French version : here
- 🌟 Introduction
- 🛠️ Features
- 📸 Detectish: What Does It Look Like?
- 🚀 Analysis Performance
- 🏗️ Setup and Configuration
- 👥 Authors
⚠️ Disclaimer
Detectish is a containerized solution that sets up an email analysis infrastructure using various technologies. With this solution, you can view the analysis results, see which tests failed, and check the list of quarantined emails. For users with limited cybersecurity knowledge, we have integrated Mistral AI (via an API token) that provides detailed explanations of why certain tests failed and why an email was quarantined.
Detectish analyzes emails using multiple methods:
- SPF Analysis (Sender Policy Framework)
- DMARC Analysis (Domain-based Message Authentication)
- DKIM Analysis (DomainKeys Identified Mail)
- Attachment Analysis with ClamAV
- Link Analysis using a fine-tuned BERT model
- Email Text Analysis using the same BERT model
- Blacklist functionality to automatically quarantine specific email addresses
The emails are then stored in a MySQL database. The web interface is developed using Vue.js for the frontend and Express.js for the backend.
Here is what the Detectish interface looks like without a connection:
With a connection:
The quarantine page where you can see emails deemed suspicious or dangerous by our solution:
Explanation of analysis results provided by Mistral AI:
Statistics on analyzed emails to get an overview of the situation:
The blacklist of emails that are automatically quarantined:
The artificial intelligence used reaches an accuracy of nearly 95%. The tests were conducted on a dataset available on Kaggle.
-
Confusion Matrix
-
Confusion Matrix (Percentage)
Over 10,000 emails were analyzed, as illustrated by the results above.
The AI model is available on Hugging Face.
- Docker & Docker Compose
- A machine with a minimum of 4 GB RAM allocated for docker (8 GB recommended for better performance)
- A
.envfile containing the following configuration variables:
# Database configuration
DB_NAME=detectish_db
DB_USER=detectish_user
DB_PASSWORD=detectish_password
DB_HOST=mysql
DB_PORT=3306
# MySQL root credentials
MYSQL_ROOT_PASSWORD=MYSQL_ROOT_PASSWORD
MYSQL_DATABASE=detectish_db
MYSQL_USER=detectish_user
MYSQL_PASSWORD=detectish_password
# ClamAV configuration
CLAMAV_HOST=clamav
CLAMAV_PORT=3310
# API Keys
MISTRAL_API_KEY=your_mistral_api_key # Replace with your Mistral API key
# Security
JWT_SECRET=your_secure_random_string_here # Replace with a secure random string
# Frontend configuration
VITE_API_URL=/api
VITE_BACKEND_URL=http://backend:3000
VITE_DETECTISH_URL=http://detectish:6969-
Clone the repository:
git clone https://github.com/Matth-L/detectish.git cd detectish -
Build and start the Docker containers:
docker-compose up -d
- Esteban Becker
- Matthias Lapu
- Eliséo Chaussoy
This project was developed as part of a university assignment. It has never been tested in a real-world environment, even though everything should work it is not guaranteed. Use it at your own risk! 🚧