Skip to content

flexykrn/ChamAIleon

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

13 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

🦎 ChamAIleon - AI-Powered Banking Honeypot

Next.js Python FastAPI Firebase Ethereum

Advanced AI-powered honeypot system with real-time threat detection, ML-based attack classification, and blockchain-anchored forensic logs

ChamAIleon security


πŸ”— Live Demo

Application URL Description
🏦 Main Application https://cham-a-ileon.vercel.app User-facing honeypot banking interface
πŸ›‘οΈ Admin Dashboard https://cham-a-ileon-i9cw.vercel.app Real-time security monitoring & forensics
πŸ€– ML Backend API chameleon-defence-api.onrender.com Machine learning classification engine
πŸ“¦ NPM Middleware chameleon-middleware Security middleware package (v1.1.0)

πŸ“¦ Installation (Middleware)

Install the Chameleon security middleware for your Express or Next.js application:

# Via GitHub (recommended for latest features)
npm install github:flexykrn/ChamAIleon#master:chameleon-security-middleware

# Or via NPM (if published)
npm install chameleon-middleware

Quick Setup

npx chameleon-init

This launches an interactive wizard that generates a complete server setup with ML-powered request analysis.

🎯 Overview

ChamAIleon is an advanced honeypot disguised as a banking app. It uses ML classification to detect SQL injection, XSS, and brute-force attacks. Blockchain integration secures the immutable logs, creating a complete, real-time defense and forensic analyze cyber attacks in real-time.

πŸŽͺ The Concept

The system presents attackers with a convincing fake banking interface while:

  • πŸ•΅οΈ Monitoring all user interactions
  • πŸ€– Classifying attacks using ML (SQL Injection, XSS, etc.)
  • 🧠 Analyzing attacker intent with Google Gemini AI
  • ⛓️ Anchoring evidence to blockchain for tamper-proof forensics
  • πŸ“Š Providing real-time security insights to administrators

πŸ”„ Data Flow

User Input β†’ Main App β†’ ML Backend β†’ Classification
                ↓
         Log Attack Event
                ↓
         Gemini AI Analysis
                ↓
         Firebase Storage
                ↓
    Blockchain Anchoring (Batch)
                ↓
         Admin Dashboard

πŸš€ Tech Stack

Next.js React Tailwind CSS Firebase

Python FastAPI scikit-learn pandas

Ethereum Solidity Ethers.js Hardhat

Google Gemini Random Forest LIME

Vercel Render GitHub


πŸ“¦ Installation

Prerequisites

  • Node.js 18+ and npm
  • Python 3.11+
  • Git
  • Firebase account
  • Google Gemini API key
  • Ethereum wallet (for blockchain features)

1. Clone Repository

git clone https://github.com/flexykrn/ChamAIleon

2. Setup Main Application

cd chameleon
npm install

# Create .env.local file
cp .env.example .env.local
# Edit .env.local with your Firebase and Gemini credentials

3. Setup Admin Dashboard

cd ../chameleon_admin
npm install

# Create .env.local file
cp .env.example .env.local
# Edit .env.local with your Firebase credentials

4. Setup ML Backend

cd ../backend
python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate
pip install -r requirements.txt

5. Setup Blockchain (Optional)

cd ../blockchain
npm install

# Create .env file with your private key
echo "PRIVATE_KEY=your_private_key_here" > .env

πŸ”¬ Technical Details

Machine Learning Model

  • Algorithm: Random Forest Classifier
  • Training Data: 40,000+ labeled attack samples
  • Features: TF-IDF vectorization (10,000 features)
  • Classes: 5 (SQLi, XSS, CMDI, Path Traversal, Benign)
  • Performance:
    • Accuracy: 97.2%
    • Precision: 96.8%
    • Recall: 96.5%
    • F1-Score: 96.6%

Blockchain Integration

  • Network: Hoodi Testnet (Ethereum-compatible)
  • Contract: LogAnchor.sol
  • Address: 0xecEFBA4B95fcD63C88f05Bd653c3eD5B2c574008
  • Features:
    • Batch anchoring with Merkle trees
    • Gas-optimized storage
    • Tamper-proof verification

AI Analysis

  • Model: Google Gemini 2.0 Flash
  • Purpose: Generate human-readable attack explanations
  • Features:
    • Attack intent analysis
    • OWASP reference linking
    • Severity assessment

πŸ›‘οΈ Security Considerations

What This System Does:

βœ… Detects and classifies cyber attacks
βœ… Provides forensic evidence via blockchain
βœ… Analyzes attacker behavior with AI
βœ… Isolates attacks in controlled honeypot environment

What This System Does NOT Do:

❌ Replace production security measures
❌ Protect real banking systems
❌ Store actual financial data
❌ Prevent attacks (it observes them)

Disclaimer: This is a research/educational honeypot system. Do not use with real user data or as primary security infrastructure.

🀝 Contributing

Contributions are welcome! Please:

  1. Fork the repository
  2. Create a feature branch (git checkout -b feature/AmazingFeature)
  3. Commit changes (git commit -m 'Add AmazingFeature')
  4. Push to branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

πŸ“„ License

This project is licensed under the MIT License - see the LICENSE file for details.


πŸ™ Acknowledgments

  • Firebase - Authentication & Database
  • Google Gemini - AI-powered analysis
  • Vercel - Frontend hosting
  • Render - Backend hosting
  • Hoodi Testnet - Blockchain infrastructure
  • OWASP - Security reference documentation
  • scikit-learn - ML framework

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Contributors