khasinski
diff --git a/‎.gitignore‎
Lines changed: 24 additions & 0 deletions b/‎.gitignore‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 55 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 55 additions & 0 deletions
diff --git a/‎Gemfile‎
Lines changed: 9 additions & 0 deletions b/‎Gemfile‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎LICENSE.txt‎
Lines changed: 21 additions & 0 deletions b/‎LICENSE.txt‎
Lines changed: 21 additions & 0 deletions
@@ -0,0 +1,24 @@
+# Bundler
+Gemfile.lock
+
+# RSpec
+spec/examples.txt
+
+# Model data (downloaded from HuggingFace)
+data/*.onnx
+data/*.bin
+data/*.json
+!data/README.md
+
+# Gem build artifacts
+*.gem
+pkg/
+
+# IDE
+.idea/
+.vscode/
+*.swp
+*.swo
+
+# macOS
+.DS_Store
@@ -0,0 +1,55 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.9.0] - 2025-01-17
+
+### Added
+
+- **Core Classification Engine**
+  - Model2Vec-based text embeddings via ONNX Runtime
+  - KNN classifier with cosine similarity for attack detection
+  - Support for 8 attack types: SQLi, XSS, path traversal, command injection, credential stuffing, spam bots, scanners, and clean traffic
+
+- **Rails Integration**
+  - Rack middleware for automatic request classification
+  - Controller concern with `protect_from_attacks` DSL
+  - Configurable actions: `:block`, `:log`, `:challenge`
+  - Callbacks for attack detection and monitoring
+
+- **Storage Options**
+  - In-memory mode (default): ~2ms latency, ~30MB RAM
+  - Database mode: PostgreSQL + pgvector via neighbor gem
+
+- **Auto-Download**
+  - Model files automatically downloaded from HuggingFace on first use
+  - Hosted at [huggingface.co/khasinski/ai-bouncer](https://huggingface.co/khasinski/ai-bouncer)
+
+- **Generators**
+  - `rails generate ai_bouncer:install` - Creates initializer
+  - `rails generate ai_bouncer:migration` - Creates pgvector migration
+
+- **Rake Tasks**
+  - `ai_bouncer:download` - Download model files
+  - `ai_bouncer:seed` - Seed database with attack patterns
+  - `ai_bouncer:stats` - Show pattern statistics
+  - `ai_bouncer:test` - Test classification
+  - `ai_bouncer:benchmark` - Benchmark performance
+
+### Model
+
+- 3,053 attack pattern vectors
+- Trained on SecLists, CSIC 2010, ModSecurity CRS, and real nginx logs
+- 92%+ accuracy on test set
+
+## [Unreleased]
+
+### Planned
+
+- Rate limiting integration
+- IP reputation scoring
+- Custom pattern training interface
+- Prometheus metrics export
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+gemspec
+
+gem "rake", "~> 13.0"
+gem "rspec", "~> 3.0"
+gem "rubocop", "~> 1.0"
@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2025 Chris Hasinski
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.