Mormukut976/DeepGuard-AI

GitHub: Mormukut976/DeepGuard-AI

这是一个集成了钓鱼邮件检测、日志网络异常分析及大模型安全防护的AI驱动企业级网络安全平台。

Stars: 0 | Forks: 0

# 🛡️ DeepGuard AI - 企业网络安全平台 [![Python](https://img.shields.io/badge/Python-3.11-blue.svg)](https://python.org) [![FastAPI](https://img.shields.io/badge/FastAPI-0.68+-009688.svg)](https://fastapi.tiangolo.com) [![Streamlit](https://img.shields.io/badge/Streamlit-1.0+-FF4B4B.svg)](https://streamlit.io) [![MITRE ATT&CK](https://img.shields.io/badge/MITRE-ATT%26CK%20v14-red.svg)](https://attack.mitre.org) [![Docker](https://img.shields.io/badge/Docker-Ready-2496ED.svg)](https://docker.com) [![License](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE) ## 🚀 核心功能 | 功能 | 描述 | 状态 | |---------|-------------|--------| | 📧 **网络钓鱼检测** | 基于 DistilBERT 的邮件分析 | ✅ | | 🔐 **LLM 安全** | Prompt 注入检测（符合 Zelis AI 标准） | ✅ | | 📊 **日志异常** | 使用 Isolation Forest 进行异常检测 | ✅ | | 🌐 **网络安全** | 实时数据包捕获 | ✅ | | 🎯 **MITRE ATT&CK** | 完整的 v14.0 映射 | ✅ | | 🛡️ **对抗鲁棒性** | FGSM/PGD 攻击模拟 | ✅ | | 📤 **SIEM 集成** | Microsoft Sentinel + Slack/Email | ✅ | | 🔧 **CI/CD 安全** | Bandit + Safety + Trivy | ✅ | ## 🏗️ 架构 DeepGuard AI/ ├── 📧 网络钓鱼检测器 (DistilBERT) ├── 📊 日志异常检测器 (Isolation Forest) ├── 🌐 网络异常检测器 (Isolation Forest) ├── 🔌 FastAPI 后端 └── 💻 Streamlit 前端 text ## 🛠️ 安装说明 1. **克隆仓库** ``` git clone cd DeepGuard-AI Install Dependencies bash pip install -r requirements.txt Train Models bash python train_models.py Start API Server bash python run_api.py Start Frontend (New Terminal) bash streamlit run frontend/app.py Access System API Docs: http://localhost:8000/docs Dashboard: http://localhost:8501 📊 API Endpoints POST /analyze/phishing - Analyze emails for phishing POST /analyze/logs - Detect anomalies in system logs POST /analyze/network - Monitor network traffic POST /analyze/comprehensive - Complete security scan GET /system/status - System health check 🧠 ML Models Phishing Detection: Fine-tuned DistilBERT model Log Analysis: Isolation Forest for anomaly detection Network Analysis: Isolation Forest for traffic patterns 🎯 Usage Examples Phishing Detection python import requests response = requests.post("http://localhost:8000/analyze/phishing", json={"emails": ["You won $1000! Click here..."]} ) print(response.json()) Comprehensive Scan python payload = { "emails": [...], "logs": [...], "network_traffic": [...] } response = requests.post("http://localhost:8000/analyze/comprehensive", json=payload) 📈 Performance Phishing Detection Accuracy: ~90% Log Anomaly Detection: ~85% Network Threat Detection: ~88% Response Time: < 2 seconds 🔧 Development Backend: FastAPI + Python Frontend: Streamlit ML: PyTorch, Scikit-learn, Transformers Data: Pandas, NumPy ```

标签：AMSI绕过, Apex, AV绕过, CI/CD安全, Cloudflare, DevSecOps, DistilBERT, FastAPI, FGSM, HTTP/HTTPS抓包, Kubernetes, Llama, Microsoft Sentinel, MITRE ATT&CK, NLP, PGD, Python, SIEM集成, Streamlit, 上游代理, 人工智能, 企业安全, 凭据扫描, 大模型安全, 威胁检测, 孤立森林, 安全运营, 对抗样本, 开源安全工具, 异常检测, 态势感知, 扫描框架, 无后门, 机器学习, 深度学习, 用户模式Hook绕过, 系统调用监控, 网络安全, 网络流量分析, 网络资产管理, 网络钓鱼检测, 访问控制, 请求拦截, 逆向工具, 逆向工程平台, 邮件分析, 隐私保护