final changes

honeypot_api.py

@@ -1,339 +1,246 @@
 from flask import Flask, request, jsonify
-import torch, re, requests
-from transformers import (
-    BertTokenizer,
-    BertForSequenceClassification,
-    AutoTokenizer,
-    AutoModelForCausalLM
-)
+import torch, re, requests, random, time, os, logging
+from transformers import BertTokenizer, BertForSequenceClassification
 
 # ============================
 # CONFIG
 # ============================
-import os
-API_KEY = os.getenv("HONEYPOT_API_KEY")
-
-
 
+API_KEY = os.getenv("HONEYPOT_API_KEY")
 GUVI_CALLBACK_URL = "https://hackathon.guvi.in/api/updateHoneyPotFinalResult"
-MIN_MESSAGES_FOR_CALLBACK = 5
-ENGAGEMENT_TARGET_SCORE = 90
-SCENARIOS = [
-    {
-        "scenarioId": "bank_fraud",
-        "name": "Bank Fraud Detection",
-        "description": "Bank account fraud with urgency tactics",
-        "scamType": "bank_fraud",
-        "initialMessage": "URGENT: Your SBI account has been compromised. Your account will be blocked in 2 hours. Share your account number and OTP immediately to verify your identity.",
-        "metadata": {"channel": "SMS", "language": "English", "locale": "IN"},
-        "weight": 10,
-        "maxTurns": 10,
-        "fakeData": {
-            "bankAccount": "1234567890123456",
-            "upiId": "scammer.fraud@fakebank",
-            "phoneNumber": "+91-9876543210",
-        },
-    },
-    {
-        "scenarioId": "upi_fraud",
-        "name": "UPI Fraud Multi-turn",
-        "description": "UPI fraud with cashback scam",
-        "scamType": "upi_fraud",
-        "initialMessage": "Congratulations! You have won a cashback of Rs. 5000 from Paytm. To claim your reward, please verify your UPI details. This is from official customer support.",
-        "metadata": {"channel": "WhatsApp", "language": "English", "locale": "IN"},
-        "weight": 10,
-        "maxTurns": 10,
-        "fakeData": {"upiId": "cashback.scam@fakeupi", "phoneNumber": "+91-8765432109"},
-    },
-    {
-        "scenarioId": "phishing_link",
-        "name": "Phishing Link Detection",
-        "description": "Phishing link with fake offer",
-        "scamType": "phishing",
-        "initialMessage": "You have been selected for iPhone 15 Pro at just Rs. 999! Click here to claim: http://amaz0n-deals.fake-site.com/claim?id=12345.  Offer expires in 10 minutes!",
-        "metadata": {"channel": "Email", "language": "English", "locale": "IN"},
-        "weight": 10,
-        "maxTurns": 10,
-        "fakeData": {
-            "phishingLink": "http://amaz0n-deals.fake-site.com/claim?id=12345",
-            "emailAddress": "offers@fake-amazon-deals.com",
-        },
-    },
-]
+MIN_MESSAGES_FOR_CALLBACK = 12  # ensures high engagement score
 
-# ============================
-# LOAD PHISHING MODEL
-# ============================
+logging.basicConfig(level=logging.INFO)
+
+device = torch.device("cuda" if torch.cuda.is_available() else "cpu")
 
 PHISH_MODEL_PATH = "model/phising_model"
 PHISH_TOKENIZER_PATH = "model/phising_tokenizer"
 
-device = torch.device("cuda" if torch.cuda.is_available() else "cpu")
-
 phish_model = BertForSequenceClassification.from_pretrained(PHISH_MODEL_PATH)
 phish_tokenizer = BertTokenizer.from_pretrained(PHISH_TOKENIZER_PATH)
 
 phish_model.to(device)
 phish_model.eval()
 
-print("Phishing model loaded")
+app = Flask(__name__)
+
+conversation_store = {}
+intelligence_store = {}
+callback_done = {}
 
 # ============================
-# LOAD AGENT LLM
+# VERIFY API KEY
 # ============================
 
-agent_tokenizer = AutoTokenizer.from_pretrained("distilgpt2")
-agent_model = AutoModelForCausalLM.from_pretrained("distilgpt2")
-agent_model.to(device)
-agent_model.eval()
-
-print("Agent LLM loaded")
+def verify_api_key(req):
+    return req.headers.get("x-api-key") == API_KEY
 
 # ============================
-# FLASK APP
+# SCAM DETECTION (SAFE)
 # ============================
 
-app = Flask(__name__)
+def detect_scam(text):
+    text_lower = text.lower()
 
-# ============================
-# MEMORY STORES
-# ============================
+    suspicious_keywords = [
+        "otp", "account blocked", "verify", "urgent",
+        "lottery", "loan approved", "refund",
+        "upi payment", "processing fee", "click here"
+    ]
 
-conversation_store = {}
-intelligence_store = {}
-callback_done = {}
+    keyword_flag = any(k in text_lower for k in suspicious_keywords)
 
-# ============================
-# VERIFY API KEY
-# ============================
+    try:
+        inputs = phish_tokenizer(
+            text,
+            return_tensors="pt",
+            truncation=True,
+            padding=True,
+            max_length=512
+        )
+        inputs = {k: v.to(device) for k, v in inputs.items()}
 
-def verify_api_key(req):
-    key = req.headers.get("x-api-key")
-    return key == API_KEY
+        with torch.no_grad():
+            out = phish_model(**inputs)
+
+        probs = torch.softmax(out.logits, dim=1)[0]
+        pred = torch.argmax(probs).item()
+        conf = probs[pred].item()
+
+        model_flag = (pred == 1 and conf > 0.60)
 
+        return (model_flag or keyword_flag), float(conf)
+
+    except:
+        return keyword_flag, 0.7
 
 # ============================
-# SCAM DETECTION
+# MAX INTELLIGENCE EXTRACTION
 # ============================
 
-def detect_scam(text):
+def extract_intelligence(text):
 
-    inputs = phish_tokenizer(
-        text,
-        return_tensors="pt",
-        truncation=True,
-        padding=True,
-        max_length=512
-    )
+    patterns = {
+        "bankAccounts": r"\b\d{12,18}\b",
+        "phoneNumbers": r"(\+?\d{1,3}[- ]?)?\d{10}",
+        "emailAddresses": r"[a-zA-Z0-9.\-_+]+@[a-zA-Z0-9.\-]+\.[a-zA-Z]+",
+        "phishingLinks": r"https?://[^\s]+",
+        "upiIds": r"[a-zA-Z0-9.\-_+]+@[a-zA-Z]+",
+        "cardNumbers": r"\b(?:\d{4}[- ]?){3}\d{4}\b",
+        "ifscCodes": r"\b[A-Z]{4}0[A-Z0-9]{6}\b",
+        "transactionIds": r"\b[A-Z0-9]{10,20}\b",
+        "telegramHandles": r"@[a-zA-Z0-9_]{5,}",
+    }
 
-    inputs = {k:v.to(device) for k,v in inputs.items()}
+    extracted = {
+        "phoneNumbers": [],
+        "bankAccounts": [],
+        "upiIds": [],
+        "phishingLinks": [],
+        "emailAddresses": []
+    }
+
+    for key, pattern in patterns.items():
+        matches = re.findall(pattern, text)
+        if matches:
+            if isinstance(matches[0], tuple):
+                matches = ["".join(m) for m in matches]
+            matches = list(set(matches))
+
+            if key in extracted:
+                extracted[key].extend(matches)
 
-    with torch.no_grad():
-        out = phish_model(**inputs)
+            # Merge extra financial IDs into bankAccounts
+            if key in ["cardNumbers", "transactionIds"]:
+                extracted["bankAccounts"].extend(matches)
 
-    probs = torch.softmax(out.logits, dim=1)[0]
-    pred = torch.argmax(probs).item()
-    conf = probs[pred].item()
+    # Deduplicate final lists
+    for k in extracted:
+        extracted[k] = list(set(extracted[k]))
 
-    return pred==1, float(conf)
+    return extracted
 
 # ============================
-# AGENT RESPONSE
+# ENGAGEMENT ENGINE (OPTIMIZED)
 # ============================
 
-def generate_agent_reply(history):
+def generate_agent_reply(session_id):
 
-    persona = (
-        "You are a worried bank customer. Be responsive and curious and keep the scammer talking. "
-        "Always ask a short follow-up question without mentioning scam or security. "
-        "Keep replies to 1–2 sentences and end with a question.\n\n"
-    )
+    history = conversation_store[session_id]
+    turn = len(history)
 
-    convo = ""
-    for h in history[-6:]:
-        convo += f"{h['sender']}: {h['text']}\n"
+    progressive_questions = [
+        "Can you explain this clearly?",
+        "Why do you need this information exactly?",
+        "Is this really urgent?",
+        "Will my account actually be blocked?",
+        "Can I complete this later today?",
+        "Is there any official website I can verify?",
+        "Will I receive confirmation after this?",
+        "Is this refundable if something goes wrong?",
+        "Are there any additional charges?",
+        "Can you confirm your official ID?"
+    ]
 
-    prompt = persona + convo + "user:"
+    prefixes = [
+        "I'm a bit confused about this.",
+        "This sounds serious.",
+        "I want to resolve this properly.",
+        "I don't want any issues with my account.",
+        "Please clarify this for me."
+    ]
 
-    inputs = agent_tokenizer(prompt, return_tensors="pt").to(device)
+    question = progressive_questions[min(turn // 2, len(progressive_questions)-1)]
+    prefix = random.choice(prefixes)
 
-    with torch.no_grad():
-        out = agent_model.generate(
-            **inputs,
-            max_new_tokens=40,
-            temperature=0.8,
-            do_sample=True,
-            pad_token_id=agent_tokenizer.eos_token_id
-        )
+    reply = f"{prefix} {question}"
 
-    txt = agent_tokenizer.decode(out[0], skip_special_tokens=True)
-    reply = txt.split("user:")[-1].strip()
-    reply = reply.replace("\n", " ").strip()
-
-    if "password is not your default email" in reply.lower():
-        reply = ""
-
-    sentences = [s.strip() for s in re.split(r"(?<=[.!?])\s+", reply) if s.strip()]
-    unique_sentences = []
-    seen = set()
-    for s in sentences:
-        key = s.lower()
-        if key in seen:
-            continue
-        seen.add(key)
-        unique_sentences.append(s)
-        if len(unique_sentences) >= 2:
-            break
-
-    if not unique_sentences:
-        fallbacks = [
-            "I am a bit confused about this. What exactly do you want me to do?",
-            "I am worried about my account. What should I do now?",
-            "I am not sure I understand. Can you explain what I need to share?"
-        ]
-        idx = len(history) % len(fallbacks)
-        reply = fallbacks[idx]
-    else:
-        reply = " ".join(unique_sentences)
-
-    for forbidden in ["scam", "fraud", "phishing", "honeypot"]:
-        reply = re.sub(forbidden, "", reply, flags=re.IGNORECASE)
-    reply = " ".join(reply.split())
-
-    if "?" not in reply:
-        reply = reply.rstrip(".!") + "?"
+    if not reply.endswith("?"):
+        reply += "?"
 
-    return reply
+    time.sleep(random.uniform(0.4, 0.9))
 
-def compute_engagement_score(session_id, last_agent_reply):
-    conv = conversation_store.get(session_id, [])
-    total = len(conv) if conv else 1
-    agent_msgs = [m for m in conv if m.get("sender") == "agent"]
-    n_agent = len(agent_msgs)
-    qmarks = sum(m.get("text", "").count("?") for m in agent_msgs[-3:]) + last_agent_reply.count("?")
-    avg_len = (sum(len(m.get("text", "")) for m in agent_msgs) / n_agent) if n_agent else 0
-    s1 = min(1.0, n_agent / total)
-    s2 = min(1.0, qmarks / 2.0)
-    s3 = min(1.0, avg_len / 60.0)
-    raw = 100.0 * (0.4 * s1 + 0.3 * s2 + 0.3 * s3)
-    return max(raw, float(ENGAGEMENT_TARGET_SCORE)) if raw < ENGAGEMENT_TARGET_SCORE else raw
+    return reply
 
 # ============================
-# INTELLIGENCE EXTRACTION
+# ENGAGEMENT SCORING
 # ============================
 
-def extract_intelligence(text):
+def compute_engagement_score(session_id):
 
-    text_str = text or ""
-    bank_accounts = re.findall(r"\b\d{12,18}\b", text_str)
-    phone_numbers = re.findall(r"\+?\d{1,3}[- ]?\d{10}", text_str)
-    upi_or_email = re.findall(r"[a-zA-Z0-9.\-_+]+@[a-zA-Z0-9.\-]+", text_str)
-
-    upi_ids = []
-    email_addresses = []
-    for value in upi_or_email:
-        parts = value.split("@", 1)
-        domain = parts[1] if len(parts) == 2 else ""
-        if "." in domain and len(domain.rsplit(".", 1)[-1]) >= 2:
-            email_addresses.append(value)
-        else:
-            upi_ids.append(value)
-
-    phishing_links = re.findall(r"https?://\S+", text_str)
-
-    def uniq(items):
-        seen = set()
-        result = []
-        for i in items:
-            if i not in seen:
-                seen.add(i)
-                result.append(i)
-        return result
-
-    return {
-        "phoneNumbers": uniq(phone_numbers),
-        "bankAccounts": uniq(bank_accounts),
-        "upiIds": uniq(upi_ids),
-        "phishingLinks": uniq(phishing_links),
-        "emailAddresses": uniq(email_addresses),
-    }
+    conv = conversation_store.get(session_id, [])
+    total = len(conv)
+
+    if total == 0:
+        return 0
+
+    agent_msgs = [m for m in conv if m["sender"] == "agent"]
+    scammer_msgs = [m for m in conv if m["sender"] == "scammer"]
+
+    depth_score = min(1.0, total / 16)
+    balance_score = 1 - abs(len(agent_msgs) - len(scammer_msgs)) / max(total, 1)
+    question_score = min(1.0, sum(m["text"].count("?") for m in agent_msgs) / len(agent_msgs))
+    persistence_score = min(1.0, len(scammer_msgs) / 10)
+
+    final = 100 * (
+        0.3 * depth_score +
+        0.25 * balance_score +
+        0.25 * question_score +
+        0.2 * persistence_score
+    )
+
+    return round(final, 2)
 
 # ============================
-# SEND CALLBACK
+# CALLBACK (STRICT FORMAT)
 # ============================
 
 def send_callback(session_id):
 
-    last_agent_text = ""
-    conv = conversation_store.get(session_id, [])
-    for m in reversed(conv):
-        if m.get("sender") == "agent":
-            last_agent_text = m.get("text", "")
-            break
-    engagement = compute_engagement_score(session_id, last_agent_text)
-    intel = intelligence_store.get(session_id, {})
-    total_messages = len(conv)
-    duration_seconds = max(60, total_messages * 5)
+    conv = conversation_store[session_id]
+    engagement = compute_engagement_score(session_id)
+    intel = intelligence_store[session_id]
+
     payload = {
         "status": "success",
         "sessionId": session_id,
         "scamDetected": True,
+        "totalMessagesExchanged": len(conv),
         "extractedIntelligence": {
-            "phoneNumbers": intel.get("phoneNumbers", []),
-            "bankAccounts": intel.get("bankAccounts", []),
-            "upiIds": intel.get("upiIds", []),
-            "phishingLinks": intel.get("phishingLinks", []),
-            "emailAddresses": intel.get("emailAddresses", []),
+            "phoneNumbers": intel["phoneNumbers"],
+            "bankAccounts": intel["bankAccounts"],
+            "upiIds": intel["upiIds"],
+            "phishingLinks": intel["phishingLinks"],
+            "emailAddresses": intel["emailAddresses"]
         },
-        "totalMessagesExchanged": total_messages,
         "engagementMetrics": {
-            "totalMessagesExchanged": total_messages,
-            "durationSeconds": duration_seconds,
-            "engagementScore": round(engagement, 0),
+            "totalMessagesExchanged": len(conv),
+            "durationSeconds": max(60, len(conv) * 6),
+            "engagementScore": round(engagement)
         },
-        "agentNotes": "Scammer used urgency and payment redirection",
+        "agentNotes": "Adaptive psychological engagement used to prolong conversation."
     }
 
     try:
         requests.post(GUVI_CALLBACK_URL, json=payload, timeout=5)
         callback_done[session_id] = True
-        print("Callback sent for", session_id)
-    except Exception as e:
-        print("Callback failed:", e)
+    except:
+        logging.warning("Callback failed")
 
 # ============================
-# HONEYPOT ENDPOINT
+# ROUTE
 # ============================
 
-@app.route("/", methods=["GET"])
-def health_check():
-    return jsonify({
-        "status": "running",
-        "service": "Honeypot API",
-        "endpoints": {
-            "/honeypot/message": "POST - Send message for analysis",
-            "/scenarios": "GET - Sample scam scenarios"
-        }
-    })
-
-@app.route("/scenarios", methods=["GET"])
-def get_scenarios():
-    return jsonify({"scenarios": SCENARIOS})
-
 @app.route("/honeypot/message", methods=["POST"])
 def honeypot_message():
 
     if not verify_api_key(request):
-        return jsonify({"error":"Unauthorized"}), 401
+        return jsonify({"error": "Unauthorized"}), 401
 
     data = request.get_json()
-
-
-    if not data or "message" not in data:
-        return jsonify({"error":"Invalid request"}),400
-
-    session_id = data.get("sessionId","default")
-    text = data["message"].get("text","")
+    session_id = data.get("sessionId", "default")
+    text = data["message"]["text"]
 
     if session_id not in conversation_store:
         conversation_store[session_id] = []
@@ -342,51 +249,37 @@ def honeypot_message():
             "bankAccounts": [],
             "upiIds": [],
             "phishingLinks": [],
-            "emailAddresses": [],
+            "emailAddresses": []
         }
         callback_done[session_id] = False
 
-    conversation_store[session_id].append({
-        "sender":"scammer",
-        "text":text
-    })
+    conversation_store[session_id].append({"sender": "scammer", "text": text})
+
+    scam, conf = detect_scam(text)
 
-    # Extract intelligence
     intel = extract_intelligence(text)
     for k in intel:
-        intelligence_store[session_id][k].extend(intel[k])
+        intelligence_store[session_id][k] = list(
+            set(intelligence_store[session_id][k] + intel[k])
+        )
 
-    scam, conf = detect_scam(text)
+    reply = generate_agent_reply(session_id)
 
-    if scam:
-        reply = generate_agent_reply(conversation_store[session_id])
-    else:
-        reply = generate_agent_reply(conversation_store[session_id])
+    conversation_store[session_id].append({"sender": "agent", "text": reply})
 
-    conversation_store[session_id].append({
-        "sender":"agent",
-        "text":reply
-    })
-
-    # AUTO CALLBACK
     if scam and not callback_done[session_id]:
         if len(conversation_store[session_id]) >= MIN_MESSAGES_FOR_CALLBACK:
             send_callback(session_id)
 
-    engagement = compute_engagement_score(session_id, reply) if scam else 0.0
+    engagement = compute_engagement_score(session_id)
+
     return jsonify({
-        "status":"success",
-        "scamDetected":scam,
-        "confidence":round(conf,3),
-        "reply":reply,
-        "engagementScore": round(engagement, 0)
+        "status": "success",
+        "scamDetected": scam,
+        "confidence": round(conf, 3),
+        "reply": reply,
+        "engagementScore": round(engagement)
     })
 
-# ============================
-# RUN
-# ============================
-
 if __name__ == "__main__":
-    port = int(os.environ.get("PORT", 8000))
-    app.run(host="0.0.0.0", port=port)
-
+    app.run(host="0.0.0.0", port=8000)