Skip to content

garvit000/Kavach-R

Repository files navigation

Kavach-R — Behaviour-Based Ransomware Early-Warning System

Kavach-R monitors process behaviour in real time and raises alerts before ransomware can finish encrypting your files.

Architecture

┌──────────────┐     risk score     ┌──────────────┐
│  Detection   │ ──────────────────▶│  Dashboard   │
│  Engine (ML) │                    │  (CLI live)  │
└──────┬───────┘                    └──────────────┘
       │ threshold crossed
       ▼
┌──────────────┐                    ┌──────────────┐
│   Alerts     │◀───── demo.py ───▶│  Simulator   │
│  (terminal)  │   orchestrates     │  (safe fake  │
└──────────────┘                    │   ransomware)│
                                    └──────────────┘
Module Purpose
kavach/ Detection engine (ML model, feature extraction)
simulator.py Safe ransomware behaviour simulator
alerts.py Terminal alert display
dashboard.py Live CLI risk-score dashboard
demo.py End-to-end demo orchestrator
utils.py Shared helper functions
test_folder/ Dummy files consumed by the simulator

Prerequisites

  • Python 3.10+
  • (Optional) colorama for coloured dashboard output

Setup

# 1. Clone the repo
git clone <repo-url> && cd Kavach-R

# 2. Install optional dependency
pip install colorama

# 3. Ensure test_folder has dummy files (already included)
ls test_folder/

Running

Full demo (recommended)

python demo.py

This will:

  1. Show the safe-state message.
  2. Start the live dashboard in the background.
  3. Launch the simulator to mimic a ransomware attack.
  4. Ramp the risk score and trigger alerts when it crosses 0.8.
  5. Cool down and return to safe state.

Individual modules

# Dashboard only (random scores)
python dashboard.py

# Simulator only
python simulator.py

# Alert samples
python alerts.py

Project Structure

kavach-r/
├── kavach/               # Detection engine (teammate)
│   ├── detector.py
│   ├── events.py
│   ├── feature_engine.py
│   ├── kavach_main.py
│   └── model.py
├── simulator.py          # Safe ransomware simulator
├── alerts.py             # Alert display
├── dashboard.py          # Live CLI dashboard
├── demo.py               # Demo orchestrator
├── utils.py              # Helpers
├── test_folder/          # Dummy files
└── README.md

License

MIT

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages