Privacy-First Cyber-Financial Fusion for Mule Ring Detection using GNNs, Federated Learning & Gemini AI
Banks lose $3.1B annually to money mule networks. CyberFin Nexus fuses cyber threat intelligence with financial transaction graphs to detect mule rings using Graph Attention Networks — while preserving privacy through Federated Learning.
- SOC teams detect phishing/malware but ignore financial patterns
- AML teams flag suspicious transactions but miss cyber-attack chains
- Privacy laws (GDPR/DPDP) prevent banks from sharing data
- Criminals evolve — using VPNs, AI mimicry, device rotation to evade detection
CyberFin Nexus bridges all gaps with a unified graph + ensemble approach.
WGAN-GP (100K synthetic accounts) ──► PostgreSQL
│
Heterogeneous Graph (12-dim features)
│
┌────────────────────┼────────────────────┐
│ │ │
GAT (60%) Iso Forest (20%) Rules (20%)
│ │ │
└────────────────────┼────────────────────┘
│
Ensemble Scorer + Consensus
│
┌────────────────────┼────────────────────┐
│ │ │
Community Active Adversarial
Detection Learning RL Testing
│ │ │
└────────────────────┼────────────────────┘
│
┌─────────────────┼──────────────────┐
│ │
Federated Learning Blockchain Audit Trail
(FedAvg + DP, 4 banks) (SHA-256, tamper-proof)
│ │
└─────────────────┼──────────────────┘
│
7-Tab Dashboard
+ Gemini AI (XAI)
| Feature | Description |
|---|---|
| 🎲 WGAN-GP Data Generation | Conditional Wasserstein GAN with Gradient Penalty generates 100K realistic accounts (51-dim features, 300 epochs) |
| 🕸️ Cyber-Financial Graph | Unified heterogeneous graph connecting accounts ↔ devices ↔ transactions ↔ cyber events |
| 🧠 GAT Model | 3-layer, 4-head Graph Attention Network (AUC: 0.983) |
| 🛡️ Ensemble Defense | GAT + Isolation Forest + Rule-Based with 2-of-3 consensus |
| 🔎 Community Detection | Louvain clustering discovers unknown cross-bank mule rings |
| 🎯 Active Learning | Surfaces uncertain accounts for human review |
| 🏦 Federated Learning | FedAvg + Differential Privacy (ε=1.0) across 4 banks |
| ⚔️ Adversarial RL | 4 attack strategies (velocity, splitting, rotation, mimicry) |
| 🤖 Gemini AI | Natural language explanations for flagged accounts |
| 🔗 Blockchain Audit | SHA-256 tamper-proof trail for regulators |
| 💾 PostgreSQL | Live database with sidebar connection status |
- Python 3.10+
- PostgreSQL (optional — falls back to in-memory data)
- PyTorch with your CUDA/CPU version
# Clone the repo
git clone https://github.com/YOUR_USERNAME/cyberfin-nexus.git
cd cyberfin-nexus
# Install dependencies
pip install -r requirements.txt# Create PostgreSQL database
psql -U postgres -c "CREATE DATABASE cyberfin_db;"
# Create .env file
echo "DB_USER=postgres" > .env
echo "DB_PASS=yourpassword" >> .env
echo "DB_HOST=localhost" >> .env
echo "DB_PORT=5432" >> .env
echo "DB_NAME=cyberfin_db" >> .env
# Seed the database with synthetic data
python data_generator.pystreamlit run app.pyOpen http://localhost:8501 in your browser.
python test_all.py| Metric | Value |
|---|---|
| AUC | 0.983 |
| Precision | 76.1% |
| Recall | 94.6% |
| F1 Score | 0.843 |
| Privacy | ε=1.0, GDPR compliant |
| Est. Annual Savings | $18.5M |
- 🏠 Overview — Key metrics, training progress, risk distribution
- 🕸️ Nexus Graph — Interactive network visualization with risk-colored nodes
- 🏦 Federated Learning — Cross-bank training rounds with privacy metrics
- ⚔️ Attack Simulation — RL adversarial testing with 4 evasion strategies
- 🔗 Audit Trail — Blockchain event log with integrity verification
- 🚨 Alerts & XAI — Flagged accounts with Gemini AI explanations
- 🧬 Defense Analysis — Ensemble scoring, community detection, active learning queue
- Data Generation: WGAN-GP (Conditional Wasserstein GAN with Gradient Penalty)
- ML: PyTorch, PyTorch Geometric, Scikit-learn
- Graph: NetworkX (Louvain community detection)
- Privacy: Custom FedAvg + Differential Privacy
- AI: Google Gemini API
- Database: PostgreSQL + SQLAlchemy
- Frontend: Streamlit + Plotly
- Security: SHA-256 blockchain hash chain
├── app.py # 7-tab Streamlit dashboard
├── data_generator.py # Schema-level data gen + DB seeding
├── graph_builder.py # Heterogeneous graph (12-dim features)
├── test_all.py # Integration tests
├── requirements.txt
├── Data_Gen/ # WGAN-GP data generation pipeline
│ ├── data_prep.py # Phase 1: Data preprocessing + encoding
│ ├── model.py # Phase 2: WGAN-GP architecture (Generator + Critic)
│ ├── train.py # Phase 3: WGAN-GP training loop (300 epochs)
│ ├── generate.py # Phase 4: Generate 100K accounts + relational data
│ ├── merge.py # Phase 5: Merge generated data
│ └── validate.py # Phase 6: Statistical validation of generated data
├── models/
│ ├── gat_model.py # 3-layer GAT
│ └── ensemble.py # IF + Rules + Ensemble
├── federated/
│ └── fl_engine.py # FedAvg + DP
├── rl/
│ └── adversarial_sim.py # Adversarial RL
├── blockchain/
│ └── audit_trail.py # SHA-256 audit chain
└── utils/
├── config.py # Hyperparameters
├── metrics.py # Evaluation metrics
├── gemini_helper.py # Gemini AI integration
├── graph_analytics.py # Community detection
├── active_learning.py # Review queue
└── db_manager.py # PostgreSQL manager