CyberShield is a real-time threat detection and prevention system designed to analyze IP activity using explainable AI (XAI) models. It provides accurate risk assessments with transparent explanations, allowing users to mitigate cyber threats effectively.
- Real-time IP analysis using AI-powered risk scoring.
- Integration with AbuseIPDB for threat intelligence.
- SHAP-based explainability for transparent risk explanations.
- Interactive dashboard for monitoring and managing threats.
- Automated prevention with rule-based blocking.
Ensure the following are installed before running the system:
- Node.js (Backend & Frontend)
- MongoDB (Database)
- Python 3.x (For AI Model)
- AbuseIPDB API Key
- Postman (For API testing, optional)
cd frontend
npm i
npm run dev- Access the dashboard at:
http://localhost:5713
cd backend
npm i
npm start- API will be available at:
http://localhost:5000
Confirm Python dependencies are installed using:
pip install -r requirements.txtcd ai_model
python ./model/generate_synthetic_data.pypython train_model.pypython app.py- Ensure the model listens for incoming requests from the backend.
- Login to Dashboard: Access
http://localhost:3000and log in with your credentials. - Analyze IPs: Enter an IP address for analysis. The system will fetch data from AbuseIPDB and pass it to the AI model.
- View Results: Check the risk score, detailed SHAP-based explanations, and IP reputation.
- Prevent Threats: Block malicious IPs directly from the dashboard.
- Backend Errors: Ensure API keys are correctly set in
.envand MongoDB is running. - Frontend Not Loading: Check for port conflicts and ensure React app builds using:
npm run build
Feel free to contribute by submitting issues or pull requests. Ensure that your code follows the contribution guidelines.
This project is licensed under the MIT License. See the LICENSE file for details.
CyberShield - Defend with Confidence!