QuantumShield is an advanced cybersecurity defense system that sits in front of your web applications. Unlike traditional WAFs that simply block attacks, QuantumShield uses machine learning to detect threats and redirects attackers to a highly realistic, LLM-powered honeypot to gather intelligence while protecting your real infrastructure.
| Category | Technology Stack |
|---|---|
| Frontend | Next.js, Tailwind CSS |
| Honeypot | Groq, FastAPI, MongoDB |
| ML Models | PyTorch, DistilBERT, XGBoost |
| Backend | Python, SendGrid |
- ML Firewall : Semantic analysis of SQLi & NoSQLi payloads using Transformer models to understand the "meaning" of an attack, catching what regex misses.
- Adaptive Honeypot : A dynamic deception engine that uses LLMs to generate realistic HTML/JSON responses on the fly. Trapped attackers never hit a dead end.
- Counter-Based Blocking : A progressive response system where attackers get 5 chances before a permanent IP ban, with persistence backed by MongoDB.
- Live Dashboard : Real-time visibility into attacks happening live, featuring session replays to analyze exactly what the attackers tried to do.
- Request Arrival: Every incoming request hits the QuantumShield smart reverse proxy.
- ML Analysis: The request is analyzed by DistilBERT models to assign a threat confidence score.
- Smart Routing:
- Safe Traffic: Forwarded seamlessly to your real application.
- Suspicious Traffic: Quietly routed to the LLM-powered honeypot.
- Malicious Traffic: Blocked immediately if the threat score is too high.
- Intelligence Gathering: Every action the attacker takes in the honeypot is logged for security analysis.
- Python 3.9+
- Node.js 18+
- MongoDB
-
Clone the repository
git clone https://github.com/yourusername/quantumshield.git cd quantumshield -
Setup the Honeypot (Gateway)
cd honeypot pip install -r requirements.txt # Add your GROQ_API_KEY to the .env file python main.py
-
Setup the Dashboard & Demo App
cd frontend npm install npm run dev
QuantumShield represents a shift from reactive defense to proactive deception. It is an essential tool for modern enterprises for several reasons:
- Detection of Zero-Day Exploits: By focusing on the semantic intent of a payload rather than known signatures, it protects against novel attacks that have no existing "patch" or rule.
- Cost & Resource Exhaustion: Attacking a system takes time and money. By engaging attackers in an LLM-powered "hallucination," we waste their resources, making your company an unprofitable and frustrating target.
- High-Fidelity Intelligence: Instead of a simple "IP Blocked" log, you receive a full report of the attacker's methodology. This data can be used to harden your internal systems against the specific techniques being used against you.
- Elimination of False Positives: Traditional WAFs often block legitimate customers due to rigid rules. QuantumShield’s ML scoring provides a more nuanced approach, ensuring your business stays open to real users.
- Scalable Security: Built on high-performance frameworks like FastAPI and Next.js, QuantumShield is designed to scale with your traffic while maintaining enterprise-grade security.