Skip to content

Latest commit

 

History

History
338 lines (261 loc) · 7.29 KB

File metadata and controls

338 lines (261 loc) · 7.29 KB

API Security Monitoring System - Startup Checklist

Your complete API Security Monitoring System is ready to run!

Pre-Startup Verification

  • Backend: FastAPI application with ML models
  • Frontend: Next.js dashboard with real-time updates
  • Database: PostgreSQL schema and migrations
  • Models: CNN + BiLSTM demo models with feature extraction
  • Documentation: Complete guides and API documentation
  • Configuration: Environment templates and examples

Startup Instructions

Step 1: Initialize the System

Run this command once to set up models:

python3 scripts/init.py

Expected output:

✓ Created models directory
✓ Demo models created successfully
✓ Created .env.local template
✓ Project initialization complete!

Step 2: Install Dependencies

# Install frontend dependencies
npm install

# Install backend dependencies (in scripts directory)
pip install -r scripts/requirements.txt

Step 3: Start the Backend

Open Terminal 1:

python3 scripts/run_backend.py

Wait for this message:

INFO:     Uvicorn running on http://0.0.0.0:8000
INFO:     Application startup complete

Backend is now running at:

Step 4: Start the Frontend

Open Terminal 2:

npm run dev

Wait for this message:

▲ Next.js 16.x.x
  - Local:        http://localhost:3000

Frontend is now running at:

Accessing the System

Main Dashboard

Open your browser and go to: http://localhost:3000

You'll see:

  • Real-time threat statistics
  • Threat distribution chart
  • Recent alerts
  • Live metrics

API Documentation

Go to: http://localhost:8000/docs

Interactive API documentation with try-it-out functionality

Test a Request

curl -X POST http://localhost:3000/api/proxy/api/analyze \
  -H "Content-Type: application/json" \
  -d '{
    "method": "POST",
    "path": "/api/admin/config",
    "headers": {"User-Agent": "Suspicious-Bot"},
    "body": "'; DROP TABLE users; --",
    "response": {"status_code": 403, "response_time_ms": 150}
  }'

Response shows threat analysis with CNN, BiLSTM, and combined scores.

What You Can Do Now

1. Monitor Real-time Threats

  • View dashboard with live statistics
  • See threat distribution by severity level
  • Watch model comparison charts

2. Analyze Requests

  • Send individual requests for analysis
  • Batch analyze multiple requests
  • Get detailed threat reports

3. View Logs & Alerts

  • Browse complete request history
  • Filter by threat level, IP, path
  • Export logs to CSV

4. Manage Alerts

  • View active security alerts
  • See detailed threat information
  • Acknowledge threats

5. Access Analytics

  • View 24-hour threat trends
  • See model performance metrics
  • Analyze detection patterns

Quick Demo Scenarios

Scenario 1: SQL Injection Attempt

curl -X POST http://localhost:3000/api/proxy/api/analyze \
  -H "Content-Type: application/json" \
  -d '{
    "method": "POST",
    "path": "/api/users/login",
    "body": "username=admin'\''OR'\''1'\''='\''1&password=test",
    "response": {"status_code": 401, "response_time_ms": 200}
  }'

Expected: HIGH or CRITICAL threat

Scenario 2: Brute Force Pattern

# Send 3 failed login attempts
for i in {1..3}; do
  curl -X POST http://localhost:3000/api/proxy/api/analyze \
    -H "Content-Type: application/json" \
    -d "{
      \"method\": \"POST\",
      \"path\": \"/api/auth/login\",
      \"body\": \"attempt=$i\",
      \"response\": {\"status_code\": 401}
    }"
done

BiLSTM should detect temporal pattern.

Scenario 3: Normal Traffic

curl -X POST http://localhost:3000/api/proxy/api/analyze \
  -H "Content-Type: application/json" \
  -d '{
    "method": "GET",
    "path": "/api/public/data",
    "response": {"status_code": 200, "response_time_ms": 45}
  }'

Expected: LOW threat (normal traffic)

Navigation Guide

Dashboard (/)

  • Overview of all threats
  • Real-time statistics
  • Recent alerts

Analytics (/analytics)

  • Threat trends over time
  • Model performance comparison
  • Detection rate analysis

Logs (/logs)

  • Complete request history
  • Advanced filtering
  • Export functionality

Alerts (/alerts)

  • Active threats only
  • Detailed information
  • Action recommendations

System Health

Check system status any time:

# Health check
curl http://localhost:8000/api/health

Expected response:

{
  "status": "healthy",
  "version": "1.0.0",
  "models_loaded": true,
  "database_connected": true
}

Troubleshooting

Backend won't start

# Check if port 8000 is available
lsof -i :8000

# Or use a different port (modify scripts/run_backend.py)

Frontend won't start

# Clear cache and reinstall
rm -rf node_modules .next
npm install
npm run dev

Can't connect frontend to backend

# Verify backend is running
curl http://localhost:8000/api/health

# Check .env.local has correct FASTAPI_URL
cat .env.local

Models not loading

# Regenerate models
python3 scripts/create_models.py

Features Available

Machine Learning

  • CNN threat detection
  • BiLSTM temporal analysis
  • 52-feature extraction
  • Real-time inference
  • Ensemble scoring

Dashboard

  • Real-time updates
  • Threat visualization
  • Alert management
  • Historical logs
  • Analytics & trends

API

  • Single request analysis
  • Batch processing
  • Filtering & search
  • Export functionality
  • WebAPI documentation

Developer Tools

  • API documentation (Swagger UI)
  • Python/TypeScript examples
  • Database schema
  • Error handling
  • Comprehensive logging

Next Steps

  1. Explore the Dashboard: Navigate through all pages to understand the system
  2. Send Test Requests: Use curl or the API docs to test threat detection
  3. Review Logs: Check security logs and understand threat classifications
  4. Read Documentation:
    • README.md for complete reference
    • QUICKSTART.md for examples
    • DEPLOYMENT.md for production setup
  5. Plan Integration: Prepare to integrate with your API

Production Deployment

When ready to deploy:

  1. See DEPLOYMENT.md for detailed instructions
  2. Choose deployment option (Vercel + Heroku, AWS, Docker, etc.)
  3. Set up PostgreSQL for persistent storage
  4. Configure environment variables
  5. Deploy frontend and backend
  6. Set up monitoring and alerts

Support Resources

  • API Docs: http://localhost:8000/docs
  • README: Full project documentation
  • QUICKSTART: Examples and quick reference
  • DEPLOYMENT: Production setup guide
  • PROJECT_SUMMARY: Architecture and overview

You're All Set!

Your API Security Monitoring System is ready to use. The dashboard is running at:

Start monitoring your API security now!


Questions? Check the documentation files:

  • README.md - Complete reference
  • QUICKSTART.md - Examples
  • DEPLOYMENT.md - Production setup
  • PROJECT_SUMMARY.md - Architecture

Issues?

  1. Check logs in terminal windows
  2. Verify all services are running
  3. Ensure ports 3000 and 8000 are available
  4. Check .env.local configuration

Ready to scale? See DEPLOYMENT.md for production deployment options.