A hybrid security framework that integrates Blockchain, AI, and Role-Based Access Control (RBAC) to detect and mitigate insider threats in salary databases. It ensures tamper-proof transactions, access control enforcement, and automated anomaly detection for sensitive salary operations.
- Overview
- Project Structure
- Setup Instructions
- Running the System
- API Endpoints
- Roles & Access Control
- ML Model Information
- Report
- Future Work
- Contributors
This system aims to prevent unauthorized access and malicious manipulation of salary data using a three-layered defense approach:
- RBAC: Restricts salary updates to authorized roles.
- Blockchain: Records every transaction immutably.
- AI Model: Flags suspicious transactions using a trained neural network.
📦 Hybrid-AI-Blockchain-Framework
├── app.py # Flask backend for ML prediction
├── server.js # Node.js backend handling RBAC + blockchain
├── blockchain.js # Blockchain transaction logic
├── role.js # RBAC implementation
├── insider-threat-detection-model.ipynb # Model training notebook
├── insider_threat_model.h5 # Pre-trained Keras model
├── encoder.pkl # Role label encoder
├── scaler.pkl # Feature standard scaler
├── salary_exploitation_insider_threat.csv # Training dataset
├── save_encoder.py # Script to generate encoder/scaler
├── .env # Environment variables
├── Report_dbs.pdf # Technical report
├── README.md # This file
├── package.json / package-lock.json # Node.js dependenciesgit clone https://github.com/Dona-jui/Hybrid-AI-Blockchain-Framework-for-Insider-Threat-Mitigation-in-Databases.git
cd Hybrid-AI-Blockchain-Framework-for-Insider-Threat-Mitigation-in-DatabasesInstall required Python packages:
pip install flask pandas scikit-learn tensorflow kerasInstall required Node.js packages:
npm installYou can retrain the model using the notebook:
jupyter notebook insider-thret-detection-model.ipynbOr use the pre-trained model: insider_threat_model.h5 encoder.pkl scaler.pkl
1️⃣ Start the Flask ML Backend
python app.py
Runs the prediction server on http://localhost:5001.2️⃣ Start the Node.js Backend
node server.js
Runs the RBAC and Blockchain system on http://localhost:3000.🔮 Flask AI Prediction POST /predict Payload Example:
{
"user_id": 1,
"amount": 3096,
"role": "admin",
"time_of_change": "Work Hours"
}Response Example:
{
"message": "No threat detected.",
"probability": 2.8129074053140357e-05,
"threat_detected": false
}🔐 Node.js Backend POST /login : Authorization and JWT-based authentication
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6IkRvbmEgUm95Iiwicm9sZSI6ImFkbWluIiwiaWF0IjoxNzQ1MjU4NzE3LCJleHAiOjE3NDUyNjIzMTd9.Tgz__2izpCSRcQ5LoqIPGNld5jN8PhlFTNcVyebxVzQ"
}POST /transaaction : Fetches entire blockchain transaction log
{
"user_id": 1,
"amount": 3096,
"role": "admin",
"time_of_change": "Work Hours"
}Response Example:
{
"message": "Transaction added to blockchain and salary updated",
"blockchain": [
{
"index": 0,
"timestamp": 1745258270424,
"data": {
"message": "Genesis Block"
},
"previousHash": "0",
"hash": "e6302ce2f816e9197549ef55075aa641bd92b68c7793edd289b2a6984343df53",
"nonce": 0
},
{
"index": 1,
"timestamp": 1745258790313,
"data": {
"user_id": 1,
"amount": 3096,
"role": "admin",
"time_of_change": "Work Hours"
},
"previousHash": "e6302ce2f816e9197549ef55075aa641bd92b68c7793edd289b2a6984343df53",
"hash": "0066c5c90988671938528d4caa0af6e682c2bda752bb1307a757ff7d3e911dbc",
"nonce": 21
}
]
}RBAC rules defined in role.js
- Training Accuracy: ~97%
- Model serialized as
insider_threat_model.h5with supportingencoder.pklandscaler.pkl.
- Full technical documentation and workflow included in:
📄
Report_dbs.pdf
- Add Frontend UI (React + Tailwind)
- Deploy on Ethereum Testnet (e.g., Sepolia)
- Dockerize the project
- Dona Roy (Postgraduate Student in Computer Science at NIT Karnataka, Surathkal)