KAVACH

Inspiration

Every year, millions of people lose their life savings to cyber fraud — voice cloning scams impersonating family members, fake job offers harvesting personal data, SIM swap attacks draining bank accounts overnight. These aren't isolated incidents. They're a coordinated fraud chain targeting anyone, anywhere — from a teenager in Lagos to a retiree in London to a student in Mumbai. Existing tools patch one hole at a time. KAVACH breaks the entire chain at once. KAVACH (meaning "armor") is that platform.

What It Does

KAVACH is a mission-critical multi-modal cyber fraud defense system integrating three unified shields:

Voice Shield (Deepfake Audio Forensics) — Extracts 9 scientific spectral features (MFCC anomaly, spectral flux, zero-crossing rate, etc.) via librosa to detect AI-generated audio, visualized through a real-time Neural Synapse Visualizer.
Job Shield (Fraud Forensics) — Scans job postings, texts, and PDFs through a 12-pattern forensic engine and live MCA21 company registry validation. Features a 7-layer URL analysis pipeline integrating VirusTotal, Google Safe Browsing, URLHaus, AbuseIPDB, and SecurityTrails for deep-link reputation scoring.
SIM Guard (Telecom Monitor) — Uses Socket Telemetry and live IPQualityScore API integration to preemptively detect SIM swap attempts, OTP hijacking, and location jump anomalies in real time.
Dual-AI Intelligence Layer — Hybrid NVIDIA NIM + Groq LLaMA 3.3 70B architecture delivers near-zero latency, plain-English explanations of every detected threat.

How I Built It

Built with a React 19 frontend and Python FastAPI microservices backend. The Voice Shield uses librosa for spectral feature extraction, computing 9 forensic signals per audio sample. The Job Shield's URL pipeline chains 5 threat intel APIs with custom normalization to produce a unified reputation score. The SIM Guard integrates IPQualityScore's real-time telecom signals via REST. Both NVIDIA NIM and Groq are used in a hybrid routing pattern — NVIDIA NIM for low-latency inference on structured threat data, Groq for longer natural-language explanation generation.

Challenges I Ran Into

Unifying 5 different threat intelligence APIs with completely different schemas, rate limits, and response formats into one clean reputation score required significant normalization work.
Audio deepfake detection is probabilistic, not binary — designing a confidence scoring system that doesn't over-alert on legitimate voice recordings took many iterations.
The dual-AI routing logic needed careful fallback handling so that if one provider rate-limits, the other takes over seamlessly.

What I Learned

That modern cyber fraud is a chain — and the only way to defeat it is to attack every link simultaneously. I also learned how to architect microservices that integrate real-time external APIs without becoming brittle, and how to make AI explanations genuinely useful rather than generic.