Real-time Scanner UI

The Real-time Scanner is the central interface of the Soteria security pipeline. It provides developers with an interactive environment to submit Python code for immediate behavioral analysis. Unlike traditional linters that search for static keywords, this UI facilitates the visualization of "Structural DNA"—the underlying AST patterns that the machine learning model uses to identify malicious intent.

The Interactive Scanner Interface

The Scanner UI consists of a high-performance code editor and a live results panel. It allows for single-function analysis or full-module parsing, where the system automatically splits code into individual nodes for granular detection.

Core Features

• AST-Based Analysis: Instead of looking for strings like eval() or os.system(), the UI displays results based on node distribution (e.g., Call, BinOp, Attribute).
• Normalization Preview: Visualizes how the system "anonymizes" your code (stripping variable names and constants) to show the structural logic being evaluated.
• Instant Feedback: Leverages the Flask-based Intelligence Engine to return probability scores and labels (Clean vs. Malicious) in near real-time.

Using the Scanner

To analyze code, navigate to the /scanner route.

1. Input Code: Paste your Python source into the editor.
2. Trigger Analysis: The system sends a payload to the /analyze endpoint.
3. Review Structural DNA: The UI generates a table similar to the one below, representing the feature vector extracted by the Vectorization Engine:

| Node Type | Frequency | Impact Score | | :--- | :--- | :--- | | Assign | 2.0 | Low | | Call | 4.0 | High | | Attribute | 2.0 | Medium |

Analysis Labels

• 0 (Clean): The code structure aligns with standard algorithmic patterns.
• 1 (Malicious): The code exhibits behavioral patterns associated with backdoors, unauthorized socket connections, or obfuscated execution.

Developer Integration: scannerApi

For developers looking to programmatically interface with the scanner logic or build custom dashboard components, the frontend provides a streamlined API client.

analyzeCode(code: string)

Sends a raw string of Python code to the backend for AST normalization and ML classification.

Parameters:

• code (string): The raw Python source code to be analyzed.

Returns:

• Promise<AnalysisResponse>: An object containing the classification label, confidence score, and the extracted feature matrix.

Usage Example:

import { scannerApi } from '@/lib/api';

const handleScan = async (sourceCode: string) => {
  try {
    const result = await scannerApi.analyzeCode(sourceCode);
    console.log('Detection Label:', result.label); // 0 or 1
    console.log('Feature Vector:', result.features);
  } catch (error) {
    console.error('Analysis failed:', error.message);
  }
};

Security & Authentication

The Scanner UI is a protected resource. All requests sent via the scannerApi automatically include the soteria_token from localStorage in the Authorization header.

• Public Access: Restricted. Users must be authenticated via the AuthProvider.
• Admin Features: Users with Admin privileges can access the Neural Engine view to see higher-level metrics on how the VotingClassifier (Ensemble of Random Forest, Gradient Boosting, and Logistic Regression) reached its conclusion.

Real-time Feedback Loop

The UI utilizes a "Breathing Pulse" glow and horizontal scan lines (powered by Framer Motion) to indicate active processing. When a scan is initiated, the code is sent to the backend where:

1. dataPipeline_AST.py generates a unique SHA-256 fingerprint.
2. The codeNormalizer transforms the code into a numerical matrix.
3. The Hybrid Model (Neural Network + Stacking Classifier) returns a prediction.
4. The UI updates the Gamified Learning state, awarding XP or updating the user's "Security Streak" based on the scan results.