Initial deployment to Spaces

.dockerignore

@@ -0,0 +1,22 @@
+__pycache__
+*.pyc
+*.pyo
+*.pyd
+.Python
+*.so
+*.egg
+*.egg-info
+dist
+build
+.env
+.venv
+venv
+env
+.git
+.gitignore
+.idea
+.vscode
+*.db
+knowledge_db
+models
+*.log

Dockerfile

@@ -0,0 +1,37 @@
+FROM python:3.12-slim
+
+WORKDIR /app
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y \
+    gcc \
+    g++ \
+    make \
+    && rm -rf /var/lib/apt/lists/*
+
+# Copy requirements and install
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application code
+COPY . .
+
+# Create data directory for persistence
+RUN mkdir -p /data
+
+# Set environment variables
+ENV PYTHONUNBUFFERED=1
+ENV MODEL_REPO=daskalos-apps/phi4-cybersec-Q4_K_M
+ENV MODEL_FILENAME=phi4-mini-instruct-Q4_K_M.gguf
+ENV USE_RAG=true
+ENV CACHE_ENABLED=true
+
+# Expose port
+EXPOSE 8000
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+  CMD python -c "import requests; requests.get('http://localhost:8000/health')"
+
+# Run the application
+CMD ["python", "main.py"]

README.md

@@ -1,11 +1,35 @@
 ---
-title: CyberSecChatbot
-emoji: 🏢
-colorFrom: purple
-colorTo: yellow
+title: Cybersecurity Training Chatbot
+emoji: 🔒
+colorFrom: blue
+colorTo: purple
 sdk: docker
 pinned: false
 license: mit
+app_port: 8000
 ---
 
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+# Cybersecurity Training Chatbot
+
+An AI-powered cybersecurity training assistant using Microsoft's Phi-4 model.
+
+## Features
+
+- 🤖 AI-powered security guidance
+- 💬 Real-time chat interface
+- 📊 Interaction tracking
+- 🔍 RAG-enhanced responses
+- ⚡ Fast CPU inference
+
+## Usage
+
+Simply start chatting with the bot about cybersecurity topics!
+
+Access the test interface at: `/test`
+
+## API Endpoints
+
+- `/test` - Chat interface
+- `/health` - Health check
+- `/docs` - API documentation
+- `/interactions/count` - View total interactions

knowledge_base.py

@@ -0,0 +1,1069 @@
+import json
+import os
+from typing import List, Dict, Any, Optional, Generator
+from dataclasses import dataclass
+from enum import Enum
+import hashlib
+import logging
+from datetime import datetime
+
+import chromadb
+from chromadb.config import Settings
+from sentence_transformers import SentenceTransformer
+from huggingface_hub import hf_hub_download
+
+# Import the base LLM handler
+from llm_handler import CybersecurityLLM
+
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+
+# ================================================
+# Security Knowledge Definitions
+# ================================================
+
+class SecurityTopic(Enum):
+    PHISHING = "phishing"
+    PASSWORDS = "passwords"
+    MALWARE = "malware"
+    SOCIAL_ENGINEERING = "social_engineering"
+    DATA_PROTECTION = "data_protection"
+    NETWORK_SECURITY = "network_security"
+    INCIDENT_RESPONSE = "incident_response"
+    PHYSICAL_SECURITY = "physical_security"
+    MOBILE_SECURITY = "mobile_security"
+    CLOUD_SECURITY = "cloud_security"
+    COMPLIANCE = "compliance"
+    EMAIL_SECURITY = "email_security"
+    RANSOMWARE = "ransomware"
+    ZERO_TRUST = "zero_trust"
+    SUPPLY_CHAIN = "supply_chain"
+
+
+@dataclass
+class SecurityKnowledge:
+    topic: SecurityTopic
+    title: str
+    content: str
+    keywords: List[str]
+    severity: str  # low, medium, high, critical
+    last_updated: str = ""
+
+    def to_dict(self) -> Dict[str, Any]:
+        return {
+            "topic": self.topic.value,
+            "title": self.title,
+            "content": self.content,
+            "keywords": json.dumps(self.keywords),  # Serialize list to JSON string
+            "severity": self.severity,
+            "last_updated": self.last_updated or datetime.now().isoformat()
+        }
+
+
+# ================================================
+# Main Knowledge Base Class
+# ================================================
+
+class CybersecurityKnowledgeBase:
+    def __init__(self,
+                 persist_directory: str = "./knowledge_db",
+                 embedding_model: str = "all-MiniLM-L6-v2"):
+        """
+        Initialize knowledge base with vector database
+
+        Args:
+            persist_directory: Directory to persist ChromaDB
+            embedding_model: Sentence transformer model for embeddings
+        """
+
+        logger.info(f"Initializing knowledge base at {persist_directory}")
+
+        # Create directory if it doesn't exist
+        os.makedirs(persist_directory, exist_ok=True)
+
+        # Initialize ChromaDB with persistence
+        self.client = chromadb.PersistentClient(
+            path=persist_directory,
+            settings=Settings(
+                anonymized_telemetry=False,
+                allow_reset=True
+            )
+        )
+
+        # Create or get collection
+        try:
+            self.collection = self.client.get_collection("cybersecurity_knowledge")
+            logger.info(f"Loaded existing collection with {self.collection.count()} documents")
+        except:
+            self.collection = self.client.create_collection(
+                name="cybersecurity_knowledge",
+                metadata={"description": "Cybersecurity best practices and knowledge"}
+            )
+            logger.info("Created new knowledge collection")
+
+        # Initialize embedder
+        logger.info(f"Loading embedding model: {embedding_model}")
+        self.embedder = SentenceTransformer(embedding_model)
+
+        # Load core knowledge if collection is empty
+        if self.collection.count() == 0:
+            logger.info("Loading core cybersecurity knowledge...")
+            self._load_core_knowledge()
+
+        # Track statistics
+        self.stats = {
+            "total_documents": self.collection.count(),
+            "queries_processed": 0,
+            "last_updated": datetime.now().isoformat()
+        }
+
+    def _load_core_knowledge(self):
+        """Load comprehensive cybersecurity knowledge"""
+
+        knowledge_items = [
+            # Phishing and Email Security
+            SecurityKnowledge(
+                topic=SecurityTopic.PHISHING,
+                title="Comprehensive Phishing Detection Guide",
+                content="""
+                IDENTIFYING PHISHING EMAILS - Complete Guide:
+
+                Red Flags to Watch For:
+                • Generic greetings: "Dear Customer" instead of your actual name
+                • Urgency tactics: "Act now or your account will be closed!"
+                • Grammar/spelling errors: Professional companies proofread their emails
+                • Mismatched sender: Display name doesn't match email address
+                • Suspicious links: Hover to see if URL matches claimed sender
+                • Unexpected attachments: Especially .zip, .exe, .scr, .vbs files
+                • Requests for sensitive info: Legitimate companies don't ask for passwords via email
+                • Too good to be true: "You've won $1 million!"
+                • Emotional manipulation: Fear, greed, curiosity, sympathy
+
+                How to Verify Suspicious Emails:
+                1. Check sender's email address carefully (not just display name)
+                2. Hover over links WITHOUT clicking to preview destination
+                3. Look for HTTPS and correct domain in links
+                4. Contact company directly through official channels (not email links)
+                5. Check for personalization - legitimate emails often include account numbers
+                6. Verify with IT security team when in doubt
+
+                What to Do If You Receive Phishing:
+                1. Don't click links or download attachments
+                2. Don't reply or provide any information
+                3. Report to IT security immediately
+                4. Forward to anti-phishing team if available
+                5. Delete the email after reporting
+                6. Warn colleagues if it's widespread
+
+                If You Clicked a Phishing Link:
+                1. Disconnect from network immediately
+                2. Change passwords from a different device
+                3. Report to IT security IMMEDIATELY
+                4. Run antivirus scan
+                5. Monitor accounts for suspicious activity
+                6. Enable MFA on all accounts if not already done
+                """,
+                keywords=["phishing", "email", "scam", "suspicious", "link", "attachment", "spear phishing", "whaling",
+                          "BEC"],
+                severity="critical"
+            ),
+
+            # Password Security
+            SecurityKnowledge(
+                topic=SecurityTopic.PASSWORDS,
+                title="Password Security Best Practices",
+                content="""
+                CREATING STRONG PASSWORDS:
+
+                Requirements for Strong Passwords:
+                • Minimum 12-16 characters (longer is better)
+                • Mix of uppercase and lowercase letters
+                • Include numbers and special characters (!@#$%^&*)
+                • Avoid dictionary words and personal information
+                • Unique for every account - never reuse passwords
+                • Consider passphrases: 'Coffee@7Makes$Me!Happy2024'
+                • Avoid patterns: Password1, Password2, etc.
+                • Don't use keyboard patterns: qwerty, 123456
+
+                Password Management Best Practices:
+                • Use a reputable password manager (Bitwarden, 1Password, LastPass)
+                • Enable two-factor authentication (2FA) everywhere possible
+                • Use authenticator apps over SMS when possible
+                • Never share passwords via email, chat, or phone
+                • Change passwords immediately if breach suspected
+                • Don't write passwords on sticky notes
+                • Use different passwords for work and personal accounts
+                • Consider using hardware keys for critical accounts
+
+                Multi-Factor Authentication (MFA):
+                • Something you know (password)
+                • Something you have (phone, token)
+                • Something you are (biometric)
+
+                Password Manager Benefits:
+                • Generate random, unique passwords
+                • Securely store all passwords
+                • Auto-fill credentials safely
+                • Sync across devices
+                • Alert you to breaches
+                • Share passwords securely when needed
+
+                Common Password Mistakes:
+                • Using personal information (birthdate, pet names)
+                • Reusing passwords across sites
+                • Sharing passwords with others
+                • Using simple substitutions (P@ssw0rd)
+                • Not updating default passwords
+                • Ignoring breach notifications
+                """,
+                keywords=["password", "authentication", "2FA", "MFA", "login", "credentials", "passphrase",
+                          "password manager"],
+                severity="critical"
+            ),
+
+            # Malware Prevention
+            SecurityKnowledge(
+                topic=SecurityTopic.MALWARE,
+                title="Malware Prevention and Response",
+                content="""
+                MALWARE PREVENTION STRATEGIES:
+
+                Prevention Best Practices:
+                • Keep OS and all software updated with latest patches
+                • Use reputable antivirus with real-time protection
+                • Enable Windows Defender or equivalent
+                • Download software only from official sources
+                • Verify digital signatures on downloads
+                • Scan USB drives before opening files
+                • Disable macros in Office documents from unknown sources
+                • Use application sandboxing when possible
+                • Regular backups following 3-2-1 rule
+                • Keep UAC (User Account Control) enabled
+
+                Types of Malware:
+                • Viruses: Self-replicating, attaches to files
+                • Worms: Self-spreading through networks
+                • Trojans: Disguised as legitimate software
+                • Ransomware: Encrypts files for ransom
+                • Spyware: Steals information secretly
+                • Adware: Displays unwanted advertisements
+                • Rootkits: Hides presence from system
+                • Keyloggers: Records keystrokes
+                • Cryptominers: Uses resources to mine cryptocurrency
+
+                Warning Signs of Infection:
+                • Computer running unusually slow
+                • Frequent crashes or blue screens
+                • Programs starting automatically
+                • Browser homepage changed
+                • New toolbars or extensions
+                • Excessive pop-ups
+                • Files encrypted with ransom note
+                • Unusual network activity
+                • Disabled security software
+                • Missing or modified files
+
+                If Infected - Immediate Steps:
+                1. Disconnect from all networks (WiFi, Ethernet)
+                2. Enter Safe Mode if possible
+                3. Run full antivirus scan
+                4. Use additional malware removal tools (Malwarebytes)
+                5. Check for system restore points
+                6. Contact IT security team immediately
+                7. Change all passwords from clean device
+                8. Monitor financial accounts
+                9. Consider complete system reinstall for severe infections
+                """,
+                keywords=["malware", "virus", "ransomware", "trojan", "antivirus", "infection", "worm", "spyware"],
+                severity="critical"
+            ),
+
+            # Social Engineering
+            SecurityKnowledge(
+                topic=SecurityTopic.SOCIAL_ENGINEERING,
+                title="Social Engineering Defense Strategies",
+                content="""
+                DEFENDING AGAINST SOCIAL ENGINEERING:
+
+                Common Social Engineering Tactics:
+                • Pretexting: Creating fake scenarios to steal information
+                • Baiting: Offering something enticing (USB drives, downloads)
+                • Quid pro quo: Offering service for information
+                • Tailgating: Following into secure areas
+                • Vishing: Voice phishing via phone
+                • Smishing: SMS/text message phishing
+                • Watering hole: Compromising frequently visited websites
+                • Dumpster diving: Searching trash for information
+                • Shoulder surfing: Looking over shoulder for passwords
+
+                Red Flags to Recognize:
+                • Unsolicited contact asking for information
+                • Urgency without verification
+                • Requests to bypass normal procedures
+                • Appeals to authority without proof
+                • Offers that seem too good to be true
+                • Requests for passwords or sensitive data
+                • Emotional manipulation (fear, greed, sympathy)
+                • Name dropping without context
+                • Resistance to verification
+
+                Defense Strategies:
+                • Always verify identity before sharing information
+                • Use callback numbers from official sources
+                • Be suspicious of unsolicited contacts
+                • Never give passwords over phone/email
+                • Question unusual requests, even from "colleagues"
+                • Report suspicious behavior immediately
+                • Trust but verify - confirm through separate channel
+                • Be aware of information you share publicly
+                • Secure physical documents and screens
+                • Educate family about work-related scams
+
+                Verification Techniques:
+                • Call back on known number
+                • Check employee directory
+                • Verify with manager
+                • Ask for employee ID
+                • Request email confirmation
+                • Check digital signatures
+                • Verify through IT security
+                """,
+                keywords=["social engineering", "pretexting", "vishing", "smishing", "manipulation", "tailgating",
+                          "phishing"],
+                severity="high"
+            ),
+
+            # Network Security
+            SecurityKnowledge(
+                topic=SecurityTopic.NETWORK_SECURITY,
+                title="Network and WiFi Security Guide",
+                content="""
+                NETWORK SECURITY BEST PRACTICES:
+
+                Home WiFi Security:
+                • Change default router admin credentials immediately
+                • Use WPA3 encryption (WPA2 minimum)
+                • Create strong WiFi password (20+ characters)
+                • Change default network name (SSID)
+                • Disable WPS (WiFi Protected Setup)
+                • Keep router firmware updated monthly
+                • Use guest network for visitors and IoT devices
+                • Disable remote management unless necessary
+                • Turn off SSID broadcast if practical
+                • Use MAC address filtering for added security
+                • Position router centrally to minimize external signal
+                • Regular reboot router (monthly)
+
+                Public WiFi Safety:
+                • Avoid accessing sensitive accounts
+                • Always use VPN for all connections
+                • Verify network name with venue staff
+                • Turn off automatic WiFi connection
+                • Forget network after use
+                • Never accept certificate warnings
+                • Disable file sharing
+                • Use cellular data for sensitive tasks
+                • Keep firewall enabled
+                • Use HTTPS websites only
+
+                VPN Best Practices:
+                • Use company-approved VPN only
+                • Connect before accessing any resources
+                • Keep VPN client updated
+                • Report connection issues immediately
+                • Don't use free/public VPN services
+                • Verify VPN is active before working
+
+                Network Hygiene:
+                • Regular network scans for unknown devices
+                • Monitor bandwidth usage
+                • Check for unauthorized access points
+                • Secure all network equipment physically
+                • Document network configuration
+                • Regular security audits
+                """,
+                keywords=["wifi", "network", "router", "VPN", "encryption", "WPA3", "public wifi", "wireless"],
+                severity="high"
+            ),
+
+            # Incident Response
+            SecurityKnowledge(
+                topic=SecurityTopic.INCIDENT_RESPONSE,
+                title="Security Incident Response Procedures",
+                content="""
+                SECURITY INCIDENT RESPONSE GUIDE:
+
+                IMMEDIATE RESPONSE STEPS:
+                1. STOP - Don't try to fix it yourself
+                2. DISCONNECT - Unplug network cable or disable WiFi
+                3. DOCUMENT - Write down:
+                   - What happened
+                   - When it occurred
+                   - What you were doing
+                   - Error messages
+                   - Unusual behavior observed
+                4. REPORT - Contact IT security immediately
+                5. PRESERVE - Don't delete anything, take screenshots
+                6. WAIT - For IT security instructions
+
+                Types of Incidents Requiring Immediate Reporting:
+                • Clicked suspicious link or attachment
+                • Entered credentials on suspicious site
+                • Lost device with company data
+                • Suspicious computer behavior
+                • Unauthorized access attempts
+                • Data breach or leak discovered
+                • Ransomware infection
+                • Physical security breach
+                • Stolen credentials
+                • Suspicious phone calls asking for info
+
+                Information to Provide:
+                • Your name and contact information
+                • Time and date of incident
+                • Affected systems/accounts
+                • Description of what happened
+                • Actions taken so far
+                • Any error messages (exact wording)
+                • Screenshots if possible
+                • Anyone else who might be affected
+
+                DO NOT:
+                • Try to fix it yourself
+                • Delete or modify evidence
+                • Inform unauthorized people
+                • Post about it on social media
+                • Continue using affected systems
+                • Pay ransoms
+
+                Contact Information:
+                IT Security Hotline: [Organization specific]
+                Email: security@[organization]
+                After hours: [Emergency contact]
+                """,
+                keywords=["incident", "breach", "response", "report", "emergency", "compromise", "security incident"],
+                severity="critical"
+            ),
+
+            # Data Protection
+            SecurityKnowledge(
+                topic=SecurityTopic.DATA_PROTECTION,
+                title="Data Protection and Privacy Guide",
+                content="""
+                DATA PROTECTION BEST PRACTICES:
+
+                Data Classification:
+                • Public: Can be freely shared
+                • Internal: Within organization only
+                ��� Confidential: Specific authorized individuals
+                • Restricted: Highest sensitivity, strict controls
+
+                Handling Sensitive Data:
+                • Encrypt files before sharing externally
+                • Use approved file sharing platforms only
+                • Never use personal email for work data
+                • Implement clean desk policy
+                • Lock computer when stepping away (Win+L or Cmd+Ctrl+Q)
+                • Use privacy screens in public spaces
+                • Shred physical documents with sensitive info
+                • Secure disposal of electronic media
+                • Don't discuss sensitive info in public
+                • Be aware of smart speakers/devices
+
+                Encryption Best Practices:
+                • Use full disk encryption (BitLocker, FileVault)
+                • Encrypt removable media
+                • Use encrypted communication channels
+                • Encrypt email with sensitive data
+                • Password protect sensitive documents
+                • Use enterprise encryption tools
+                • Store encryption keys securely
+
+                Data Backup Practices:
+                • Follow 3-2-1 rule:
+                  - 3 copies of important data
+                  - 2 different storage media
+                  - 1 offsite backup
+                • Test restore procedures regularly
+                • Encrypt backup drives
+                • Store backups securely
+                • Automate where possible
+                • Document what's backed up
+                • Verify backup integrity
+
+                Privacy Considerations:
+                • Minimize data collection
+                • Only share need-to-know basis
+                • Regular data audits
+                • Respect retention policies
+                • Secure data destruction
+                • GDPR/CCPA compliance
+                """,
+                keywords=["data", "encryption", "backup", "confidential", "sensitive", "GDPR", "privacy",
+                          "classification"],
+                severity="high"
+            ),
+
+            # Mobile Security
+            SecurityKnowledge(
+                topic=SecurityTopic.MOBILE_SECURITY,
+                title="Mobile Device Security Guidelines",
+                content="""
+                MOBILE DEVICE SECURITY:
+
+                Device Security Settings:
+                • Enable screen lock (PIN, password, biometric)
+                • Set auto-lock to 1-2 minutes
+                • Keep OS and apps updated automatically
+                • Download apps only from official stores
+                • Review app permissions carefully
+                • Enable remote wipe capability
+                • Use Find My Device features
+                • Encrypt device storage
+                • Disable Bluetooth when not needed
+                • Turn off WiFi auto-connect
+                • Disable Siri/Assistant on lock screen
+
+                BYOD (Bring Your Own Device) Security:
+                • Separate work and personal data
+                • Use MDM if required by company
+                • Install company security apps
+                • Follow company mobile policy
+                • Report lost/stolen immediately
+                • Don't jailbreak/root devices
+                • Use company VPN for work
+                • Regular security updates
+
+                Mobile Threats:
+                • Malicious apps
+                • Unsecured WiFi
+                • SMiShing (SMS phishing)
+                • Bluetooth attacks
+                • Physical theft
+                • Shoulder surfing
+                • Juice jacking (USB charging)
+                • SIM swapping
+
+                Safe Mobile Practices:
+                • Avoid public WiFi for sensitive tasks
+                • Use VPN when on public networks
+                • Don't click links in text messages
+                • Be cautious with QR codes
+                • Use official app stores only
+                • Keep personal info private
+                • Regular app permission audits
+                • Backup device regularly
+                • Use mobile antivirus
+                • Avoid charging at public USB ports
+                """,
+                keywords=["mobile", "smartphone", "tablet", "BYOD", "iOS", "Android", "app security", "MDM"],
+                severity="medium"
+            ),
+
+            # Ransomware Specific
+            SecurityKnowledge(
+                topic=SecurityTopic.RANSOMWARE,
+                title="Ransomware Prevention and Response",
+                content="""
+                RANSOMWARE PROTECTION GUIDE:
+
+                Prevention Strategies:
+                • Regular automated backups (tested restores)
+                • Keep all software patched and updated
+                • Email filtering and sandboxing
+                • Disable macros by default
+                • User training on phishing
+                • Network segmentation
+                • Principle of least privilege
+                • Application whitelisting
+                • Endpoint detection and response (EDR)
+
+                If Ransomware Strikes:
+                1. Immediately disconnect from network
+                2. Power off if actively encrypting
+                3. Report to IT security immediately
+                4. Do NOT pay ransom
+                5. Preserve evidence for investigation
+                6. Check for decryption tools
+                7. Restore from clean backups
+                8. Rebuild affected systems
+                9. Investigate root cause
+                10. Implement lessons learned
+
+                Warning Signs:
+                • Files with strange extensions
+                • Cannot open documents
+                • Ransom notes in folders
+                • Slow computer performance
+                • Renamed files
+                • Wallpaper changed to ransom message
+
+                Recovery Planning:
+                • Maintain offline backups
+                • Test restore procedures
+                • Document critical systems
+                • Incident response plan
+                • Communication plan
+                • Legal/law enforcement contacts
+                """,
+                keywords=["ransomware", "encryption", "ransom", "backup", "recovery", "bitcoin", "crypto"],
+                severity="critical"
+            ),
+
+            # Cloud Security
+            SecurityKnowledge(
+                topic=SecurityTopic.CLOUD_SECURITY,
+                title="Cloud Services Security",
+                content="""
+                CLOUD SECURITY BEST PRACTICES:
+
+                Account Security:
+                • Use strong, unique passwords
+                • Enable MFA on all cloud accounts
+                • Regular access reviews
+                • Monitor for unusual activity
+                • Use SSO where available
+                • Secure API keys and tokens
+
+                Data Protection in Cloud:
+                • Understand shared responsibility model
+                • Encrypt data at rest and in transit
+                • Use cloud provider encryption
+                • Control data residency
+                • Regular security audits
+                • Implement DLP policies
+
+                Safe Cloud Usage:
+                • Only use approved cloud services
+                • Read terms of service
+                • Understand data ownership
+                • Configure privacy settings
+                • Regular permission reviews
+                • Monitor shared links
+                • Set expiration on shares
+                • Audit access logs
+
+                Common Cloud Risks:
+                • Misconfigured storage buckets
+                • Excessive permissions
+                • Shadow IT
+                • Account takeover
+                • Data leakage
+                • Compliance violations
+                • Insider threats
+                • API vulnerabilities
+                """,
+                keywords=["cloud", "SaaS", "AWS", "Azure", "Google Cloud", "OneDrive", "Dropbox", "Office 365"],
+                severity="high"
+            )
+        ]
+
+        # Add all knowledge items to vector database
+        batch_size = 10
+        for i in range(0, len(knowledge_items), batch_size):
+            batch = knowledge_items[i:i + batch_size]
+
+            embeddings = []
+            documents = []
+            metadatas = []
+            ids = []
+
+            for item in batch:
+                # Generate embedding
+                embedding = self.embedder.encode(item.content).tolist()
+                embeddings.append(embedding)
+
+                # Prepare document
+                documents.append(item.content)
+
+                # Prepare metadata
+                metadatas.append(item.to_dict())
+
+                # Generate unique ID
+                doc_id = hashlib.md5(
+                    f"{item.topic.value}_{item.title}_{len(item.content)}".encode()
+                ).hexdigest()
+                ids.append(doc_id)
+
+            # Add batch to collection
+            self.collection.add(
+                embeddings=embeddings,
+                documents=documents,
+                metadatas=metadatas,
+                ids=ids
+            )
+
+            logger.info(f"Added batch {i // batch_size + 1} of knowledge items")
+
+        logger.info(f"Successfully loaded {len(knowledge_items)} knowledge items")
+
+    def search(self,
+               query: str,
+               k: int = 3,
+               filter_topic: Optional[str] = None,
+               min_severity: Optional[str] = None) -> List[Dict[str, Any]]:
+        """
+        Search for relevant security information
+
+        Args:
+            query: User's question
+            k: Number of results to return
+            filter_topic: Optional topic filter
+            min_severity: Minimum severity level filter
+
+        Returns:
+            List of relevant documents with metadata
+        """
+
+        self.stats["queries_processed"] += 1
+
+        # Generate query embedding
+        query_embedding = self.embedder.encode(query).tolist()
+
+        # Build filter
+        where_filter = {}
+        if filter_topic:
+            where_filter["topic"] = filter_topic
+        if min_severity:
+            severity_levels = ["low", "medium", "high", "critical"]
+            min_index = severity_levels.index(min_severity)
+            valid_severities = severity_levels[min_index:]
+            where_filter["severity"] = {"$in": valid_severities}
+
+        # Search with or without filter
+        if where_filter:
+            results = self.collection.query(
+                query_embeddings=[query_embedding],
+                n_results=k,
+                where=where_filter
+            )
+        else:
+            results = self.collection.query(
+                query_embeddings=[query_embedding],
+                n_results=k
+            )
+
+        # Format results
+        formatted_results = []
+        if results['documents'] and results['documents'][0]:
+            for doc, metadata, distance in zip(
+                    results['documents'][0],
+                    results['metadatas'][0],
+                    results['distances'][0]
+            ):
+                formatted_results.append({
+                    'content': doc,
+                    'topic': metadata.get('topic', 'unknown'),
+                    'title': metadata.get('title', 'Untitled'),
+                    'severity': metadata.get('severity', 'medium'),
+                    'keywords': json.loads(metadata.get('keywords', '[]')),  # Deserialize JSON string back to list
+                    'relevance_score': 1 - (distance / 2)  # Convert distance to similarity
+                })
+
+        return formatted_results
+
+    def add_custom_knowledge(self,
+                             content: str,
+                             topic: str,
+                             title: str,
+                             keywords: List[str],
+                             severity: str = "medium") -> bool:
+        """
+        Add custom security knowledge to the database
+
+        Args:
+            content: Knowledge content
+            topic: Topic category
+            title: Title of the knowledge
+            keywords: Related keywords
+            severity: Severity level
+
+        Returns:
+            Success status
+        """
+
+        try:
+            # Generate embedding
+            embedding = self.embedder.encode(content).tolist()
+
+            # Generate unique ID
+            doc_id = hashlib.md5(
+                f"{topic}_{title}_{len(content)}_{datetime.now().isoformat()}".encode()
+            ).hexdigest()
+
+            # Add to collection
+            self.collection.add(
+                embeddings=[embedding],
+                documents=[content],
+                metadatas=[{
+                    "topic": topic,
+                    "title": title,
+                    "keywords": json.dumps(keywords),  # Serialize list to JSON string
+                    "severity": severity,
+                    "last_updated": datetime.now().isoformat(),
+                    "custom": True
+                }],
+                ids=[doc_id]
+            )
+
+            self.stats["total_documents"] = self.collection.count()
+            logger.info(f"Added custom knowledge: {title}")
+            return True
+
+        except Exception as e:
+            logger.error(f"Failed to add custom knowledge: {e}")
+            return False
+
+    def get_statistics(self) -> Dict[str, Any]:
+        """Get knowledge base statistics"""
+
+        self.stats["total_documents"] = self.collection.count()
+        self.stats["last_accessed"] = datetime.now().isoformat()
+
+        # Get topic distribution
+        all_metadata = self.collection.get()['metadatas']
+        topic_counts = {}
+        severity_counts = {}
+
+        for metadata in all_metadata:
+            topic = metadata.get('topic', 'unknown')
+            severity = metadata.get('severity', 'unknown')
+
+            topic_counts[topic] = topic_counts.get(topic, 0) + 1
+            severity_counts[severity] = severity_counts.get(severity, 0) + 1
+
+        self.stats["topic_distribution"] = topic_counts
+        self.stats["severity_distribution"] = severity_counts
+
+        return self.stats
+
+    def export_knowledge(self, output_file: str = "knowledge_export.json") -> bool:
+        """Export all knowledge to JSON file"""
+
+        try:
+            all_data = self.collection.get()
+
+            export_data = {
+                "exported_at": datetime.now().isoformat(),
+                "total_documents": len(all_data['ids']),
+                "documents": []
+            }
+
+            for doc, metadata, doc_id in zip(
+                    all_data['documents'],
+                    all_data['metadatas'],
+                    all_data['ids']
+            ):
+                export_data["documents"].append({
+                    "id": doc_id,
+                    "content": doc,
+                    "metadata": metadata
+                })
+
+            with open(output_file, 'w') as f:
+                json.dump(export_data, f, indent=2)
+
+            logger.info(f"Exported knowledge to {output_file}")
+            return True
+
+        except Exception as e:
+            logger.error(f"Failed to export knowledge: {e}")
+            return False
+
+
+# ================================================
+# RAG-Enhanced LLM Class
+# ================================================
+
+class RAGCybersecurityLLM(CybersecurityLLM):
+    def __init__(self,
+                 repo_id: str = "daskalos-apps/phi4-cybersec-Q4_K_M",
+                 filename: str = "phi4-mini-instruct-Q4_K_M.gguf",
+                 local_dir: str = "./models",
+                 knowledge_dir: str = "./knowledge_db",
+                 force_download: bool = False):
+        """
+        Initialize LLM with RAG capabilities
+
+        Args:
+            repo_id: Hugging Face repository ID
+            filename: Model filename
+            local_dir: Local cache directory
+            knowledge_dir: Knowledge base directory
+            force_download: Force model re-download
+        """
+
+        # Initialize base LLM
+        super().__init__(repo_id, filename, local_dir, force_download)
+
+        # Initialize knowledge base
+        logger.info("Initializing RAG knowledge base...")
+        self.knowledge_base = CybersecurityKnowledgeBase(persist_directory=knowledge_dir)
+
+        # Enhanced system prompt for RAG
+        self.rag_prompt_template = """<|system|>
+{system}
+
+You have access to a comprehensive cybersecurity knowledge base. Use the provided context to give accurate, detailed answers. If the context doesn't contain relevant information, use your general knowledge but indicate when you're doing so.
+<|end|>
+<|user|>
+Context from knowledge base:
+{context}
+
+User Question: {user}
+<|end|>
+<|assistant|>"""
+
+    def generate_with_rag(self,
+                          prompt: str,
+                          max_tokens: int = 512,
+                          use_rag: bool = True,
+                          k_documents: int = 3,
+                          min_relevance: float = 0.5) -> Dict[str, Any]:
+        """
+        Generate response with RAG enhancement
+
+        Args:
+            prompt: User's question
+            max_tokens: Maximum response length
+            use_rag: Whether to use RAG
+            k_documents: Number of documents to retrieve
+            min_relevance: Minimum relevance threshold
+
+        Returns:
+            Response with metadata and sources
+        """
+
+        context = None
+        sources = []
+
+        if use_rag:
+            # Search knowledge base
+            logger.info(f"Searching knowledge base for: {prompt[:50]}...")
+            relevant_docs = self.knowledge_base.search(prompt, k=k_documents)
+
+            # Filter by relevance
+            relevant_docs = [
+                doc for doc in relevant_docs
+                if doc.get('relevance_score', 0) >= min_relevance
+            ]
+
+            if relevant_docs:
+                # Build context from relevant documents
+                context_parts = []
+                for i, doc in enumerate(relevant_docs, 1):
+                    context_parts.append(
+                        f"[Source {i}: {doc['title']} - Severity: {doc['severity']}]\n"
+                        f"{doc['content'][:1000]}..."  # Limit context length
+                    )
+                    sources.append({
+                        "title": doc['title'],
+                        "topic": doc['topic'],
+                        "severity": doc['severity'],
+                        "relevance": doc['relevance_score']
+                    })
+
+                context = "\n\n".join(context_parts)
+                logger.info(f"Found {len(relevant_docs)} relevant documents")
+            else:
+                logger.info("No highly relevant documents found")
+
+        # Generate response
+        if context and use_rag:
+            # Use RAG prompt template
+            full_prompt = self.rag_prompt_template.format(
+                system=self.system_prompt,
+                context=context,
+                user=prompt
+            )
+        else:
+            # Use standard prompt template
+            full_prompt = self.format_prompt(prompt)
+
+        try:
+            response = self.llm(
+                full_prompt,
+                max_tokens=max_tokens,
+                temperature=0.7,
+                top_p=0.95,
+                top_k=40,
+                repeat_penalty=1.1,
+                stop=self.stop_tokens,
+                echo=False
+            )
+
+            text = response['choices'][0]['text'].strip()
+
+            return {
+                "response": text,
+                "tokens_used": response['usage']['total_tokens'],
+                "model": self.model_info['repo_id'],
+                "sources": sources,
+                "rag_used": use_rag and bool(context)
+            }
+
+        except Exception as e:
+            logger.error(f"Generation error: {e}")
+            return {
+                "response": "I apologize, but I encountered an error. Please try rephrasing your question.",
+                "error": str(e),
+                "sources": [],
+                "rag_used": False
+            }
+
+    def generate_stream_with_rag(self,
+                                 prompt: str,
+                                 max_tokens: int = 512,
+                                 use_rag: bool = True,
+                                 k_documents: int = 3) -> Generator:
+        """Stream response with RAG enhancement"""
+
+        # Get context if using RAG
+        context = None
+        if use_rag:
+            relevant_docs = self.knowledge_base.search(prompt, k=k_documents)
+            if relevant_docs:
+                context_parts = [f"{doc['title']}: {doc['content'][:500]}" for doc in relevant_docs]
+                context = "\n\n".join(context_parts)
+
+        # Generate prompt
+        if context:
+            full_prompt = self.rag_prompt_template.format(
+                system=self.system_prompt,
+                context=context,
+                user=prompt
+            )
+        else:
+            full_prompt = self.format_prompt(prompt)
+
+        # Stream response
+        stream = self.llm(
+            full_prompt,
+            max_tokens=max_tokens,
+            temperature=0.7,
+            top_p=0.95,
+            top_k=40,
+            repeat_penalty=1.1,
+            stop=self.stop_tokens,
+            echo=False,
+            stream=True
+        )
+
+        for output in stream:
+            token = output['choices'][0].get('text', '')
+            if token:
+                yield token
+
+    def add_knowledge(self, content: str, topic: str, title: str, keywords: List[str]) -> bool:
+        """Add new knowledge to the RAG system"""
+        return self.knowledge_base.add_custom_knowledge(
+            content=content,
+            topic=topic,
+            title=title,
+            keywords=keywords
+        )
+
+    def get_knowledge_stats(self) -> Dict[str, Any]:
+        """Get knowledge base statistics"""
+        return self.knowledge_base.get_statistics()

llm_handler.py

@@ -0,0 +1,185 @@
+from llama_cpp import Llama
+from typing import Generator, Optional, Dict, Any
+import logging
+import os
+from huggingface_hub import hf_hub_download
+import hashlib
+
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+
+class CybersecurityLLM:
+    def __init__(self,
+                 repo_id: str = "daskalos-apps/phi4-cybersec-Q4_K_M",
+                 filename: str = "phi4-mini-instruct-Q4_K_M.gguf",
+                 local_dir: str = "./models",
+                 force_download: bool = False):
+        """
+        Initialize Phi-4 from Hugging Face
+
+        Args:
+            repo_id: Your Hugging Face repository ID
+            filename: The GGUF filename in the repository
+            local_dir: Local directory to cache the model
+            force_download: Force re-download even if cached
+        """
+
+        # Create local directory if it doesn't exist
+        os.makedirs(local_dir, exist_ok=True)
+
+        # Download model from Hugging Face
+        logger.info(f"Loading model from Hugging Face: {repo_id}")
+
+        try:
+            model_path = hf_hub_download(
+                repo_id=repo_id,
+                filename=filename,
+                local_dir=local_dir,
+                local_dir_use_symlinks=False,
+                force_download=force_download
+            )
+            logger.info(f"Model downloaded/cached at: {model_path}")
+        except Exception as e:
+            logger.error(f"Failed to download model: {e}")
+            # Fallback to local file if exists
+            model_path = os.path.join(local_dir, filename)
+            if not os.path.exists(model_path):
+                raise FileNotFoundError(f"Model not found locally or on Hugging Face: {repo_id}")
+
+        # Initialize llama.cpp with the model
+        logger.info("Initializing model...")
+        self.llm = Llama(
+            model_path=model_path,
+            n_ctx=4096,  # Context window
+            n_batch=512,  # Batch size for prompt processing
+            n_threads=8,  # Adjust based on CPU cores
+            n_gpu_layers=0,  # CPU only
+            seed=-1,  # Random seed
+            f16_kv=True,  # Use f16 for key/value cache
+            logits_all=False,  # Only compute logits for last token
+            vocab_only=False,  # Load full model
+            use_mmap=True,  # Memory-map model for efficiency
+            use_mlock=False,  # Don't lock model in RAM
+            verbose=False
+        )
+
+        # Store model info
+        self.model_info = {
+            "repo_id": repo_id,
+            "filename": filename,
+            "path": model_path,
+            "size_mb": os.path.getsize(model_path) / (1024 * 1024)
+        }
+
+        # Cybersecurity-focused system prompt
+        self.system_prompt = """You are a cybersecurity expert assistant helping employees understand and implement security best practices. Your role is to provide clear, actionable guidance that non-technical users can understand and apply.
+
+Core expertise areas:
+• Email Security & Phishing Detection
+• Password Management & Authentication
+• Malware Prevention & Detection
+• Safe Browsing & Download Practices
+• Data Protection & Encryption
+• Social Engineering Defense
+• Remote Work Security
+• Incident Response & Reporting
+• Physical Security
+• Mobile Device Security
+• Cloud Security Basics
+• Compliance Basics (GDPR, HIPAA, etc.)
+
+Guidelines:
+- Always prioritize user safety and security
+- Provide step-by-step instructions when applicable
+- Use simple language, avoid excessive jargon
+- Include real-world examples
+- Emphasize prevention over remediation
+- Never ask users to disable security features
+- If unsure, recommend consulting IT security team"""
+
+        # Phi-4 uses ChatML format
+        self.prompt_template = """<|system|>
+{system}<|end|>
+<|user|>
+{user}<|end|>
+<|assistant|>"""
+
+        self.stop_tokens = ["<|end|>", "<|user|>", "<|endoftext|>", "<|assistant|>"]
+
+        logger.info(f"Model ready! Size: {self.model_info['size_mb']:.2f} MB")
+
+    def format_prompt(self, user_input: str, context: Optional[str] = None) -> str:
+        """Format prompt with optional context for RAG"""
+        if context:
+            user_input = f"Context: {context}\n\nQuestion: {user_input}"
+
+        return self.prompt_template.format(
+            system=self.system_prompt,
+            user=user_input
+        )
+
+    def generate(self,
+                 prompt: str,
+                 max_tokens: int = 512,
+                 temperature: float = 0.7,
+                 context: Optional[str] = None) -> Dict[str, Any]:
+        """Generate response with metadata"""
+
+        full_prompt = self.format_prompt(prompt, context)
+
+        try:
+            response = self.llm(
+                full_prompt,
+                max_tokens=max_tokens,
+                temperature=temperature,
+                top_p=0.95,
+                top_k=40,
+                repeat_penalty=1.1,
+                stop=self.stop_tokens,
+                echo=False
+            )
+
+            text = response['choices'][0]['text'].strip()
+
+            return {
+                "response": text,
+                "tokens_used": response['usage']['total_tokens'],
+                "model": self.model_info['repo_id']
+            }
+
+        except Exception as e:
+            logger.error(f"Generation error: {e}")
+            return {
+                "response": "I apologize, but I encountered an error. Please try rephrasing your question.",
+                "error": str(e)
+            }
+
+    def generate_stream(self,
+                        prompt: str,
+                        max_tokens: int = 512,
+                        context: Optional[str] = None) -> Generator:
+        """Stream response tokens"""
+
+        full_prompt = self.format_prompt(prompt, context)
+
+        stream = self.llm(
+            full_prompt,
+            max_tokens=max_tokens,
+            temperature=0.7,
+            top_p=0.95,
+            top_k=40,
+            repeat_penalty=1.1,
+            stop=self.stop_tokens,
+            echo=False,
+            stream=True
+        )
+
+        for output in stream:
+            token = output['choices'][0].get('text', '')
+            if token:
+                yield token
+
+    def get_model_info(self) -> Dict[str, Any]:
+        """Get information about the loaded model"""
+        return self.model_info

main.py

@@ -0,0 +1,480 @@
+from fastapi import FastAPI, HTTPException, WebSocket, WebSocketDisconnect, BackgroundTasks
+from fastapi.responses import StreamingResponse, JSONResponse, FileResponse
+from fastapi.middleware.cors import CORSMiddleware
+from pydantic import BaseModel, Field
+from typing import Optional, List, Dict, Any
+from datetime import datetime
+import asyncio
+import json
+import uuid
+import os
+import sqlite3
+from contextlib import asynccontextmanager
+
+# Import our handlers
+from llm_handler import CybersecurityLLM
+from knowledge_base import RAGCybersecurityLLM
+from optimisations import PerformanceOptimizer, MemoryManager
+
+# Configuration from environment variables
+MODEL_REPO = os.getenv("MODEL_REPO", "daskalos-apps/phi4-cybersec-Q4_K_M")
+MODEL_FILENAME = os.getenv("MODEL_FILENAME", "phi4-mini-instruct-Q4_K_M.gguf")
+USE_RAG = os.getenv("USE_RAG", "true").lower() == "true"
+CACHE_ENABLED = os.getenv("CACHE_ENABLED", "true").lower() == "true"
+
+# Global instances
+llm_instance = None
+optimizer = None
+memory_manager = None
+
+# Database setup
+# Support multiple deployment platforms: /data (HF Spaces), /app/data (Render/Railway), or local
+if os.path.exists("/data"):
+    DB_PATH = "/data/interactions.db"
+elif os.path.exists("/app/data"):
+    DB_PATH = "/app/data/interactions.db"
+else:
+    DB_PATH = "interactions.db"
+
+def init_db():
+    """Initialize SQLite database for interaction tracking"""
+    conn = sqlite3.connect(DB_PATH)
+    cursor = conn.cursor()
+    cursor.execute("""
+        CREATE TABLE IF NOT EXISTS interactions (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            timestamp TEXT NOT NULL,
+            session_id TEXT,
+            message TEXT,
+            response_length INTEGER
+        )
+    """)
+    cursor.execute("""
+        CREATE TABLE IF NOT EXISTS interaction_count (
+            id INTEGER PRIMARY KEY CHECK (id = 1),
+            count INTEGER DEFAULT 0
+        )
+    """)
+    cursor.execute("INSERT OR IGNORE INTO interaction_count (id, count) VALUES (1, 0)")
+    conn.commit()
+    conn.close()
+
+def increment_interaction():
+    """Increment interaction count and return new count"""
+    conn = sqlite3.connect(DB_PATH)
+    cursor = conn.cursor()
+    cursor.execute("UPDATE interaction_count SET count = count + 1 WHERE id = 1")
+    cursor.execute("SELECT count FROM interaction_count WHERE id = 1")
+    count = cursor.fetchone()[0]
+    conn.commit()
+    conn.close()
+    return count
+
+def get_interaction_count():
+    """Get current interaction count"""
+    conn = sqlite3.connect(DB_PATH)
+    cursor = conn.cursor()
+    cursor.execute("SELECT count FROM interaction_count WHERE id = 1")
+    count = cursor.fetchone()[0]
+    conn.close()
+    return count
+
+def log_interaction(session_id: str, message: str, response_length: int):
+    """Log interaction details"""
+    conn = sqlite3.connect(DB_PATH)
+    cursor = conn.cursor()
+    cursor.execute(
+        "INSERT INTO interactions (timestamp, session_id, message, response_length) VALUES (?, ?, ?, ?)",
+        (datetime.now().isoformat(), session_id, message, response_length)
+    )
+    conn.commit()
+    conn.close()
+
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    """Startup and shutdown events"""
+    global llm_instance, optimizer, memory_manager
+
+    # Startup
+    print(f"🚀 Loading model from Hugging Face: {MODEL_REPO}")
+
+    # Initialize database
+    init_db()
+    print("✅ Database initialized")
+
+    try:
+        if USE_RAG:
+            llm_instance = RAGCybersecurityLLM(
+                repo_id=MODEL_REPO,
+                filename=MODEL_FILENAME
+            )
+        else:
+            llm_instance = CybersecurityLLM(
+                repo_id=MODEL_REPO,
+                filename=MODEL_FILENAME
+            )
+
+        if CACHE_ENABLED:
+            optimizer = PerformanceOptimizer()
+
+        memory_manager = MemoryManager()
+
+        print("✅ Cybersecurity Chatbot ready!")
+        print(f"📦 Model: {MODEL_REPO}")
+        print(f"💾 Size: {llm_instance.get_model_info()['size_mb']:.2f} MB")
+        print(f"🔧 RAG: {'Enabled' if USE_RAG else 'Disabled'}")
+        print(f"⚡ Cache: {'Enabled' if CACHE_ENABLED else 'Disabled'}")
+
+    except Exception as e:
+        print(f"❌ Failed to load model: {e}")
+        raise
+
+    yield
+
+    # Shutdown
+    print("👋 Shutting down...")
+
+
+# Initialize FastAPI with lifespan
+app = FastAPI(
+    title="Cybersecurity Training Chatbot API",
+    description="AI-powered cybersecurity guidance using Phi-4 from Hugging Face",
+    version="2.0.0",
+    lifespan=lifespan
+)
+
+# CORS for web interface
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+
+# Request/Response models
+class ChatRequest(BaseModel):
+    message: str = Field(..., description="User's security question")
+    session_id: Optional[str] = Field(None, description="Session ID for conversation continuity")
+    max_tokens: Optional[int] = Field(512, description="Maximum response length")
+    temperature: Optional[float] = Field(0.7, description="Response creativity (0-1)")
+    use_rag: Optional[bool] = Field(True, description="Use RAG for enhanced accuracy")
+    use_cache: Optional[bool] = Field(True, description="Use cached responses if available")
+
+
+class ChatResponse(BaseModel):
+    response: str
+    session_id: str
+    timestamp: str
+    model: str
+    tokens_used: Optional[int] = None
+    cached: bool = False
+    sources: Optional[List[str]] = None
+
+
+class ModelInfo(BaseModel):
+    repo_id: str
+    filename: str
+    size_mb: float
+    rag_enabled: bool
+    cache_enabled: bool
+
+
+# Session management
+sessions: Dict[str, List[Dict[str, Any]]] = {}
+
+
+@app.get("/", response_model=Dict[str, str])
+async def root():
+    """API root endpoint"""
+    return {
+        "message": "Cybersecurity Training Chatbot API",
+        "model": MODEL_REPO,
+        "documentation": "/docs",
+        "health": "/health"
+    }
+
+
+@app.get("/health")
+async def health_check():
+    """Check API and model health"""
+    if llm_instance is None:
+        raise HTTPException(status_code=503, detail="Model not loaded")
+
+    memory_status = memory_manager.check_memory() if memory_manager else {}
+
+    return {
+        "status": "healthy",
+        "model": MODEL_REPO,
+        "version": "2.0.0",
+        "memory": memory_status,
+        "cache_enabled": CACHE_ENABLED,
+        "rag_enabled": USE_RAG
+    }
+
+
+@app.get("/model/info", response_model=ModelInfo)
+async def model_info():
+    """Get information about the loaded model"""
+    if llm_instance is None:
+        raise HTTPException(status_code=503, detail="Model not loaded")
+
+    info = llm_instance.get_model_info()
+
+    return ModelInfo(
+        repo_id=info['repo_id'],
+        filename=info['filename'],
+        size_mb=info['size_mb'],
+        rag_enabled=USE_RAG,
+        cache_enabled=CACHE_ENABLED
+    )
+
+
+@app.post("/chat", response_model=ChatResponse)
+async def chat(request: ChatRequest):
+    """Main chat endpoint"""
+    if llm_instance is None:
+        raise HTTPException(status_code=503, detail="Model not loaded")
+
+    try:
+        # Generate or get session ID
+        session_id = request.session_id or str(uuid.uuid4())
+
+        # Initialize session if new
+        if session_id not in sessions:
+            sessions[session_id] = []
+
+        # Store user message
+        sessions[session_id].append({
+            "role": "user",
+            "content": request.message,
+            "timestamp": datetime.now().isoformat()
+        })
+
+        # Check cache if enabled
+        cached = False
+        response_text = None
+        sources = None
+
+        if CACHE_ENABLED and request.use_cache and optimizer:
+            cached_response = optimizer.get_cached_response(request.message)
+            if cached_response:
+                response_text = cached_response
+                cached = True
+
+        # Generate response if not cached
+        if response_text is None:
+            if USE_RAG and hasattr(llm_instance, 'generate_with_rag'):
+                result = llm_instance.generate_with_rag(
+                    request.message,
+                    max_tokens=request.max_tokens,
+                    use_rag=request.use_rag
+                )
+                sources = result.get('sources', [])
+            else:
+                result = llm_instance.generate(
+                    request.message,
+                    max_tokens=request.max_tokens,
+                    temperature=request.temperature
+                )
+
+            response_text = result["response"]
+
+            # Cache the response
+            if CACHE_ENABLED and optimizer and request.use_cache:
+                optimizer.cache_response(request.message, response_text)
+
+        # Store assistant response
+        sessions[session_id].append({
+            "role": "assistant",
+            "content": response_text,
+            "timestamp": datetime.now().isoformat()
+        })
+
+        # Limit session history
+        if len(sessions[session_id]) > 20:
+            sessions[session_id] = sessions[session_id][-20:]
+
+        # Check memory usage
+        if memory_manager:
+            memory_manager.optimize_if_needed()
+
+        return ChatResponse(
+            response=response_text,
+            session_id=session_id,
+            timestamp=datetime.now().isoformat(),
+            model=MODEL_REPO,
+            cached=cached,
+            sources=sources
+        )
+
+    except Exception as e:
+        logger.error(f"Chat error: {e}")
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@app.post("/chat/stream")
+async def chat_stream(request: ChatRequest):
+    """Streaming chat endpoint"""
+    if llm_instance is None:
+        raise HTTPException(status_code=503, detail="Model not loaded")
+
+    # Track interaction
+    count = increment_interaction()
+    session_id = request.session_id or str(uuid.uuid4())
+
+    async def generate():
+        try:
+            full_response = ""
+
+            # Send initial metadata
+            yield f"data: {json.dumps({'type': 'start', 'session_id': session_id, 'model': MODEL_REPO, 'interaction_count': count})}\n\n"
+
+            # Stream tokens
+            for token in llm_instance.generate_stream(
+                    request.message,
+                    max_tokens=request.max_tokens
+            ):
+                full_response += token
+                yield f"data: {json.dumps({'type': 'token', 'content': token})}\n\n"
+                await asyncio.sleep(0)
+
+            # Log interaction
+            log_interaction(session_id, request.message, len(full_response))
+
+            yield f"data: {json.dumps({'type': 'end'})}\n\n"
+
+        except Exception as e:
+            yield f"data: {json.dumps({'type': 'error', 'message': str(e)})}\n\n"
+
+    return StreamingResponse(generate(), media_type="text/event-stream")
+
+
+@app.websocket("/ws/chat")
+async def websocket_chat(websocket: WebSocket):
+    """WebSocket endpoint for real-time chat"""
+    await websocket.accept()
+
+    if llm_instance is None:
+        await websocket.send_json({"type": "error", "message": "Model not loaded"})
+        await websocket.close()
+        return
+
+    session_id = str(uuid.uuid4())
+
+    try:
+        await websocket.send_json({
+            "type": "connected",
+            "session_id": session_id,
+            "model": MODEL_REPO
+        })
+
+        while True:
+            # Receive message
+            data = await websocket.receive_text()
+            request = json.loads(data)
+
+            # Send acknowledgment
+            await websocket.send_json({
+                "type": "acknowledged",
+                "session_id": session_id
+            })
+
+            # Generate and stream response
+            full_response = ""
+
+            for token in llm_instance.generate_stream(request.get('message', '')):
+                full_response += token
+                await websocket.send_json({
+                    "type": "token",
+                    "content": token
+                })
+                await asyncio.sleep(0)
+
+            # Send completion
+            await websocket.send_json({
+                "type": "complete",
+                "full_response": full_response
+            })
+
+    except WebSocketDisconnect:
+        if session_id in sessions:
+            del sessions[session_id]
+
+
+@app.get("/sessions/{session_id}")
+async def get_session(session_id: str):
+    """Retrieve session history"""
+    if session_id not in sessions:
+        raise HTTPException(status_code=404, detail="Session not found")
+
+    return {
+        "session_id": session_id,
+        "messages": sessions[session_id],
+        "model": MODEL_REPO
+    }
+
+
+@app.delete("/sessions/{session_id}")
+async def clear_session(session_id: str):
+    """Clear session history"""
+    if session_id in sessions:
+        del sessions[session_id]
+
+    return {"message": "Session cleared"}
+
+
+@app.get("/interactions/count")
+async def get_interactions_count():
+    """Get total interaction count"""
+    count = get_interaction_count()
+    return {"count": count}
+
+
+@app.get("/metrics")
+async def get_metrics():
+    """Get performance metrics"""
+    metrics = {
+        "model": MODEL_REPO,
+        "sessions_active": len(sessions),
+        "total_messages": sum(len(s) for s in sessions.values()),
+        "total_interactions": get_interaction_count()
+    }
+
+    if optimizer:
+        metrics["cache"] = optimizer.get_metrics()
+
+    if memory_manager:
+        metrics["memory"] = memory_manager.check_memory()
+
+    return metrics
+
+
+@app.post("/cache/clear")
+async def clear_cache():
+    """Clear response cache"""
+    if not CACHE_ENABLED or not optimizer:
+        raise HTTPException(status_code=400, detail="Cache not enabled")
+
+    optimizer.clear_cache()
+    return {"message": "Cache cleared"}
+
+
+@app.get("/test")
+async def serve_test_interface():
+    """Serve the test interface HTML"""
+    return FileResponse("test_interface.html")
+
+
+if __name__ == "__main__":
+    import uvicorn
+
+    uvicorn.run(
+        app,
+        host="0.0.0.0",
+        port=8000,
+        log_level="info",
+        access_log=True
+    )

monitoring.py

@@ -0,0 +1,302 @@
+import logging
+import time
+from datetime import datetime, timedelta
+from typing import Dict, Any, List
+import json
+import asyncio
+from dataclasses import dataclass, asdict
+import psutil
+from collections import deque
+
+# Configure structured logging
+logging.basicConfig(
+    level=logging.INFO,
+    format='%(asctime)s - %(name)s - %(levelname)s - %(message)s',
+    handlers=[
+        logging.FileHandler('logs/chatbot.log'),
+        logging.StreamHandler()
+    ]
+)
+
+logger = logging.getLogger(__name__)
+
+
+@dataclass
+class RequestMetric:
+    timestamp: datetime
+    endpoint: str
+    response_time: float
+    status_code: int
+    prompt_length: int
+    response_length: int
+    cached: bool
+    session_id: str
+
+
+class PerformanceMonitor:
+    def __init__(self, window_size: int = 1000):
+        """Initialize performance monitoring"""
+
+        self.window_size = window_size
+        self.request_metrics = deque(maxlen=window_size)
+        self.start_time = datetime.now()
+
+        # Real-time metrics
+        self.metrics = {
+            "total_requests": 0,
+            "successful_requests": 0,
+            "failed_requests": 0,
+            "cache_hits": 0,
+            "cache_misses": 0,
+            "average_response_time": 0,
+            "p95_response_time": 0,
+            "p99_response_time": 0,
+            "requests_per_minute": 0,
+            "active_sessions": set(),
+            "uptime_hours": 0
+        }
+
+        # System metrics
+        self.system_metrics = {
+            "cpu_percent": 0,
+            "memory_mb": 0,
+            "memory_percent": 0,
+            "disk_usage_percent": 0
+        }
+
+    def log_request(self, metric: RequestMetric):
+        """Log request metric"""
+
+        self.request_metrics.append(metric)
+        self.metrics["total_requests"] += 1
+
+        if metric.status_code == 200:
+            self.metrics["successful_requests"] += 1
+        else:
+            self.metrics["failed_requests"] += 1
+
+        if metric.cached:
+            self.metrics["cache_hits"] += 1
+        else:
+            self.metrics["cache_misses"] += 1
+
+        self.metrics["active_sessions"].add(metric.session_id)
+
+        # Log to file
+        logger.info(f"Request: {json.dumps(asdict(metric), default=str)}")
+
+        # Update aggregated metrics
+        self._update_aggregates()
+
+    def _update_aggregates(self):
+        """Update aggregated metrics"""
+
+        if not self.request_metrics:
+            return
+
+        # Response time percentiles
+        response_times = sorted([m.response_time for m in self.request_metrics])
+
+        self.metrics["average_response_time"] = sum(response_times) / len(response_times)
+
+        p95_idx = int(len(response_times) * 0.95)
+        p99_idx = int(len(response_times) * 0.99)
+
+        self.metrics["p95_response_time"] = response_times[min(p95_idx, len(response_times) - 1)]
+        self.metrics["p99_response_time"] = response_times[min(p99_idx, len(response_times) - 1)]
+
+        # Requests per minute
+        now = datetime.now()
+        recent_requests = [
+            m for m in self.request_metrics
+            if (now - m.timestamp).total_seconds() < 60
+        ]
+        self.metrics["requests_per_minute"] = len(recent_requests)
+
+        # Uptime
+        self.metrics["uptime_hours"] = (now - self.start_time).total_seconds() / 3600
+
+        # Cache hit rate
+        if self.metrics["total_requests"] > 0:
+            self.metrics["cache_hit_rate"] = (
+                    self.metrics["cache_hits"] / self.metrics["total_requests"]
+            )
+
+    def update_system_metrics(self):
+        """Update system resource metrics"""
+
+        process = psutil.Process()
+
+        self.system_metrics["cpu_percent"] = process.cpu_percent()
+        self.system_metrics["memory_mb"] = process.memory_info().rss / 1024 / 1024
+        self.system_metrics["memory_percent"] = process.memory_percent()
+
+        disk = psutil.disk_usage('/')
+        self.system_metrics["disk_usage_percent"] = disk.percent
+
+        return self.system_metrics
+
+    def get_dashboard_metrics(self) -> Dict[str, Any]:
+        """Get metrics for dashboard display"""
+
+        self.update_system_metrics()
+
+        return {
+            "performance": self.metrics,
+            "system": self.system_metrics,
+            "health_score": self._calculate_health_score()
+        }
+
+    def _calculate_health_score(self) -> float:
+        """Calculate overall system health score (0-100)"""
+
+        score = 100.0
+
+        # Deduct for high response times
+        if self.metrics["average_response_time"] > 5:
+            score -= 20
+        elif self.metrics["average_response_time"] > 2:
+            score -= 10
+
+        # Deduct for errors
+        error_rate = self.metrics["failed_requests"] / max(self.metrics["total_requests"], 1)
+        score -= error_rate * 50
+
+        # Deduct for high memory usage
+        if self.system_metrics["memory_percent"] > 90:
+            score -= 30
+        elif self.system_metrics["memory_percent"] > 70:
+            score -= 10
+
+        # Deduct for low cache hit rate
+        cache_hit_rate = self.metrics.get("cache_hit_rate", 0)
+        if cache_hit_rate < 0.3:
+            score -= 10
+
+        return max(0, min(100, score))
+
+    def generate_report(self) -> str:
+        """Generate performance report"""
+
+        report = f"""
+        CYBERSECURITY CHATBOT PERFORMANCE REPORT
+        =========================================
+        Generated: {datetime.now().isoformat()}
+        Uptime: {self.metrics['uptime_hours']:.2f} hours
+
+        REQUEST METRICS
+        ---------------
+        Total Requests: {self.metrics['total_requests']}
+        Successful: {self.metrics['successful_requests']}
+        Failed: {self.metrics['failed_requests']}
+        Error Rate: {(self.metrics['failed_requests'] / max(self.metrics['total_requests'], 1) * 100):.2f}%
+
+        PERFORMANCE
+        -----------
+        Average Response Time: {self.metrics['average_response_time']:.3f}s
+        P95 Response Time: {self.metrics['p95_response_time']:.3f}s
+        P99 Response Time: {self.metrics['p99_response_time']:.3f}s
+        Requests/Minute: {self.metrics['requests_per_minute']}
+
+        CACHE PERFORMANCE
+        -----------------
+        Cache Hits: {self.metrics['cache_hits']}
+        Cache Misses: {self.metrics['cache_misses']}
+        Hit Rate: {self.metrics.get('cache_hit_rate', 0) * 100:.2f}%
+
+        SYSTEM RESOURCES
+        ----------------
+        CPU Usage: {self.system_metrics['cpu_percent']:.1f}%
+        Memory Usage: {self.system_metrics['memory_mb']:.2f} MB ({self.system_metrics['memory_percent']:.1f}%)
+        Disk Usage: {self.system_metrics['disk_usage_percent']:.1f}%
+
+        HEALTH SCORE: {self._calculate_health_score():.1f}/100
+        """
+
+        return report
+
+
+# Alert system
+class AlertManager:
+    def __init__(self, webhook_url: str = None):
+        """Initialize alert manager"""
+
+        self.webhook_url = webhook_url
+        self.alert_thresholds = {
+            "response_time": 5.0,  # seconds
+            "error_rate": 0.1,  # 10%
+            "memory_percent": 85,
+            "cpu_percent": 90
+        }
+
+        self.alert_history = deque(maxlen=100)
+        self.last_alert_time = {}
+
+    def check_alerts(self, metrics: Dict[str, Any]):
+        """Check if any alerts should be triggered"""
+
+        alerts = []
+
+        # Check response time
+        if metrics["performance"]["average_response_time"] > self.alert_thresholds["response_time"]:
+            alerts.append({
+                "level": "warning",
+                "type": "response_time",
+                "message": f"High response time: {metrics['performance']['average_response_time']:.2f}s"
+            })
+
+        # Check error rate
+        error_rate = metrics["performance"]["failed_requests"] / max(metrics["performance"]["total_requests"], 1)
+        if error_rate > self.alert_thresholds["error_rate"]:
+            alerts.append({
+                "level": "critical",
+                "type": "error_rate",
+                "message": f"High error rate: {error_rate * 100:.2f}%"
+            })
+
+        # Check memory
+        if metrics["system"]["memory_percent"] > self.alert_thresholds["memory_percent"]:
+            alerts.append({
+                "level": "warning",
+                "type": "memory",
+                "message": f"High memory usage: {metrics['system']['memory_percent']:.1f}%"
+            })
+
+        # Check CPU
+        if metrics["system"]["cpu_percent"] > self.alert_thresholds["cpu_percent"]:
+            alerts.append({
+                "level": "warning",
+                "type": "cpu",
+                "message": f"High CPU usage: {metrics['system']['cpu_percent']:.1f}%"
+            })
+
+        # Send alerts
+        for alert in alerts:
+            self._send_alert(alert)
+
+    def _send_alert(self, alert: Dict[str, Any]):
+        """Send alert notification"""
+
+        # Rate limiting - don't send same alert more than once per 5 minutes
+        alert_key = f"{alert['type']}_{alert['level']}"
+        now = datetime.now()
+
+        if alert_key in self.last_alert_time:
+            if (now - self.last_alert_time[alert_key]).seconds < 300:
+                return
+
+        self.last_alert_time[alert_key] = now
+        self.alert_history.append({
+            "timestamp": now.isoformat(),
+            **alert
+        })
+
+        # Log alert
+        if alert["level"] == "critical":
+            logger.error(f"ALERT: {alert['message']}")
+        else:
+            logger.warning(f"ALERT: {alert['message']}")
+
+        # Send to webhook if configured
+        if self.webhook_url:
+            self._send_webhook(alert)

optimisations.py

@@ -0,0 +1,253 @@
+import asyncio
+import hashlib
+import time
+import psutil
+import gc
+from typing import Dict, List, Optional, Any
+from collections import OrderedDict
+from dataclasses import dataclass
+from datetime import datetime, timedelta
+import redis
+import json
+
+
+@dataclass
+class CacheEntry:
+    response: str
+    timestamp: datetime
+    hit_count: int = 0
+
+
+class PerformanceOptimizer:
+    def __init__(self,
+                 cache_size: int = 100,
+                 cache_ttl_hours: int = 24,
+                 use_redis: bool = False):
+        """Initialize performance optimizer with caching"""
+
+        self.cache_size = cache_size
+        self.cache_ttl = timedelta(hours=cache_ttl_hours)
+
+        # Use Redis if available, fallback to in-memory
+        self.use_redis = use_redis
+        if use_redis:
+            try:
+                self.redis_client = redis.Redis(
+                    host='localhost',
+                    port=6379,
+                    decode_responses=True
+                )
+                self.redis_client.ping()
+            except:
+                print("Redis not available, using in-memory cache")
+                self.use_redis = False
+                self.cache = OrderedDict()
+        else:
+            self.cache = OrderedDict()
+
+        # Metrics
+        self.metrics = {
+            "cache_hits": 0,
+            "cache_misses": 0,
+            "total_requests": 0,
+            "average_response_time": 0,
+            "memory_usage_mb": 0
+        }
+
+    def _hash_prompt(self, prompt: str) -> str:
+        """Create hash for caching"""
+        normalized = prompt.lower().strip()
+        return hashlib.md5(normalized.encode()).hexdigest()
+
+    def get_cached_response(self, prompt: str) -> Optional[str]:
+        """Get response from cache if available"""
+
+        self.metrics["total_requests"] += 1
+        prompt_hash = self._hash_prompt(prompt)
+
+        if self.use_redis:
+            cached = self.redis_client.get(f"chat:{prompt_hash}")
+            if cached:
+                self.metrics["cache_hits"] += 1
+                # Update hit count
+                self.redis_client.hincrby(f"chat:stats:{prompt_hash}", "hits", 1)
+                return json.loads(cached)["response"]
+        else:
+            if prompt_hash in self.cache:
+                entry = self.cache[prompt_hash]
+                # Check TTL
+                if datetime.now() - entry.timestamp < self.cache_ttl:
+                    self.metrics["cache_hits"] += 1
+                    entry.hit_count += 1
+                    # Move to end (LRU)
+                    self.cache.move_to_end(prompt_hash)
+                    return entry.response
+                else:
+                    # Expired
+                    del self.cache[prompt_hash]
+
+        self.metrics["cache_misses"] += 1
+        return None
+
+    def cache_response(self, prompt: str, response: str):
+        """Cache a response"""
+
+        prompt_hash = self._hash_prompt(prompt)
+
+        if self.use_redis:
+            cache_data = {
+                "response": response,
+                "timestamp": datetime.now().isoformat()
+            }
+            self.redis_client.setex(
+                f"chat:{prompt_hash}",
+                int(self.cache_ttl.total_seconds()),
+                json.dumps(cache_data)
+            )
+            self.redis_client.hset(
+                f"chat:stats:{prompt_hash}",
+                mapping={"hits": 0, "created": datetime.now().isoformat()}
+            )
+        else:
+            # LRU cache management
+            if len(self.cache) >= self.cache_size:
+                # Remove least recently used
+                self.cache.popitem(last=False)
+
+            self.cache[prompt_hash] = CacheEntry(
+                response=response,
+                timestamp=datetime.now()
+            )
+
+    def get_metrics(self) -> Dict[str, Any]:
+        """Get performance metrics"""
+
+        # Update memory usage
+        process = psutil.Process()
+        self.metrics["memory_usage_mb"] = process.memory_info().rss / 1024 / 1024
+
+        # Calculate cache hit rate
+        if self.metrics["total_requests"] > 0:
+            self.metrics["cache_hit_rate"] = (
+                    self.metrics["cache_hits"] / self.metrics["total_requests"]
+            )
+
+        return self.metrics
+
+    def clear_cache(self):
+        """Clear all cached responses"""
+
+        if self.use_redis:
+            for key in self.redis_client.scan_iter("chat:*"):
+                self.redis_client.delete(key)
+        else:
+            self.cache.clear()
+
+        gc.collect()
+
+
+class MemoryManager:
+    def __init__(self, max_memory_mb: int = 8192):
+        """Initialize memory manager"""
+
+        self.max_memory_mb = max_memory_mb
+        self.warning_threshold = 0.8  # Warn at 80% usage
+        self.critical_threshold = 0.9  # Critical at 90% usage
+
+    def check_memory(self) -> Dict[str, Any]:
+        """Check current memory usage"""
+
+        process = psutil.Process()
+        memory_info = process.memory_info()
+
+        current_mb = memory_info.rss / 1024 / 1024
+        percentage = current_mb / self.max_memory_mb
+
+        status = "normal"
+        if percentage > self.critical_threshold:
+            status = "critical"
+        elif percentage > self.warning_threshold:
+            status = "warning"
+
+        return {
+            "current_mb": round(current_mb, 2),
+            "max_mb": self.max_memory_mb,
+            "percentage": round(percentage * 100, 2),
+            "status": status,
+            "available_mb": round(self.max_memory_mb - current_mb, 2)
+        }
+
+    def optimize_if_needed(self) -> bool:
+        """Run optimization if memory usage is high"""
+
+        memory_status = self.check_memory()
+
+        if memory_status["status"] in ["warning", "critical"]:
+            # Force garbage collection
+            gc.collect()
+
+            # Clear unused objects
+            if memory_status["status"] == "critical":
+                # More aggressive cleanup
+                gc.collect(2)
+
+                return True
+
+        return False
+
+
+class RequestBatcher:
+    def __init__(self, batch_size: int = 5, timeout_ms: int = 100):
+        """Initialize request batcher for efficiency"""
+
+        self.batch_size = batch_size
+        self.timeout_ms = timeout_ms
+        self.pending_requests = []
+        self.results = {}
+
+    async def add_request(self, request_id: str, prompt: str) -> str:
+        """Add request to batch"""
+
+        self.pending_requests.append({
+            "id": request_id,
+            "prompt": prompt,
+            "timestamp": time.time()
+        })
+
+        # Process if batch is full
+        if len(self.pending_requests) >= self.batch_size:
+            await self._process_batch()
+        else:
+            # Wait for timeout
+            await asyncio.sleep(self.timeout_ms / 1000)
+            if request_id not in self.results:
+                await self._process_batch()
+
+        return self.results.get(request_id, "Error processing request")
+
+    async def _process_batch(self):
+        """Process pending requests as batch"""
+
+        if not self.pending_requests:
+            return
+
+        batch = self.pending_requests[:self.batch_size]
+        self.pending_requests = self.pending_requests[self.batch_size:]
+
+        # Process batch (simulate concurrent processing)
+        tasks = []
+        for request in batch:
+            # In production, this would call the LLM
+            tasks.append(self._process_single(request))
+
+        results = await asyncio.gather(*tasks)
+
+        for request, result in zip(batch, results):
+            self.results[request["id"]] = result
+
+    async def _process_single(self, request: Dict[str, Any]) -> str:
+        """Process single request (placeholder)"""
+
+        # Simulate processing
+        await asyncio.sleep(0.1)
+        return f"Response to: {request['prompt']}"

requirements.txt

@@ -0,0 +1,108 @@
+accelerate==1.9.0
+aiofiles==24.1.0
+annotated-types==0.7.0
+anyio==4.10.0
+attrs==25.3.0
+backoff==2.2.1
+bcrypt==4.3.0
+build==1.3.0
+cachetools==5.5.2
+certifi==2025.8.3
+charset-normalizer==3.4.2
+chromadb==1.0.15
+click==8.2.1
+coloredlogs==15.0.1
+diskcache==5.6.3
+distro==1.9.0
+durationpy==0.10
+fastapi==0.116.1
+filelock==3.18.0
+flatbuffers==25.2.10
+fsspec==2025.7.0
+google-auth==2.40.3
+googleapis-common-protos==1.70.0
+grpcio==1.74.0
+h11==0.16.0
+hf-xet==1.1.7
+httpcore==1.0.9
+httptools==0.6.4
+httpx==0.28.1
+huggingface-hub==0.34.3
+humanfriendly==10.0
+idna==3.10
+importlib_metadata==8.7.0
+importlib_resources==6.5.2
+Jinja2==3.1.6
+joblib==1.5.1
+jsonschema==4.25.0
+jsonschema-specifications==2025.4.1
+kubernetes==33.1.0
+llama_cpp_python==0.3.14
+markdown-it-py==3.0.0
+MarkupSafe==3.0.2
+mdurl==0.1.2
+mmh3==5.2.0
+mpmath==1.3.0
+networkx==3.5
+numpy==2.3.2
+oauthlib==3.3.1
+onnxruntime==1.22.1
+opentelemetry-api==1.36.0
+opentelemetry-exporter-otlp-proto-common==1.36.0
+opentelemetry-exporter-otlp-proto-grpc==1.36.0
+opentelemetry-proto==1.36.0
+opentelemetry-sdk==1.36.0
+opentelemetry-semantic-conventions==0.57b0
+orjson==3.11.1
+overrides==7.7.0
+packaging==25.0
+pillow==11.3.0
+posthog==5.4.0
+protobuf==6.31.1
+psutil==7.0.0
+pyasn1==0.6.1
+pyasn1_modules==0.4.2
+pybase64==1.4.2
+pydantic==2.11.7
+pydantic_core==2.33.2
+Pygments==2.19.2
+PyPika==0.48.9
+pyproject_hooks==1.2.0
+python-dateutil==2.9.0.post0
+python-dotenv==1.1.1
+PyYAML==6.0.2
+redis==6.3.0
+referencing==0.36.2
+regex==2025.7.34
+requests==2.32.4
+requests-oauthlib==2.0.0
+rich==14.1.0
+rpds-py==0.26.0
+rsa==4.9.1
+safetensors==0.5.3
+scikit-learn==1.7.1
+scipy==1.16.1
+sentence-transformers==5.0.0
+sentencepiece==0.2.0
+setuptools==80.9.0
+shellingham==1.5.4
+six==1.17.0
+sniffio==1.3.1
+starlette==0.47.2
+sympy==1.14.0
+tenacity==9.1.2
+threadpoolctl==3.6.0
+tokenizers==0.21.4
+torch==2.7.1
+tqdm==4.67.1
+transformers==4.55.0
+typer==0.16.0
+typing-inspection==0.4.1
+typing_extensions==4.14.1
+urllib3==2.5.0
+uvicorn==0.35.0
+uvloop==0.21.0
+watchfiles==1.1.0
+websocket-client==1.8.0
+websockets==15.0.1
+zipp==3.23.0

test_interface.html

@@ -0,0 +1,334 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Cybersecurity Chatbot Test</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            padding: 20px;
+        }
+
+        .container {
+            background: white;
+            border-radius: 20px;
+            box-shadow: 0 20px 60px rgba(0,0,0,0.3);
+            width: 100%;
+            max-width: 800px;
+            height: 600px;
+            display: flex;
+            flex-direction: column;
+        }
+
+        .header {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            padding: 20px;
+            border-radius: 20px 20px 0 0;
+            text-align: center;
+        }
+
+        .header h1 {
+            font-size: 24px;
+            margin-bottom: 5px;
+        }
+
+        .header p {
+            opacity: 0.9;
+            font-size: 14px;
+        }
+
+        .chat-container {
+            flex: 1;
+            overflow-y: auto;
+            padding: 20px;
+            display: flex;
+            flex-direction: column;
+            gap: 15px;
+        }
+
+        .message {
+            padding: 12px 16px;
+            border-radius: 18px;
+            max-width: 70%;
+            word-wrap: break-word;
+            animation: fadeIn 0.3s ease-in;
+        }
+
+        @keyframes fadeIn {
+            from { opacity: 0; transform: translateY(10px); }
+            to { opacity: 1; transform: translateY(0); }
+        }
+
+        .user-message {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            align-self: flex-end;
+        }
+
+        .assistant-message {
+            background: #f3f4f6;
+            color: #1f2937;
+            align-self: flex-start;
+        }
+
+        .typing-indicator {
+            display: none;
+            align-self: flex-start;
+            padding: 12px 16px;
+            background: #f3f4f6;
+            border-radius: 18px;
+            margin-bottom: 10px;
+        }
+
+        .typing-indicator span {
+            display: inline-block;
+            width: 8px;
+            height: 8px;
+            border-radius: 50%;
+            background: #9ca3af;
+            margin: 0 2px;
+            animation: typing 1.4s infinite;
+        }
+
+        .typing-indicator span:nth-child(2) { animation-delay: 0.2s; }
+        .typing-indicator span:nth-child(3) { animation-delay: 0.4s; }
+
+        @keyframes typing {
+            0%, 60%, 100% { transform: translateY(0); }
+            30% { transform: translateY(-10px); }
+        }
+
+        .input-container {
+            padding: 20px;
+            border-top: 1px solid #e5e7eb;
+            display: flex;
+            gap: 10px;
+        }
+
+        #messageInput {
+            flex: 1;
+            padding: 12px 16px;
+            border: 2px solid #e5e7eb;
+            border-radius: 25px;
+            font-size: 14px;
+            outline: none;
+            transition: border-color 0.3s;
+        }
+
+        #messageInput:focus {
+            border-color: #667eea;
+        }
+
+        .send-button {
+            padding: 12px 24px;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            border: none;
+            border-radius: 25px;
+            cursor: pointer;
+            font-weight: 600;
+            transition: transform 0.2s;
+        }
+
+        .send-button:hover {
+            transform: scale(1.05);
+        }
+
+        .send-button:disabled {
+            opacity: 0.5;
+            cursor: not-allowed;
+        }
+
+        .quick-prompts {
+            padding: 10px 20px;
+            display: flex;
+            gap: 10px;
+            flex-wrap: wrap;
+        }
+
+        .quick-prompt {
+            padding: 6px 12px;
+            background: #f3f4f6;
+            border: 1px solid #e5e7eb;
+            border-radius: 15px;
+            font-size: 12px;
+            cursor: pointer;
+            transition: all 0.2s;
+        }
+
+        .quick-prompt:hover {
+            background: #e5e7eb;
+            transform: translateY(-2px);
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div class="header">
+            <h1>🔒 Cybersecurity Assistant</h1>
+            <p>Ask me anything about security best practices</p>
+            <p style="margin-top: 10px; font-size: 12px; opacity: 0.8;">
+                Total Interactions: <span id="interactionCount">0</span>
+            </p>
+        </div>
+
+        <div class="quick-prompts">
+            <div class="quick-prompt" onclick="sendQuickPrompt('How do I identify phishing emails?')">Phishing Detection</div>
+            <div class="quick-prompt" onclick="sendQuickPrompt('What makes a strong password?')">Password Security</div>
+            <div class="quick-prompt" onclick="sendQuickPrompt('How do I secure my home WiFi?')">Network Security</div>
+            <div class="quick-prompt" onclick="sendQuickPrompt('What should I do if I clicked a suspicious link?')">Incident Response</div>
+        </div>
+
+        <div class="chat-container" id="chatContainer">
+            <div class="assistant-message message">
+                Hello! I'm your cybersecurity assistant. How can I help you stay safe online today?
+            </div>
+        </div>
+
+        <div class="typing-indicator" id="typingIndicator">
+            <span></span>
+            <span></span>
+            <span></span>
+        </div>
+
+        <div class="input-container">
+            <input
+                type="text"
+                id="messageInput"
+                placeholder="Ask about cybersecurity..."
+                onkeypress="handleKeyPress(event)"
+            >
+            <button class="send-button" onclick="sendMessage()" id="sendButton">Send</button>
+        </div>
+    </div>
+
+    <script>
+        let sessionId = null;
+        let isProcessing = false;
+
+        function handleKeyPress(event) {
+            if (event.key === 'Enter' && !isProcessing) {
+                sendMessage();
+            }
+        }
+
+        function sendQuickPrompt(prompt) {
+            document.getElementById('messageInput').value = prompt;
+            sendMessage();
+        }
+
+        function addMessage(content, isUser = false) {
+            const chatContainer = document.getElementById('chatContainer');
+            const messageDiv = document.createElement('div');
+            messageDiv.className = `message ${isUser ? 'user-message' : 'assistant-message'}`;
+            messageDiv.textContent = content;
+            chatContainer.appendChild(messageDiv);
+            chatContainer.scrollTop = chatContainer.scrollHeight;
+            return messageDiv;
+        }
+
+        function showTyping() {
+            document.getElementById('typingIndicator').style.display = 'block';
+        }
+
+        function hideTyping() {
+            document.getElementById('typingIndicator').style.display = 'none';
+        }
+
+        async function sendMessage() {
+            const input = document.getElementById('messageInput');
+            const sendButton = document.getElementById('sendButton');
+            const message = input.value.trim();
+
+            if (!message || isProcessing) return;
+
+            isProcessing = true;
+            sendButton.disabled = true;
+
+            // Add user message
+            addMessage(message, true);
+            input.value = '';
+
+            // Show typing indicator
+            showTyping();
+
+            try {
+                // Stream response
+                const response = await fetch('http://localhost:8000/chat/stream', {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/json',
+                    },
+                    body: JSON.stringify({
+                        message: message,
+                        session_id: sessionId
+                    })
+                });
+
+                const reader = response.body.getReader();
+                const decoder = new TextDecoder();
+                let assistantMessage = null;
+                let fullResponse = '';
+
+                while (true) {
+                    const { done, value } = await reader.read();
+                    if (done) break;
+
+                    const text = decoder.decode(value);
+                    const lines = text.split('\n');
+
+                    for (const line of lines) {
+                        if (line.startsWith('data: ')) {
+                            try {
+                                const data = JSON.parse(line.slice(6));
+
+                                if (data.type === 'start') {
+                                    sessionId = data.session_id;
+                                    if (data.interaction_count) {
+                                        document.getElementById('interactionCount').textContent = data.interaction_count;
+                                    }
+                                    hideTyping();
+                                    assistantMessage = addMessage('', false);
+                                } else if (data.type === 'token' && assistantMessage) {
+                                    fullResponse += data.content;
+                                    assistantMessage.textContent = fullResponse;
+                                    chatContainer.scrollTop = chatContainer.scrollHeight;
+                                }
+                            } catch (e) {
+                                console.error('Parse error:', e);
+                            }
+                        }
+                    }
+                }
+            } catch (error) {
+                console.error('Error:', error);
+                hideTyping();
+                addMessage('Sorry, I encountered an error. Please try again.', false);
+            } finally {
+                hideTyping();
+                isProcessing = false;
+                sendButton.disabled = false;
+                input.focus();
+            }
+        }
+
+        // Auto-focus on load
+        window.onload = () => {
+            document.getElementById('messageInput').focus();
+        };
+    </script>
+</body>
+</html>