From 0dbafe6df56ff4b1b841c22df4e821d0bf314c6c Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Fri, 20 Mar 2026 11:47:29 +0000 Subject: [PATCH 1/2] Enhance security platform with Operational Security role and AI tools - Created `social_media_analyzer/operational_security.py` with AI modules for Cloud, IoT, and OpSec. - Added `/analyze/cloud`, `/analyze/iot`, and `/analyze/opsec` endpoints to Flask backend. - Integrated the new "Operational Security" role into the `OfficialAssistance.jsx` frontend. - Added interactive tool launching and results display for the new security tools. - Updated `Marketplace.jsx` to reflect the expanded support capabilities. - Added unit tests for the new backend modules. Co-authored-by: GYFX35 <134739293+GYFX35@users.noreply.github.com> --- social_media_analyzer/operational_security.py | 74 ++++++++++++++ .../test_operational_security.py | 34 +++++++ src/Marketplace.jsx | 2 +- src/OfficialAssistance.jsx | 97 ++++++++++++++++++- text_message_analyzer/app.py | 38 +++++++- 5 files changed, 242 insertions(+), 3 deletions(-) create mode 100644 social_media_analyzer/operational_security.py create mode 100644 social_media_analyzer/test_operational_security.py diff --git a/social_media_analyzer/operational_security.py b/social_media_analyzer/operational_security.py new file mode 100644 index 0000000..f799c43 --- /dev/null +++ b/social_media_analyzer/operational_security.py @@ -0,0 +1,74 @@ +import re +from sensitive_data_scanner.scanner import SENSITIVE_DATA_PATTERNS +from supply_chain_platform.security_tools import InfrastructureProtectionAI + +class CloudSecurityAI: + """AI for scanning cloud credentials and sensitive information.""" + + def scan_content(self, text_content): + findings = {} + for pattern_name, regex in SENSITIVE_DATA_PATTERNS.items(): + matches = regex.findall(text_content) + if matches: + findings[pattern_name] = matches + return findings + +class IoTSecurityAI: + """AI for monitoring IoT device telemetry and detecting anomalies.""" + + def __init__(self): + self.infra_protection = InfrastructureProtectionAI() + + def analyze_telemetry(self, device_data): + """ + Wraps the InfrastructureProtectionAI logic for IoT telemetry analysis. + """ + return self.infra_protection.detect_iot_tampering(device_data) + +class OpSecAI: + """AI for Operational Security (OpSec) analysis of logs and procedures.""" + + SUSPICIOUS_OPSEC_PATTERNS = { + "Unauthorized Login Attempt": re.compile(r"failed login|unauthorized access|invalid credentials", re.I), + "Privilege Escalation": re.compile(r"sudo usage|root access granted|privilege elevation", re.I), + "Data Exfiltration Pattern": re.compile(r"large outbound transfer|data dump|exfiltrating", re.I), + "Internal Scan Activity": re.compile(r"nmap scan|port sweep|internal reconnaissance", re.I), + "Insecure Communication": re.compile(r"http transfer|unencrypted channel|plaintext password", re.I) + } + + def analyze_logs(self, log_entries): + """ + Analyzes a list of log strings for operational security risks. + """ + risk_score = 0 + findings = [] + + log_blob = "\n".join(log_entries) + + for threat_name, regex in self.SUSPICIOUS_OPSEC_PATTERNS.items(): + matches = regex.findall(log_blob) + if matches: + findings.append(f"{threat_name} detected: {len(matches)} occurrences.") + risk_score += len(matches) * 2 + + if not findings: + return {"status": "SECURE", "score": 0, "findings": ["No operational security threats detected."]} + else: + status = "CRITICAL" if risk_score > 10 else "WARNING" + return { + "status": status, + "score": min(risk_score, 100), + "findings": findings + } + +def analyze_cloud_security(content): + scanner = CloudSecurityAI() + return scanner.scan_content(content) + +def analyze_iot_security(device_data): + scanner = IoTSecurityAI() + return scanner.analyze_telemetry(device_data) + +def analyze_opsec_security(logs): + scanner = OpSecAI() + return scanner.analyze_logs(logs) diff --git a/social_media_analyzer/test_operational_security.py b/social_media_analyzer/test_operational_security.py new file mode 100644 index 0000000..ce7bd4a --- /dev/null +++ b/social_media_analyzer/test_operational_security.py @@ -0,0 +1,34 @@ +import unittest +from social_media_analyzer.operational_security import CloudSecurityAI, IoTSecurityAI, OpSecAI + +class TestOperationalSecurity(unittest.TestCase): + def test_cloud_security_scan(self): + ai = CloudSecurityAI() + content = "My AWS Key is AKIA1234567890ABCDEF" + findings = ai.scan_content(content) + self.assertIn("AWS Access Key ID", findings) + self.assertEqual(findings["AWS Access Key ID"], ["AKIA1234567890ABCDEF"]) + + def test_iot_security_analyze(self): + ai = IoTSecurityAI() + # Test warning case + device_data = {'voltage': 2.5, 'temperature': 80, 'rssi': -95} + result = ai.analyze_telemetry(device_data) + self.assertEqual(result["status"], "WARNING") + self.assertTrue(len(result["findings"]) > 0) + + # Test secure case + secure_data = {'voltage': 3.3, 'temperature': 25, 'rssi': -50} + result = ai.analyze_telemetry(secure_data) + self.assertEqual(result["status"], "SECURE") + + def test_opsec_analyze(self): + ai = OpSecAI() + logs = ["unauthorized access attempt", "nmap scan detected"] + result = ai.analyze_logs(logs) + self.assertEqual(result["status"], "WARNING") + self.assertTrue(any("Unauthorized Login Attempt" in f for f in result["findings"])) + self.assertTrue(any("Internal Scan Activity" in f for f in result["findings"])) + +if __name__ == "__main__": + unittest.main() diff --git a/src/Marketplace.jsx b/src/Marketplace.jsx index 912c0c1..a19a5a8 100644 --- a/src/Marketplace.jsx +++ b/src/Marketplace.jsx @@ -40,7 +40,7 @@ const tools = [ { id: 'assistance', name: 'Official Assistance', - description: 'Integrated support tools for Police, Military, and Gendarmerie.', + description: 'Integrated support tools for Police, Military, Gendarmerie, and Operational Security.', icon: '🛡️' } ]; diff --git a/src/OfficialAssistance.jsx b/src/OfficialAssistance.jsx index 95c4bee..e3eae9c 100644 --- a/src/OfficialAssistance.jsx +++ b/src/OfficialAssistance.jsx @@ -30,11 +30,63 @@ const assistanceRoles = { { id: 'traffic', name: 'Traffic Management', icon: '🚦', desc: 'Coordination of road safety and major transit routes.' }, { id: 'response', name: 'Specialized Response', icon: '🚨', desc: 'Elite units for counter-terrorism and high-risk interventions.' } ] + }, + opsec: { + title: 'Operational Security', + icon: '🔐', + description: 'Cloud, IoT, and AI-driven security operations for modern infrastructure.', + tools: [ + { id: 'cloud_guard', name: 'Cloud Guard', icon: '☁️', desc: 'AI scanner for leaked credentials and sensitive cloud data.' }, + { id: 'iot_shield', name: 'IoT Shield', icon: '🌐', desc: 'Real-time anomaly detection for industrial IoT networks.' }, + { id: 'opsec_analyzer', name: 'OpSec Analyzer', icon: '🕵️', desc: 'AI-driven analysis of operational logs for procedural threats.' } + ] } }; export default function OfficialAssistance() { const [activeRole, setActiveRole] = useState('police'); + const [analysisResult, setAnalysisResult] = useState(null); + const [loading, setLoading] = useState(false); + + const handleLaunch = async (toolId, toolName) => { + if (!['cloud_guard', 'iot_shield', 'opsec_analyzer'].includes(toolId)) { + alert(`Launching ${toolName}... (Simulation mode)`); + return; + } + + setLoading(true); + setAnalysisResult(null); + + try { + let endpoint = ''; + let body = {}; + + if (toolId === 'cloud_guard') { + endpoint = '/analyze/cloud'; + body = { content: "Sample content with simulated AWS key: AKIA1234567890ABCDEF and Google API Key: AIzaSyA12345678901234567890123456789012" }; + } else if (toolId === 'iot_shield') { + endpoint = '/analyze/iot'; + body = { device_data: { voltage: 2.6, temperature: 82, rssi: -95 } }; + } else if (toolId === 'opsec_analyzer') { + endpoint = '/analyze/opsec'; + body = { logs: ["unauthorized access attempt", "nmap scan detected", "large outbound transfer", "sudo usage"] }; + } + + const response = await fetch(endpoint, { + method: 'POST', + headers: { 'Content-Type': 'application/json' }, + body: JSON.stringify(body) + }); + + const data = await response.json(); + setAnalysisResult({ title: toolName, data }); + } catch (error) { + console.error("Error launching tool:", error); + alert("Failed to connect to security backend. Make sure the Flask server is running."); + } finally { + setLoading(false); + } + }; return (
@@ -63,10 +115,24 @@ export default function OfficialAssistance() {

{tool.name}

{tool.desc}

- + ))} + + {analysisResult && ( +
+

{analysisResult.title} - AI Analysis Output

+ 
{JSON.stringify(analysisResult.data, null, 2)}
+ +
+ )} ); diff --git a/text_message_analyzer/app.py b/text_message_analyzer/app.py index 2ab7237..1023f71 100644 --- a/text_message_analyzer/app.py +++ b/text_message_analyzer/app.py @@ -1,5 +1,11 @@ from flask import Flask, request, jsonify -from social_media_analyzer import scam_detector, fake_news_detector, ai_content_detector, fake_content_verifier +from social_media_analyzer import ( + scam_detector, + fake_news_detector, + ai_content_detector, + fake_content_verifier, + operational_security +) import os app = Flask(__name__) @@ -51,6 +57,36 @@ def analyze_fake_content(): result = fake_content_verifier.analyze_text_for_fake_content(text_to_analyze) return jsonify(result) +@app.route('/analyze/cloud', methods=['POST']) +def analyze_cloud(): + data = request.get_json() + if not data or 'content' not in data: + return jsonify({"error": "Missing 'content' in request body"}), 400 + + content = data['content'] + result = operational_security.analyze_cloud_security(content) + return jsonify(result) + +@app.route('/analyze/iot', methods=['POST']) +def analyze_iot(): + data = request.get_json() + if not data or 'device_data' not in data: + return jsonify({"error": "Missing 'device_data' in request body"}), 400 + + device_data = data['device_data'] + result = operational_security.analyze_iot_security(device_data) + return jsonify(result) + +@app.route('/analyze/opsec', methods=['POST']) +def analyze_opsec(): + data = request.get_json() + if not data or 'logs' not in data: + return jsonify({"error": "Missing 'logs' in request body"}), 400 + + logs = data['logs'] + result = operational_security.analyze_opsec_security(logs) + return jsonify(result) + if __name__ == '__main__': app.run(debug=True) From a0b03eb5f05e1b66cae60523aeee5c5be212c67c Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Fri, 20 Mar 2026 12:09:38 +0000 Subject: [PATCH 2/2] Refine Operational Security role with redaction and better validation - Implemented credential redaction in `CloudSecurityAI` to avoid exposing full secrets. - Added robust error handling and type validation to Flask security endpoints. - Refactored `OfficialAssistance.jsx` to move tool configurations into a declarative structure. - Replaced realistic-looking simulated credentials with obviously fake ones. - Updated unit tests to verify redaction logic. Co-authored-by: GYFX35 <134739293+GYFX35@users.noreply.github.com> --- social_media_analyzer/operational_security.py | 9 ++- .../test_operational_security.py | 3 +- src/OfficialAssistance.jsx | 55 +++++++++++-------- text_message_analyzer/app.py | 24 ++++++-- 4 files changed, 59 insertions(+), 32 deletions(-) diff --git a/social_media_analyzer/operational_security.py b/social_media_analyzer/operational_security.py index f799c43..ac48dde 100644 --- a/social_media_analyzer/operational_security.py +++ b/social_media_analyzer/operational_security.py @@ -5,12 +5,19 @@ class CloudSecurityAI: """AI for scanning cloud credentials and sensitive information.""" + def _redact(self, value): + """Redacts a sensitive string, keeping only the first 4 and last 4 characters.""" + if len(value) <= 10: + return "****" + return f"{value[:4]}...{value[-4:]}" + def scan_content(self, text_content): findings = {} for pattern_name, regex in SENSITIVE_DATA_PATTERNS.items(): matches = regex.findall(text_content) if matches: - findings[pattern_name] = matches + # Redact each match to avoid full exposure + findings[pattern_name] = [self._redact(m) for m in matches] return findings class IoTSecurityAI: diff --git a/social_media_analyzer/test_operational_security.py b/social_media_analyzer/test_operational_security.py index ce7bd4a..4b0c84e 100644 --- a/social_media_analyzer/test_operational_security.py +++ b/social_media_analyzer/test_operational_security.py @@ -7,7 +7,8 @@ def test_cloud_security_scan(self): content = "My AWS Key is AKIA1234567890ABCDEF" findings = ai.scan_content(content) self.assertIn("AWS Access Key ID", findings) - self.assertEqual(findings["AWS Access Key ID"], ["AKIA1234567890ABCDEF"]) + # Verify redaction: AKIA1234567890ABCDEF -> AKIA...CDEF + self.assertEqual(findings["AWS Access Key ID"], ["AKIA...CDEF"]) def test_iot_security_analyze(self): ai = IoTSecurityAI() diff --git a/src/OfficialAssistance.jsx b/src/OfficialAssistance.jsx index e3eae9c..4eb1cd4 100644 --- a/src/OfficialAssistance.jsx +++ b/src/OfficialAssistance.jsx @@ -36,9 +36,30 @@ const assistanceRoles = { icon: '🔐', description: 'Cloud, IoT, and AI-driven security operations for modern infrastructure.', tools: [ - { id: 'cloud_guard', name: 'Cloud Guard', icon: '☁️', desc: 'AI scanner for leaked credentials and sensitive cloud data.' }, - { id: 'iot_shield', name: 'IoT Shield', icon: '🌐', desc: 'Real-time anomaly detection for industrial IoT networks.' }, - { id: 'opsec_analyzer', name: 'OpSec Analyzer', icon: '🕵️', desc: 'AI-driven analysis of operational logs for procedural threats.' } + { + id: 'cloud_guard', + name: 'Cloud Guard', + icon: '☁️', + desc: 'AI scanner for leaked credentials and sensitive cloud data.', + endpoint: '/analyze/cloud', + getPayload: () => ({ content: "Cloud scan simulation with fake AWS key: AKIA0000000000000000 and fake Google API Key: AIza00000000000000000000000000000000000" }) + }, + { + id: 'iot_shield', + name: 'IoT Shield', + icon: '🌐', + desc: 'Real-time anomaly detection for industrial IoT networks.', + endpoint: '/analyze/iot', + getPayload: () => ({ device_data: { voltage: 2.6, temperature: 82, rssi: -95 } }) + }, + { + id: 'opsec_analyzer', + name: 'OpSec Analyzer', + icon: '🕵️', + desc: 'AI-driven analysis of operational logs for procedural threats.', + endpoint: '/analyze/opsec', + getPayload: () => ({ logs: ["unauthorized access attempt", "nmap scan detected", "large outbound transfer", "sudo usage"] }) + } ] } }; @@ -48,9 +69,9 @@ export default function OfficialAssistance() { const [analysisResult, setAnalysisResult] = useState(null); const [loading, setLoading] = useState(false); - const handleLaunch = async (toolId, toolName) => { - if (!['cloud_guard', 'iot_shield', 'opsec_analyzer'].includes(toolId)) { - alert(`Launching ${toolName}... (Simulation mode)`); + const handleLaunch = async (tool) => { + if (!tool.endpoint) { + alert(`Launching ${tool.name}... (Simulation mode)`); return; } @@ -58,28 +79,14 @@ export default function OfficialAssistance() { setAnalysisResult(null); try { - let endpoint = ''; - let body = {}; - - if (toolId === 'cloud_guard') { - endpoint = '/analyze/cloud'; - body = { content: "Sample content with simulated AWS key: AKIA1234567890ABCDEF and Google API Key: AIzaSyA12345678901234567890123456789012" }; - } else if (toolId === 'iot_shield') { - endpoint = '/analyze/iot'; - body = { device_data: { voltage: 2.6, temperature: 82, rssi: -95 } }; - } else if (toolId === 'opsec_analyzer') { - endpoint = '/analyze/opsec'; - body = { logs: ["unauthorized access attempt", "nmap scan detected", "large outbound transfer", "sudo usage"] }; - } - - const response = await fetch(endpoint, { + const response = await fetch(tool.endpoint, { method: 'POST', headers: { 'Content-Type': 'application/json' }, - body: JSON.stringify(body) + body: JSON.stringify(tool.getPayload()) }); const data = await response.json(); - setAnalysisResult({ title: toolName, data }); + setAnalysisResult({ title: tool.name, data }); } catch (error) { console.error("Error launching tool:", error); alert("Failed to connect to security backend. Make sure the Flask server is running."); @@ -117,7 +124,7 @@ export default function OfficialAssistance() {