Spaces:

princemaxp
/

CySecGuardians

Sleeping

App Files Files Community

CySecGuardians / scoring_engine.py

princemaxp

Update scoring_engine.py

07d9eff verified about 1 month ago

raw

history blame contribute delete

2.12 kB

	# scoring_engine.py

	def compute_final_score(
	*,
	header_score: int,
	body_score: int,
	url_score: int,
	attachment_score: int,
	behavior_score: int,
	behavior_attack: str,
	header_findings: list,
	body_findings: list,
	url_findings: list,
	attachment_findings: list,
	auth_results: dict,
	):
	reasoning = []

	# -------------------------
	# NORMALIZE INPUTS (🔥 FIX)
	# -------------------------
	attack = (behavior_attack or "").strip().lower()

	# -------------------------
	# 🔥 HARD BEHAVIOR OVERRIDE
	# -------------------------
	if attack == "sextortion":
	reasoning.append("Sextortion behavior detected → authoritative override")
	reasoning.append("Behavioral confidence supersedes heuristics")
	return 90, "🚨 Malicious", reasoning

	# -------------------------
	# BASE WEIGHTED SCORE
	# -------------------------
	final_score = (
	header_score * 0.20 +
	body_score * 0.25 +
	behavior_score * 0.30 +
	url_score * 0.15 +
	attachment_score * 0.10
	)

	reasoning.append(f"Header contribution: {header_score * 0.20:.1f}")
	reasoning.append(f"Body contribution: {body_score * 0.25:.1f}")
	reasoning.append(f"Behavior contribution: {behavior_score * 0.30:.1f}")
	reasoning.append(f"URL contribution: {url_score * 0.15:.1f}")
	reasoning.append(f"Attachment contribution: {attachment_score * 0.10:.1f}")

	# -------------------------
	# AUTHENTICATION BOOST
	# -------------------------
	if auth_results.get("dmarc") == "fail":
	final_score += 10
	reasoning.append("DMARC failed → +10")

	if auth_results.get("spf") == "fail":
	final_score += 5
	reasoning.append("SPF failed → +5")

	final_score = min(int(final_score), 100)

	# -------------------------
	# VERDICT
	# -------------------------
	if final_score >= 70:
	verdict = "🚨 Malicious"
	elif final_score >= 40:
	verdict = "⚠️ Suspicious"
	else:
	verdict = "✅ Safe"

	return final_score, verdict, reasoning