
 
 
 
28
  else:
29
+ status = "🚨 Attack Detected!"
30
+ explanation = "High anomaly detected. Strong indication of malicious activity."
31
+ risk_level = "High"
32
+
33
+ return f"""
34
+ {status}
35
+
36
+ ### πŸ”’ Risk Score: {score:.2f}
37
+ The risk score represents the overall intensity of network activity based on input features.
38
+
39
+ ### πŸ“Š Interpretation:
40
+ - **0 – 30 β†’ Normal Traffic (Low Risk)**
41
+ - **30 – 60 β†’ Suspicious Activity (Medium Risk)**
42
+ - **60+ β†’ Attack (High Risk)**
43
+
44
+ ### 🧠 Analysis:
45
+ {explanation}
46
+
47
+ ### πŸ›‘οΈ Recommendation:
48
+ {"No action needed." if score < 30 else "Monitor the system." if score < 60 else "Immediate action required! Block or investigate."}
49
+ """
50
 
51
 
52
  # =========================