Developer: Anand
A comprehensive, multi-platform cybersecurity solution that protects users across Android, web browsers, and desktop environments using AI-powered threat detection and a unified backend system.
┌─────────────────┐ ┌──────────────────┐ ┌──────────────────┐
│ Android App │ │ Web Dashboard │ │ Browser Extension│
│ (Flutter) │ │ (React) │ │ (JavaScript) │
└─────────┬───────┘ └────────┬─────────┘ └────────┬─────────┘
│ │ │
└─────────────────────┼───────────────────────┘
│
┌───────────▼───────────┐
│ Backend API │
│ (FastAPI) │
├───────────────────────┤
│ Authentication │
│ Message Analysis │
│ URL Analysis │
│ Breach Detection │
│ Risk Scoring │
└───────────┬───────────┘
│
┌───────────▼───────────┐
│ PostgreSQL │
│ Database │
└───────────────────────┘
┌─────────────────────────────┐
│ User │
└────────────┬────────────────┘
│
┌────────────▼────────────────┐
│ Digital Safety Assistant │
│ System Boundary │
└────────────┬────────────────┘
│
┌────────────▼────────────────┐
│ External Services │
│ (HIBP API, Threat Feeds) │
└─────────────────────────────┘
┌─────────────────────────────┐
│ User │
└────────────┬────────────────┘
│
┌───────────────────────┼───────────────────────┐
│ │ │
┌────────▼────────┐ ┌─────────▼─────────┐ ┌────────▼────────┐
│ Android App │ │ Web Dashboard │ │ Browser Ext. │
└────────┬────────┘ └─────────┬─────────┘ └────────┬────────┘
│ │ │
└───────────────────────┼───────────────────────┘
│
┌────────────▼────────────┐
│ Backend Services │
├─────────────────────────┤
│ Authentication Service │
│ Message Analysis │
│ URL Analysis │
│ Breach Detection │
│ Risk Scoring Engine │
│ Feedback Processing │
└────────────┬────────────┘
│
┌────────────▼────────────┐
│ Database │
└─────────────────────────┘
│
┌────────────▼────────────┐
│ External Services │
│ (HIBP API, Threat Feeds)│
└─────────────────────────┘
┌─────────────────────────────┐
│ User │
└────────────┬────────────────┘
│
┌───────────────────────┼───────────────────────┐
│ │ │
┌────────▼────────┐ ┌─────────▼─────────┐ ┌────────▼────────┐
│ Android App │ │ Web Dashboard │ │ Browser Ext. │
└────────┬────────┘ └─────────┬─────────┘ └────────┬────────┘
│ │ │
└───────────────────────┼───────────────────────┘
│
┌────────────▼────────────┐
│ System Functions │
├─────────────────────────┤
│ Register Account │
│ Login/Logout │
│ Scan Message/URL │
│ Check Email Breach │
│ Check Password Safety │
│ View Risk Score │
│ View Scan History │
│ Submit Feedback │
│ Update Privacy Set. │
└─────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ User │
├─────────────────────────────────────────────────────────────┤
│ + id: int │
│ + username: str │
│ + email: str │
│ + password_hash: str │
│ + privacy_mode: bool │
│ + created_at: datetime │
├─────────────────────────────────────────────────────────────┤
│ + register() │
│ + login() │
│ + update_privacy_settings() │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ ScanHistory │
├─────────────────────────────────────────────────────────────┤
│ + id: int │
│ + user_id: int │
│ + scan_type: str │
│ + content_hash: str │
│ + content_preview: str │
│ + result: JSON │
│ + is_anonymized: bool │
│ + timestamp: datetime │
├─────────────────────────────────────────────────────────────┤
│ + save_scan_result() │
│ + get_scan_history() │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ Feedback │
├─────────────────────────────────────────────────────────────┤
│ + id: int │
│ + user_id: int │
│ + scan_id: int │
│ + is_correct: bool │
│ + comment: str │
│ + timestamp: datetime │
├─────────────────────────────────────────────────────────────┤
│ + submit_feedback() │
│ + get_feedback() │
└─────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────┐
│ PrivacySettings │
├─────────────────────────────────────────────────────────────┤
│ + id: int │
│ + user_id: int │
│ + store_raw_content: bool │
│ + share_anonymous_data: bool │
│ + auto_delete_after_days: int │
│ + created_at: datetime │
│ + updated_at: datetime │
├─────────────────────────────────────────────────────────────┤
│ + get_settings() │
│ + update_settings() │
└─────────────────────────────────────────────────────────────┘
User->Android App: Request scan
Android App->Backend API: POST /scan/analyze
Backend API->MessageClassifier: predict(content)
MessageClassifier-->Backend API: prediction result
Backend API->URLClassifier: predict(content)
URLClassifier-->Backend API: prediction result
Backend API->BreachService: check_email_breaches(content)
BreachService-->Backend API: breach result
Backend API->RiskService: calculate_risk_score(results)
RiskService-->Backend API: risk score
Backend API->Database: save_scan_result()
Database-->Backend API: scan_id
Backend API-->Android App: ScanResult
Android App-->User: Display results
CREATE TABLE users (
id SERIAL PRIMARY KEY,
username VARCHAR(50) UNIQUE NOT NULL,
email VARCHAR(100) UNIQUE NOT NULL,
password_hash VARCHAR(255) NOT NULL,
privacy_mode BOOLEAN DEFAULT FALSE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);CREATE TABLE scan_history (
id SERIAL PRIMARY KEY,
user_id INTEGER REFERENCES users(id),
scan_type VARCHAR(20) NOT NULL,
content_hash VARCHAR(64), -- SHA-256 hash for privacy
content_preview TEXT, -- Limited content preview
result JSONB, -- Scan results in JSON format
is_anonymized BOOLEAN DEFAULT FALSE,
timestamp TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);CREATE TABLE feedback (
id SERIAL PRIMARY KEY,
user_id INTEGER REFERENCES users(id),
scan_id INTEGER REFERENCES scan_history(id),
is_correct BOOLEAN,
comment TEXT,
timestamp TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);CREATE TABLE privacy_settings (
id SERIAL PRIMARY KEY,
user_id INTEGER REFERENCES users(id) UNIQUE,
store_raw_content BOOLEAN DEFAULT FALSE,
share_anonymous_data BOOLEAN DEFAULT TRUE,
auto_delete_after_days INTEGER DEFAULT 365,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);The AI-Powered Personal Digital Safety Assistant follows a microservices architecture pattern with a centralized backend serving multiple client platforms. This design ensures:
- Scalability: Each service can be scaled independently based on demand
- Maintainability: Modular design allows for easier updates and bug fixes
- Consistency: Single source of truth for threat detection and risk scoring
- Flexibility: Easy to add new client platforms or services
- User Interaction: Users interact with any of the three client platforms (Android, Web, Browser Extension)
- Authentication: All requests are authenticated using JWT tokens
- Content Analysis: Content is sent to appropriate ML models for analysis
- Risk Scoring: Results are processed by the risk scoring engine
- Storage: Results are stored in the database with privacy-preserving techniques
- Feedback Loop: User feedback is collected and stored for model improvement
- Response: Results are returned to the client for display
- Data Protection: SHA-256 hashing for content storage
- Privacy Controls: Granular user privacy settings
- Authentication: JWT-based secure authentication
- Data Minimization: Store only necessary information
- Access Control: Role-based database access
- Encryption: TLS for all communications
- Model Training: Models are trained on publicly available datasets
- Feature Engineering: Domain-specific feature extraction for better accuracy
- Explainability: SHAP and feature importance for transparent predictions
- Continuous Learning: Feedback loop for model improvement
- Model Persistence: Proper model saving and loading mechanisms
- Content Hashing: Store SHA-256 hashes instead of raw content
- Preview Limiting: Limited previews for user reference
- Anonymization: Systematic approach to data anonymization
- User Control: Configurable auto-deletion policies
- Granular Settings: Detailed privacy controls for users
- Message Analysis: NLP-based detection using TF-IDF and machine learning models
- URL Risk Assessment: Lexical and host-based feature extraction
- Explainable AI: SHAP and feature importance for transparent predictions
- Email Breach Detection: Integration with HIBP-style API
- Password Safety: K-anonymity protocol for secure checking
- Credential Monitoring: Detection of reused or compromised credentials
- Dynamic Safety Score: Personalized cyber safety rating (0-100)
- Weighted Factors: Breach history, malicious links, suspicious messages, password reuse
- Visual Indicators: Green (safe), Yellow (moderate risk), Red (high risk)
- User Feedback: Continuous model improvement through user corrections
- SHAP Integration: Detailed feature contribution analysis
- Feature Importance: Transparent model decision-making
- Human-Readable Explanations: Natural language threat descriptions
- Content Hashing: SHA-256 hashing instead of raw content storage
- Granular Privacy Controls: User-configurable data sharing settings
- Data Minimization: Store only necessary information
- Auto-Deletion: Configurable data retention policies
- Dedicated Feedback Storage: Database table for user corrections
- UI Integration: Feedback mechanisms in all client interfaces
- False Positive/Negative Tracking: Specific model improvement tracking
- Unified Risk Engine: Single scoring algorithm across all platforms
- Consistent Detection: Same threat analysis regardless of interface
- Platform Insights: Usage analytics by device type
- Framework: FastAPI for high-performance REST API
- Database: PostgreSQL with JSONB for flexible data storage
- ML Libraries: Scikit-learn, PyTorch, XGBoost, SHAP
- Security: JWT authentication, bcrypt password hashing
- Deployment: Uvicorn ASGI server
- Android App: Flutter with Dart
- Web Dashboard: React with Chart.js
- Browser Extension: JavaScript (Manifest V3)
AI-Powered-Personal-Digital-Safety-Assistant/
├── backend/
│ ├── main.py # FastAPI application entry point
│ ├── requirements.txt # Python dependencies
│ ├── .env # Environment variables
│ ├── .env.example # Environment variable template
│ ├── init_project.py # Database initialization
│ ├── routes/ # API route handlers
│ │ ├── auth_routes.py # Authentication endpoints
│ │ ├── scan_routes.py # Scanning endpoints
│ │ └── risk_routes.py # Risk scoring endpoints
│ ├── services/ # Business logic
│ │ ├── auth_service.py # Authentication logic
│ │ ├── breach_service.py # Breach detection
│ │ └── risk_service.py # Risk scoring engine
│ ├── models/ # Machine learning models
│ │ ├── base_model.py # Abstract model base class
│ │ ├── message_classifier.py # Message analysis ML model
│ │ └── url_classifier.py # URL analysis ML model
│ ├── schemas/ # Pydantic data models
│ │ ├── auth.py # Authentication schemas
│ │ └── scan.py # Scanning schemas
│ └── utils/ # Utility functions
│ └── database.py # Database connection utilities
├── android/
│ ├── lib/
│ │ ├── main.dart # App entry point
│ │ └── screens/
│ │ └── home_screen.dart # Main app screens
│ └── pubspec.yaml # Flutter dependencies
├── web/
│ ├── src/
│ │ ├── App.js # Main React component
│ │ ├── index.js # Entry point
│ │ └── components/
│ │ ├── Dashboard.js # Dashboard component
│ │ └── Login.js # Authentication component
│ └── package.json # NPM dependencies
├── extension/
│ ├── manifest.json # Extension metadata
│ ├── popup.html # Extension popup UI
│ ├── popup.js # Popup functionality
│ ├── content.js # Content script for web pages
│ └── background.js # Background service worker
└── README.md # Project documentation
- Algorithms: Naive Bayes, SVM, LSTM, BERT
- Preprocessing: Tokenization, stopword removal, TF-IDF
- Training Data: SMS spam datasets, phishing email corpora
- Explainability: SHAP values and feature importance
- Algorithms: Decision trees, Random Forest, XGBoost
- Features: URL length, entropy, subdomain count, suspicious keywords
- Integration: Threat intelligence feeds (OpenPhish-style)
- Analysis: Lexical and host-based feature extraction
- HTTPS/TLS: All communication encrypted
- JWT Authentication: Secure token-based authentication
- Rate Limiting: Prevention of API abuse
- Input Validation: Protection against injection attacks
- Privacy Mode: User-toggleable detailed content storage
- Content Hashing: SHA-256 for privacy-preserving storage
- Data Minimization: Store only necessary information
- User Control: Full control over personal data
- Role-Based Access: Proper user permissions
- Password Hashing: bcrypt for secure password storage
- Connection Security: SSL/TLS database connections
- Audit Logging: Track API usage for security oversight
POST /auth/register # Register new user
POST /auth/login # User authentication
POST /auth/refresh # Refresh access token
POST /scan/analyze # Analyze content (message, URL, email, password)
POST /scan/feedback # Submit user feedback
GET /scan/history # Retrieve scan history
GET /scan/privacy-settings # Get privacy settings
POST /scan/privacy-settings # Update privacy settings
GET /risk/score # Get current user risk score
GET /risk/score/{user_id} # Get specific user risk score
-
Install Dependencies:
cd backend pip install -r requirements.txt -
Configure Environment:
# Copy example file and update with your values cp .env.example .env -
Initialize Database:
python init_project.py
-
Run Server:
uvicorn main:app --reload
-
Install Dependencies:
cd web npm install -
Run Development Server:
npm start
-
Install Dependencies:
cd android flutter pub get -
Run App:
flutter run
- Open Chrome/Edge and navigate to
chrome://extensions - Enable "Developer mode"
- Click "Load unpacked"
- Select the
extensiondirectory
cd backend
python -m pytest tests/cd web
npm testcd android
flutter test-
Heroku:
heroku create git push heroku main
-
AWS Elastic Beanstalk:
eb init eb create eb deploy
-
Google Cloud Run:
gcloud run deploy
-
Web Dashboard:
cd web npm run build # Deploy build/ directory to static hosting
-
Android App:
- Build APK:
flutter build apk - Publish to Google Play Store
- Build APK:
-
Browser Extension:
- Package extension
- Publish to Chrome Web Store
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
- FastAPI - Modern, fast (high-performance) web framework
- Scikit-learn - Machine learning in Python
- React - JavaScript library for building user interfaces
- Flutter - UI toolkit for building natively compiled applications
- SHAP - Game theoretic approach to explain ML models
For support, email or join our Discord community.
🛡️ Protecting users across all digital platforms 🛡️