LunarHowl5143/AI-Fraud-Triage

title: Fraud Triage Env 环境服务器 emoji: 🎯 colorFrom: green colorTo: yellow sdk: docker pinned: false app_port: 8000 base_path: /web tags: - openenv # Fraud Triage Env 环境 一个先进的交互式强化学习（RL）环境，专为 OpenEnv 黑客松构建。本项目模拟了一个活跃的网络战场景，让 AI 安全代理（蓝队）对阵程序化生成的攻击者（红队），对收到的电子邮件、交易和账户登录进行分类处理。 ## 快速开始 与 Fraud Triage 环境交互的最简单方式是通过内置的 Cyberpunk UI 仪表板，或通过 `FraudTriageEnv` 类进行编程交互： ``` from models import FraudTriageEnv, Action try: # Initialize the Red vs Blue Environment env = FraudTriageEnv() # Reset to draw a new Shuffled Deck scenario obs = env.reset() print(f"Turn {obs.turn_number}: Red Team Injects -> {obs.payload}") # Agent evaluates the threat action = Action( action_taken="BLOCK", confidence=0.95, insight="Suspicious Tor exit node detected." ) # Step the environment next_obs, reward, done, info = env.step(action) print(f"Outcome: {info['outcome']}") print(f"Reward Issued: {reward}") except Exception as e: print(f"Simulation Error: {e}") Building the Docker Image Before deploying the environment, you can test the Docker build locally: BASH # 从项目根目录 docker build -t fraud_triage_env-env:latest -f Dockerfile . Deploying to Hugging Face Spaces You can easily deploy your OpenEnv environment to Hugging Face Spaces using the openenv push command: Bash # 从环境目录（openenv.yaml 所在位置） openenv push # 或指定选项 openenv push --namespace my-org --private The openenv push command will: Validate that the directory is an OpenEnv environment (checks for openenv.yaml) Prepare a custom build for Hugging Face Docker space(enables web interface) Upload to Hugging Face (ensuring you're logged in) PREREQUISITES : Authenticate with Hugging Face: The command will prompt for login if not already authenticated. Ensure your HF_TOKEN is added to your Space's repository secrets after deployment for the AI inference to function. Environment Details : ACTION Action: Contains the Blue Team agent's decision logic. action_taken (str) - Must be "APPROVE", "ESCALATE", or "BLOCK" confidence (float) - The agent's confidence score (0.0 to 1.0) insight (str) - The agent's reasoning for the decision OBSERVATION : Observation: Contains the Red Team's generated threat payload. domain (str) - "EMAIL", "TRANSACTION", or "ACCOUNT" payload (str) - The actual data string to be analyzed attacker_tactic (str) - Context of the scenario (e.g., "Spear Phishing", "Normal Traffic") turn_number (int) - Current step in the 5-round simulation REWARD : The reward utilizes an asymmetric grading scale compliant with OpenEnv's 0.0 to 1.0 normalization: Catching a Hacker / Approving a Genuine User → reward: 1.0 Escalating safely for human review → reward: 0.5 FALSE POSITIVE (Blocking a real user) → reward: 0.0 FALSE NEGATIVE (Letting a hacker through) → reward: 0.0 Advanced Usage: THE SHUFFLED DECK ARCHIETECTURE Unlike static baselines, this environment utilizes a procedural Shuffled Deck Generator. Every time the environment is reset, it dynamically builds a unique 5-round gauntlet. The deck guarantees a mix of routine traffic, brute-force attacks, and advanced exploits, alongside carefully engineered "Bait" scenarios designed to trick the AI into False Positives or False Negatives. STATELESS SANDBOX RADAR The included FastAPI server features a /api/custom-inject endpoint. This allows security analysts to manually inject payloads "off-the-record" to test the AI's reasoning without disrupting the official baseline state machine or turn counter. DEVELOPMENT AND TESTING Running Locally Run the FastAPI server locally for development to access the Interactive Dashboard: Bash uvicorn server.app:app --reload Navigate to http://localhost:8000 to interact with the environment. Project Structure Plaintext fraud_triage_env/ ├── .dockerignore # Docker build exclusions ├── README.md # This file ├── openenv.yaml # OpenEnv manifest ├── pyproject.toml # Project metadata and dependencies ├── requirements.txt # Cloud dependencies ├── uv.lock # Locked dependencies (generated) ├── models.py # Environment State Machine & Pydantic Models ├── inference.py # Hugging Face Router & Qwen AI Agent Policy └── server/ ├── app.py # FastAPI application and bridging logic └── static/ └── index.html # Cyberpunk Telemetry UI Dashboard ```

标签：AI安全, Apex, Chat Copilot, DNS 反向解析, IaC 扫描, 交易监控, 人工智能, 人机对抗, 决策智能, 后端开发, 威胁情报, 安全运营, 开发者工具, 开放环境, 强化学习, 扫描框架, 搜索语句（dork）, 数据展示, 机器学习, 欺诈检测, 用户模式Hook绕过, 红队, 结构化查询, 网络安全, 网络攻防, 自动化安全, 请求拦截, 账户安全, 逆向工具, 钓鱼邮件检测, 隐私保护