Quantum-Fiend/Q_Sentinel

GitHub: Quantum-Fiend/Q_Sentinel

Q-SENTINEL 是一个量子增强的网络威胁情报与自主防御平台，结合变分量子电路、AI推理和多语言微服务架构，实现跨域威胁检测与自动响应。

Stars: 1 | Forks: 0

# ⚛️ Q-SENTINEL ### *自主量子增强网络防御平台*

**🔮 网络安全的未来是量子的** *检测经典系统无法想象的威胁* [🚀 快速开始](#-quick-start) • [📖 文档](#-documentation) • [🏗️ 架构](#️-system-architecture) • [🎯 功能](#-core-features)

## 🌟 是什么让 Q-SENTINEL 具有革命性？

### 🧠 **量子认知** 利用**变分量子电路**将威胁特征编码到 Hilbert 空间中，检测经典机器学习系统无法察觉的非线性攻击模式。 ### 🔗 **跨域融合** 使用动态 Lua 规范化，将网络、端点、云和应用程序遥测数据统一为连贯的威胁叙事。

### 🤖 **自主防御** AI 驱动的推理引擎生成人类可读的叙事，并在无需人工干预的情况下执行缓解策略。 ### 🎨 **精英架构** 采用 Go、Python、Lua、React 和 C# 的多语言设计 —— 每种语言都因其在其领域的最佳性能而被选中。

## 🎯 核心功能 ``` mindmap root((Q-SENTINEL)) Quantum Analytics VQC Anomaly Detection 4-Qubit Simulation PennyLane Integration AI Reasoning Threat Narratives Attack Prediction Autonomous Response Distributed Ingestion Go Worker Pools 10K+ Events/sec Zero-Copy Forwarding Dynamic Fusion Lua Hot-Reload Cross-Domain Correlation Real-time Normalization Premium Dashboard Glassmorphism UI Real-time Updates Cytoscape Graphs ``` ## 🏗️ 系统架构

### **端到端威胁情报管道**

``` graph TB subgraph "Data Sources" A1[🌐 Network Traffic] A2[💻 Endpoints] A3[☁️ Cloud APIs] A4[📱 Applications] end subgraph "Ingestion Layer - Go" B[🔷 High-Performance Collector
Worker Pool Architecture
Port: 8080] end subgraph "Fusion Engine - Python + Lua" C[🐍 Event Normalizer
Dynamic Lua Rules
Port: 8081] end subgraph "Quantum Core - PennyLane" D[⚛️ Quantum Anomaly Detector
4-Qubit VQC
Port: 8082] end subgraph "AI Reasoning - Python" E[🤖 Threat Narrative Generator
Autonomous Mitigation
Port: 8083] end subgraph "Command Interface" F[⚛️ React Dashboard
Real-time Visualization
Port: 3000] G[🔶 C# Forensic Tools
Attack Replay] end A1 & A2 & A3 & A4 --> B B -->|JSON Events| C C -->|Normalized Features| D D -->|Quantum Score| E E -->|Narratives| F E -.->|Autonomous Actions| H[🛡️ Defense Systems] C -.->|Forensic Data| G style B fill:#00d4ff,stroke:#0099cc,color:#000 style C fill:#3776ab,stroke:#2d5d8a,color:#fff style D fill:#8b5cf6,stroke:#6d28d9,color:#fff style E fill:#ef4444,stroke:#dc2626,color:#fff style F fill:#10b981,stroke:#059669,color:#fff ``` ## 📊 技术栈

| 层级 | 技术 | 用途 | 性能 | |:-----:|:----------:|:-------:|:-----------:| | **接入** | ![Go](https://img.shields.io/badge/Go-00ADD8?style=flat&logo=go&logoColor=white) | 高吞吐量采集 | 10K+ 事件/秒 | | **融合** | ![Python](https://img.shields.io/badge/Python-3776AB?style=flat&logo=python&logoColor=white) ![Lua](https://img.shields.io/badge/Lua-2C2D72?style=flat&logo=lua&logoColor=white) | 动态规范化 | 热重载规则 | | **量子** | ![PennyLane](https://img.shields.io/badge/PennyLane-8B5CF6?style=flat) | 异常检测 | 每个 VQC 约 50ms | | **AI 大脑** | ![Python](https://img.shields.io/badge/Python-3776AB?style=flat&logo=python&logoColor=white) | 威胁推理 | <200ms 端到端 | | **仪表板** | ![React](https://img.shields.io/badge/React-61DAFB?style=flat&logo=react&logoColor=black) ![TypeScript](https://img.shields.io/badge/TypeScript-3178C6?style=flat&logo=typescript&logoColor=white) | 实时 UI | 60fps 动画 | | **取证** | ![C#](https://img.shields.io/badge/C%23-239120?style=flat&logo=c-sharp&logoColor=white) | 攻击重放 | 离线分析 | | **编排** | ![Docker](https://img.shields.io/badge/Docker-2496ED?style=flat&logo=docker&logoColor=white) | 容器化 | 一键部署 |

## 📁 项目结构

🗂️ 点击展开完整文件夹结构

``` Q-SENTINEL/ ├── 📁 ai-reasoning/ │ ├── 🐳 Dockerfile │ ├── 🐍 main.py │ └── 📄 requirements.txt ├── 📁 analyst-tools/ │ └── 🔶 ForensicsConsole.cs ├── 📁 dashboard/ │ ├── 📁 src/ │ │ ├── ⚛️ App.tsx │ │ ├── 📘 main.tsx │ │ ├── 📄 index.css │ │ └── 📁 lib/ │ │ └── 📘 utils.ts │ ├── 🐳 Dockerfile │ ├── 📋 package.json │ └── ⚙️ tailwind.config.js ├── 📁 fusion-engine/ │ ├── 📁 rules/ │ │ └── 🌙 network_normalize.lua │ ├── 🐳 Dockerfile │ ├── 🐍 main.py │ └── 📄 requirements.txt ├── 📁 ingestion-layer/ │ └── 📁 go-collector/ │ ├── 🐳 Dockerfile │ ├── 🔷 main.go │ ├── 📄 go.mod │ └── 📄 go.sum ├── 📁 quantum-core/ │ ├── 🐳 Dockerfile │ ├── 🐍 main.py │ └── 📄 requirements.txt ├── 📁 scripts/ │ ├── 🐍 generate_tree.py │ ├── 🐍 simulate_e2e.py │ └── 🔧 telemetry.sh ├── 📁 shared/ │ └── 📁 proto/ │ └── 📡 event.proto ├── 📖 README.md ├── ⚙️ docker-compose.yml ├── 💻 setup.ps1 └── 🔧 setup.sh ```

## 🚀 快速开始 ### **选项 1：一键 Docker 部署** ⚡ （推荐）

**🪟 Windows** ``` .\setup.ps1 ```

**🐧 Linux / 🍎 macOS** ``` chmod +x setup.sh ./setup.sh ```

### **选项 2：手动部署** 🛠️

点击展开手动设置说明

#### 1️⃣ 启动接入层 ``` cd ingestion-layer/go-collector go run main.go ``` #### 2️⃣ 启动融合引擎 (Python + Lua) ``` cd fusion-engine pip install -r requirements.txt python main.py ``` #### 3️⃣ 启动量子核心 (PennyLane) ``` cd quantum-core pip install -r requirements.txt python main.py ``` #### 4️⃣ 启动 AI 推理引擎 ``` cd ai-reasoning pip install -r requirements.txt python main.py ``` #### 5️⃣ 启动仪表板 (React) ``` cd dashboard npm install npm run dev ```

## 🎮 使用示例 ### **发送威胁事件** ``` curl -X POST http://localhost:8080/ingest \ -H "Content-Type: application/json" \ -d '{ "source_id": "endpoint-prod-01", "category": "NETWORK", "severity": "LOW", "metadata": {"protocol": "TCP", "dst_port": 22}, "data": { "dst_ip": "192.168.1.100", "dst_port": 22, "protocol": "TCP" } }' ``` ### **运行端到端模拟** ``` python scripts/simulate_e2e.py ``` **预期输出：** ``` [SIMULATOR] Starting End-to-End Threat Scenario... [SIMULATOR] Step 1: Ingesting Event to Go Layer... [SIMULATOR] Step 2: Normalizing in Python/Lua Layer... [SIMULATOR] Step 3: Running Quantum Anomaly Detection... [SIMULATOR] Step 4: Generating AI Narrative & Response... ================================================== Q-SENTINEL DECISION ENGINE OUTPUT ================================================== EVENT ID: evt-sim-123 QUANTUM CONFIDENCE: 88% NARRATIVE: Detected REMOTE_ACCESS activity with a Quantum Confidence Score of 88%. The pattern aligns with high-dimensional APT markers. Immediate isolation recommended. RECOMMENDED ACTION: ISOLATE_SOURCE ================================================== ``` ## 🔬 工作原理 ### **1. 量子特征编码** ``` # 威胁特征被映射为量子态 @qml.qnode(dev) def quantum_circuit(weights, features): qml.AngleEmbedding(features, wires=range(n_qubits), rotation='Z') qml.StronglyEntanglingLayers(weights, wires=range(n_qubits)) return qml.expval(qml.PauliZ(0)) ``` ### **2. 动态 Lua 规范化** ``` -- Hot-reloadable threat classification function normalize(event) if event.data.dst_port == 22 or event.data.dst_port == 3389 then event.category = "REMOTE_ACCESS" event.severity = "MEDIUM" end return event end ``` ### **3. AI 驱动的决策制定** ``` def decide_mitigation(event, quantum_score): if quantum_score > 0.85: return "ISOLATE_SOURCE" elif quantum_score > 0.70: return "BLOCK_PORT" elif quantum_score > 0.50: return "THROTTLE_TRAFFIC" return "NONE" ``` ## 🎨 仪表板预览

### **实时量子防御矩阵** *具有实时威胁叙事的高级玻璃拟态 UI* **主要特性：** - 🌊 流畅的 Framer Motion 动画 - 🎯 实时量子置信度分数 - 📊 活跃威胁时间线 - ⚡ 亚秒级更新延迟 - 🎨 针对 SOC 环境优化的高对比度暗色主题

## 🔐 安全性与性能

### 🛡️ **安全性** - ✅ 零硬编码凭证 - ✅ 基于环境的配置 - ✅ 内部 Docker 网络 - ✅ 隔离的服务容器

### ⚡ **性能** - ✅ 10K+ 事件/秒采集 - ✅ <200ms 端到端延迟 - ✅ 约 50ms 量子电路评估 - ✅ 60fps 仪表板渲染

### 🔧 **可靠性** - ✅ 自动服务重启 - ✅ 健康检查监控 - ✅ 优雅的错误处理 - ✅ 生产级日志记录

## 🎯 使用场景

| 场景 | Q-SENTINEL 的优势 | |:---------|:---------------------| | **🎭 APT 检测** | 量子电路可识别数周遥测数据中的多阶段攻击模式 | | **⚡ 零日发现** | 非线性关联检测可发现前所未见的攻击特征 | | **🏢 SOC 增强** | AI 叙事通过可操作的洞察将分析师的工作量减少 80% | | **🏭 关键基础设施** | 自主响应在 <200ms 内隔离威胁，防止级联故障 | | **🔬 网络研究** | 多语言架构可作为网络安全中量子机器学习的试验台 |

## 🛣️ 路线图 ``` timeline title Q-SENTINEL Evolution section Phase 1 ✅ Foundation : Polyglot Architecture : Docker Orchestration : Core Services section Phase 2 🚧 Enhancement : Real Quantum Hardware (IBM/AWS) : WebSocket Live Streaming : Graph Database (Neo4j) section Phase 3 🔮 Enterprise : Kubernetes Deployment : Prometheus + Grafana : Multi-Tenant Support ``` ## 🤝 贡献我们欢迎您的贡献！以下是您可以提供帮助的方式： - 🐛 **Bug 报告**：提交一个包含详细复现步骤的 issue - 💡 **功能请求**：提出新的功能或集成建议 - 🔧 **代码贡献**： - 额外的 Lua 规范化规则 - 量子电路优化 - 仪表板 UI/UX 增强 - 与威胁情报源的集成 ## 📚 文档 - 📖 [完整文档](./docs/) - 🎓 [架构深入解析](./docs/architecture.md) - 🔬 [量子分析详解](./docs/quantum.md) - 🎨 [仪表板自定义](./docs/dashboard.md) ## 📊 项目统计

![Lines of Code](https://img.shields.io/badge/Lines%20of%20Code-5000%2B-blue?style=for-the-badge) ![Languages](https://img.shields.io/badge/Languages-6-orange?style=for-the-badge) ![Services](https://img.shields.io/badge/Microservices-5-green?style=for-the-badge) ![Docker Images](https://img.shields.io/badge/Docker%20Images-5-blue?style=for-the-badge)

## 🌟 Star 历史如果您觉得 Q-SENTINEL 有用，请考虑给它一个 ⭐！ ## 📄 许可证本项目专为**研究和教育目的**而开发。 ## 🙏 致谢使用尖端技术构建： - [PennyLane](https://pennylane.ai/) - 量子机器学习框架 - [Go](https://golang.org/) - 高性能后端 - [React](https://react.dev/) - 现代 UI 框架 - [Docker](https://www.docker.com/) - 容器化平台

### ⚛️ **Q-SENTINEL v1.0** *当量子物理学遇上网络安全* **由 Tushar Singh 用 ❤️ 构建** [⬆ 返回顶部](#️-q-sentinel)

标签：rizin, 威胁情报, 开发者工具, 微服务架构, 日志审计, 网络安全, 自主防御, 请求拦截, 跨域数据分析, 逆向工具, 量子机器学习, 隐私保护