CyberGuardian

“Built on Lambda. Backed by SageMaker. Designed to protect.”

Comment

🌟 Inspiration

CyberGuardian was born from a simple but urgent question:
How can we protect everyday users from phishing threats before they fall victim?

With rising cases of SMS and email scams targeting vulnerable populations, we envisioned a real-time, multilingual safety agent that could classify suspicious messages, offer clear recommendations, and scale across platforms. We wanted something lightweight, serverless, and accessible — a tool that could be deployed anywhere, by anyone, with minimal cost and maximum impact.

🛡️ What It Does

CyberGuardian is a serverless phishing detection system that:

  • Accepts messages via a public dashboard
  • Classifies them using rule-based logic and ML-powered severity scoring
  • Stores results in DynamoDB with structured logs
  • Displays verdicts, severity, source, and recommendations in real time

Endpoints:

  • POST /analyze — Classifies incoming messages
  • GET /logs — Returns recent classification results for dashboard display

🏗️ How We Built It

We used a modular AWS architecture:

  • Frontend: HTML/CSS/JS dashboard hosted on Amazon S3
  • API Gateway: Two OpenAPI-defined endpoints (/analyze, /logs)
  • Lambda Functions:
    • CyberGuardianAgent.py: Applies phishing rules, invokes SageMaker, logs to DynamoDB
    • DashboardReader.py: Fetches logs for frontend display
  • SageMaker: Lightweight model for severity scoring
  • DynamoDB: Stores structured logs with timestamps, verdicts, and recommendations

We followed reproducible design principles:

  • OpenAPI specs for API Gateway
  • Schema files for DynamoDB
  • .gitattributes and .gitignore for clean version control

🧗 Challenges We Ran Into

  • Branch sync errors during initial GitHub setup (main vs master)
  • CORS configuration for dashboard-to-API communication
  • Schema validation for DynamoDB logs
  • SageMaker integration with Lambda required precise IAM permissions
  • Line ending normalization across YAML, JSON, and Python files

🏆 Accomplishments That We're Proud Of

  • Fully deployed dashboard:
    🔗 CyberGuardian Live

  • Clean, reproducible GitHub repo:
    🔗 CyberGuardian GitHub

  • Real-time classification with ML-enhanced severity scoring

  • Reviewer-friendly architecture diagram and OpenAPI specs

  • Modular design ready for multilingual and plugin-based expansion

📚 What We Learned

  • How to architect serverless systems using AWS Lambda, API Gateway, and SageMaker
  • How to write and validate OpenAPI specs for reproducible deployment
  • How to normalize line endings and structure GitHub repos for public launch
  • How to design dashboards that are both functional and visually clear
  • How to think like a product architect — balancing cost, impact, and scalability

We also explored how to express classification logic using mathematical thresholds, such as:

[ \text{Severity Score} = \alpha \cdot \text{Keyword Risk} + \beta \cdot \text{Model Confidence} ]

Where (\alpha) and (\beta) are tunable weights based on context.

🚀 What's Next for CyberGuardian

  • Multilingual support for SMS and email classification
  • Plugin architecture for integration with Gmail, WhatsApp, and mobile apps
  • Real-time alerts via push notifications or browser extensions

CyberGuardian is more than a tool — it’s a mission to protect users before harm occurs.

Built With

Share this project:

Updates