Your complete API Security Monitoring System is ready to run!
- Backend: FastAPI application with ML models
- Frontend: Next.js dashboard with real-time updates
- Database: PostgreSQL schema and migrations
- Models: CNN + BiLSTM demo models with feature extraction
- Documentation: Complete guides and API documentation
- Configuration: Environment templates and examples
Run this command once to set up models:
python3 scripts/init.pyExpected output:
✓ Created models directory
✓ Demo models created successfully
✓ Created .env.local template
✓ Project initialization complete!
# Install frontend dependencies
npm install
# Install backend dependencies (in scripts directory)
pip install -r scripts/requirements.txtOpen Terminal 1:
python3 scripts/run_backend.pyWait for this message:
INFO: Uvicorn running on http://0.0.0.0:8000
INFO: Application startup complete
Backend is now running at:
- API: http://localhost:8000
- Docs: http://localhost:8000/docs
- Health: http://localhost:8000/api/health
Open Terminal 2:
npm run devWait for this message:
▲ Next.js 16.x.x
- Local: http://localhost:3000
Frontend is now running at:
- Dashboard: http://localhost:3000
Open your browser and go to: http://localhost:3000
You'll see:
- Real-time threat statistics
- Threat distribution chart
- Recent alerts
- Live metrics
Go to: http://localhost:8000/docs
Interactive API documentation with try-it-out functionality
curl -X POST http://localhost:3000/api/proxy/api/analyze \
-H "Content-Type: application/json" \
-d '{
"method": "POST",
"path": "/api/admin/config",
"headers": {"User-Agent": "Suspicious-Bot"},
"body": "'; DROP TABLE users; --",
"response": {"status_code": 403, "response_time_ms": 150}
}'Response shows threat analysis with CNN, BiLSTM, and combined scores.
- View dashboard with live statistics
- See threat distribution by severity level
- Watch model comparison charts
- Send individual requests for analysis
- Batch analyze multiple requests
- Get detailed threat reports
- Browse complete request history
- Filter by threat level, IP, path
- Export logs to CSV
- View active security alerts
- See detailed threat information
- Acknowledge threats
- View 24-hour threat trends
- See model performance metrics
- Analyze detection patterns
curl -X POST http://localhost:3000/api/proxy/api/analyze \
-H "Content-Type: application/json" \
-d '{
"method": "POST",
"path": "/api/users/login",
"body": "username=admin'\''OR'\''1'\''='\''1&password=test",
"response": {"status_code": 401, "response_time_ms": 200}
}'Expected: HIGH or CRITICAL threat
# Send 3 failed login attempts
for i in {1..3}; do
curl -X POST http://localhost:3000/api/proxy/api/analyze \
-H "Content-Type: application/json" \
-d "{
\"method\": \"POST\",
\"path\": \"/api/auth/login\",
\"body\": \"attempt=$i\",
\"response\": {\"status_code\": 401}
}"
doneBiLSTM should detect temporal pattern.
curl -X POST http://localhost:3000/api/proxy/api/analyze \
-H "Content-Type: application/json" \
-d '{
"method": "GET",
"path": "/api/public/data",
"response": {"status_code": 200, "response_time_ms": 45}
}'Expected: LOW threat (normal traffic)
- Overview of all threats
- Real-time statistics
- Recent alerts
- Threat trends over time
- Model performance comparison
- Detection rate analysis
- Complete request history
- Advanced filtering
- Export functionality
- Active threats only
- Detailed information
- Action recommendations
Check system status any time:
# Health check
curl http://localhost:8000/api/healthExpected response:
{
"status": "healthy",
"version": "1.0.0",
"models_loaded": true,
"database_connected": true
}# Check if port 8000 is available
lsof -i :8000
# Or use a different port (modify scripts/run_backend.py)# Clear cache and reinstall
rm -rf node_modules .next
npm install
npm run dev# Verify backend is running
curl http://localhost:8000/api/health
# Check .env.local has correct FASTAPI_URL
cat .env.local# Regenerate models
python3 scripts/create_models.py- CNN threat detection
- BiLSTM temporal analysis
- 52-feature extraction
- Real-time inference
- Ensemble scoring
- Real-time updates
- Threat visualization
- Alert management
- Historical logs
- Analytics & trends
- Single request analysis
- Batch processing
- Filtering & search
- Export functionality
- WebAPI documentation
- API documentation (Swagger UI)
- Python/TypeScript examples
- Database schema
- Error handling
- Comprehensive logging
- Explore the Dashboard: Navigate through all pages to understand the system
- Send Test Requests: Use curl or the API docs to test threat detection
- Review Logs: Check security logs and understand threat classifications
- Read Documentation:
- README.md for complete reference
- QUICKSTART.md for examples
- DEPLOYMENT.md for production setup
- Plan Integration: Prepare to integrate with your API
When ready to deploy:
- See DEPLOYMENT.md for detailed instructions
- Choose deployment option (Vercel + Heroku, AWS, Docker, etc.)
- Set up PostgreSQL for persistent storage
- Configure environment variables
- Deploy frontend and backend
- Set up monitoring and alerts
- API Docs: http://localhost:8000/docs
- README: Full project documentation
- QUICKSTART: Examples and quick reference
- DEPLOYMENT: Production setup guide
- PROJECT_SUMMARY: Architecture and overview
Your API Security Monitoring System is ready to use. The dashboard is running at:
Questions? Check the documentation files:
- README.md - Complete reference
- QUICKSTART.md - Examples
- DEPLOYMENT.md - Production setup
- PROJECT_SUMMARY.md - Architecture
Issues?
- Check logs in terminal windows
- Verify all services are running
- Ensure ports 3000 and 8000 are available
- Check .env.local configuration
Ready to scale? See DEPLOYMENT.md for production deployment options.