CyberFin

• 

• 

• 

• 

• 

• 

• 

• 

• 

• 

• 

💡 Inspiration

Financial crime is no longer just about suspicious transactions — it’s about networks.

Cyber teams detect compromised logins. AML teams detect suspicious transactions. But these systems operate in silos.

Criminals exploit that gap.

We built CyberFin Fusion to unify cyber and financial intelligence and move fraud detection from reactive investigation to proactive prevention.

🔎 What it does

CyberFin Fusion:

Ingests cyber events and financial transactions in real time

Builds a relationship graph across accounts, devices, IPs, and beneficiaries

Detects hidden mule rings using community detection

Calculates pre-transaction risk scores (0–100)

Stops high-risk transactions before funds move

Generates AI-powered explanations and SAR drafts

Instead of analyzing rows, we analyze relationships.

🏗 How we built it

Simulated 20,000 cyber events and 2,402 transactions

Built a directed graph using NetworkX

Used the Louvain algorithm to detect dense mule communities

Implemented a composite risk model:

Risk=Cyber(0–40)+Financial(0–30)+Network(0–30)

Built a FastAPI backend with real-time streaming

Added a Streamlit dashboard for visualization

Integrated Gemini API for explainability and SAR generation

⚠️ Challenges we ran into

Bridging structured financial data with semi-structured cyber logs

Selecting a scalable community detection algorithm

Reducing false positives using multi-factor scoring

Building and refining the system within 24 hours

🏆 Accomplishments we're proud of

286 mule rings detected

2,136 high-risk accounts flagged

Real-time pre-transaction kill switch

AI-generated compliance-ready reports

Clean, refactored, Docker-ready architecture

Most importantly, we shifted fraud response from after-the-fact detection to real-time prevention.

📚 What we learned

Financial crime is a graph problem.

Relational databases alone can’t capture structural fraud.

Real-time prevention requires streaming + graph intelligence.

Explainability is critical in regulated environments.

🔮 What’s next

Migrate to distributed graph databases (Neo4j)

Add large-scale streaming (Kafka)

Integrate with banking sandboxes

CyberFin Fusion doesn’t just detect suspicious transactions — it detects suspicious relationships.

Built With

• built-with-python-3.13
• docker
• fastapi
• google-gemini-1.5-flash-api
• networkx-(louvain-community-detection)
• numpy
• pandas
• plotly
• rest-apis
• server-sent-events-(sse)
• streamlit
• uvicorn