Advanced AI-powered honeypot system with real-time threat detection, ML-based attack classification, and blockchain-anchored forensic logs
| Application | URL | Description |
|---|---|---|
| π¦ Main Application | https://cham-a-ileon.vercel.app | User-facing honeypot banking interface |
| π‘οΈ Admin Dashboard | https://cham-a-ileon-i9cw.vercel.app | Real-time security monitoring & forensics |
| π€ ML Backend API | chameleon-defence-api.onrender.com | Machine learning classification engine |
| π¦ NPM Middleware | chameleon-middleware | Security middleware package (v1.1.0) |
Install the Chameleon security middleware for your Express or Next.js application:
# Via GitHub (recommended for latest features)
npm install github:flexykrn/ChamAIleon#master:chameleon-security-middleware
# Or via NPM (if published)
npm install chameleon-middlewarenpx chameleon-initThis launches an interactive wizard that generates a complete server setup with ML-powered request analysis.
ChamAIleon is an advanced honeypot disguised as a banking app. It uses ML classification to detect SQL injection, XSS, and brute-force attacks. Blockchain integration secures the immutable logs, creating a complete, real-time defense and forensic analyze cyber attacks in real-time.
The system presents attackers with a convincing fake banking interface while:
- π΅οΈ Monitoring all user interactions
- π€ Classifying attacks using ML (SQL Injection, XSS, etc.)
- π§ Analyzing attacker intent with Google Gemini AI
- βοΈ Anchoring evidence to blockchain for tamper-proof forensics
- π Providing real-time security insights to administrators
User Input β Main App β ML Backend β Classification
β
Log Attack Event
β
Gemini AI Analysis
β
Firebase Storage
β
Blockchain Anchoring (Batch)
β
Admin Dashboard
- Node.js 18+ and npm
- Python 3.11+
- Git
- Firebase account
- Google Gemini API key
- Ethereum wallet (for blockchain features)
git clone https://github.com/flexykrn/ChamAIleoncd chameleon
npm install
# Create .env.local file
cp .env.example .env.local
# Edit .env.local with your Firebase and Gemini credentialscd ../chameleon_admin
npm install
# Create .env.local file
cp .env.example .env.local
# Edit .env.local with your Firebase credentialscd ../backend
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
pip install -r requirements.txtcd ../blockchain
npm install
# Create .env file with your private key
echo "PRIVATE_KEY=your_private_key_here" > .env- Algorithm: Random Forest Classifier
- Training Data: 40,000+ labeled attack samples
- Features: TF-IDF vectorization (10,000 features)
- Classes: 5 (SQLi, XSS, CMDI, Path Traversal, Benign)
- Performance:
- Accuracy: 97.2%
- Precision: 96.8%
- Recall: 96.5%
- F1-Score: 96.6%
- Network: Hoodi Testnet (Ethereum-compatible)
- Contract: LogAnchor.sol
- Address:
0xecEFBA4B95fcD63C88f05Bd653c3eD5B2c574008 - Features:
- Batch anchoring with Merkle trees
- Gas-optimized storage
- Tamper-proof verification
- Model: Google Gemini 2.0 Flash
- Purpose: Generate human-readable attack explanations
- Features:
- Attack intent analysis
- OWASP reference linking
- Severity assessment
β
Detects and classifies cyber attacks
β
Provides forensic evidence via blockchain
β
Analyzes attacker behavior with AI
β
Isolates attacks in controlled honeypot environment
β Replace production security measures
β Protect real banking systems
β Store actual financial data
β Prevent attacks (it observes them)
Disclaimer: This is a research/educational honeypot system. Do not use with real user data or as primary security infrastructure.
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit changes (
git commit -m 'Add AmazingFeature') - Push to branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Firebase - Authentication & Database
- Google Gemini - AI-powered analysis
- Vercel - Frontend hosting
- Render - Backend hosting
- Hoodi Testnet - Blockchain infrastructure
- OWASP - Security reference documentation
- scikit-learn - ML framework
