SHADOW / README.md
kwisdomk's picture
feat: initial SHADOW deployment
da79e97
|
Raw
History Blame Contribute Delete
4.96 kB
---
title: SHADOW Kenyan Fraud Intelligence
emoji: πŸ›‘οΈ
colorFrom: red
colorTo: gray
sdk: streamlit
sdk_version: 1.35.0
app_file: app.py
pinned: false
---
# SHADOW β€” Kenyan Fraud Intelligence System
> AMD Developer Hackathon 2026 Β· Agentic AI Track
## Project Overview
Shadow is an advanced OSINT + LLM Hybrid Agentic Pipeline designed specifically to detect, analyze, and neutralize Kenyan-specific mobile fraud vectors. The system mitigates the impact of localized scams such as M-Pesa reversal fraud, Fuliza exploitation, KRA impersonation, and betting-related phishing.
Shadow solves the "Data Cold Start" problem by employing a hybrid architecture: it merges deterministic Open Source Intelligence (OSINT) with an explainable, multi-agent Large Language Model (LLM) pipeline. This ensures highly accurate classification, context-aware reasoning, and actionable mitigation strategies tailored to the Kenyan demographic, including support for English, Swahili, and Sheng dialects.
## Architecture Diagram
```text
[ Incoming SMS / Message ]
β”‚
β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ OSINT Intelligence Layerβ”‚
β”‚ (core/osint_dataset.py) β”‚
β”‚ - Deterministic Check β”‚
β”‚ - Keyword Matching β”‚
β”‚ - Scam Taxonomy Mapping β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
β”‚
β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Agent Pipeline Engine β”‚
β”‚ (agents/pipeline.py) β”‚
β”‚ β”‚
β”‚ 1. Language Agent β”‚
β”‚ 2. Threat Agent β”‚
β”‚ 3. Risk Agent β”‚
β”‚ 4. Action Agent β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
β”‚
β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ AMD vLLM / Qwen Bridge β”‚
β”‚ (core/llm_client.py) β”‚
β”‚ - Context Injection β”‚
β”‚ - Reasoning Engine β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
β”‚
β–Ό
[ Explainable JSON Output & Execution Log ]
β”‚
β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Streamlit Live Dashboardβ”‚
β”‚ (app/main.py) β”‚
β”‚ - Real-time Analysis UI β”‚
β”‚ - Execution Timeline β”‚
β”‚ - Risk Scoring Display β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
```
## Agent Pipeline Flow
1. **OSINT Pre-Analysis (Hybrid Intelligence Mode)**: Messages are instantly matched against known Kenyan scam topologies to provide a deterministic baseline.
2. **Language Agent**: Detects the dialect (English, Swahili, Sheng) and standardizes the context for subsequent analysis.
3. **Threat Agent**: Analyzes the intent of the message based on localized threat vectors.
4. **Risk Agent**: Computes a continuous risk score (0-100) and categorizes severity.
5. **Action Agent**: Determines the recommended user action (e.g., Block, Report to Safaricom, Ignore).
## Features
- **Kenyan Fraud Detection**: Specialized in detecting hyper-local scams (e.g., M-Pesa, Fuliza, KRA, Hustler Fund).
- **Sheng + Swahili Language Detection**: Seamlessly processes colloquialisms and mixed-language SMS typical in East Africa.
- **OSINT-Driven Classification**: Fuses known deterministic scam indicators with probabilistic AI reasoning.
- **Explainable AI Logs (`execution_log`)**: Glass-box observability that documents the exact reasoning step-by-step for full transparency.
- **Streamlit Live Dashboard**: Interactive real-time web UI for threat analysis and execution timeline visualization.
- **AMD Hardware Optimized**: Built to run on the AMD Developer Cloud utilizing vLLM and Qwen models, with a robust fallback mock mode for deterministic demos.
## Quick Start
```bash
pip install -r requirements.txt
streamlit run app/main.py
```
## How to Run
### 1. Install Dependencies
```bash
pip install -r requirements.txt
```
### 2. Configure Environment
```bash
# Copy the example environment file and add your AMD Cloud API key (optional β€” mock mode works without it)
cp .env.example .env
```
### 3. Launch the Streamlit Dashboard (Primary Interface)
```bash
streamlit run app/main.py
```
The dashboard runs at `http://localhost:8501` and provides a full interactive UI for submitting messages, viewing risk scores, agent reasoning, and the step-by-step execution timeline.
### 4. Run Pipeline Smoke Tests (CLI)
```bash
python scripts/test_pipeline.py
```
## Future Work
- **AMD MI300X Deployment**: Fully scale the vLLM integration on AMD MI300X infrastructure for enterprise-grade throughput.
- **WhatsApp Bot Integration**: Directly parse user-forwarded messages for instant fraud scoring.