BaitBlock | Devpost

Landing Page
Account Type Selection
Dashboard View
LSTM training log

Inspiration

After encountering many phishing emails ourselves, knowing victims of phishing, and constantly seeing the impact of phishing in the news, we decided to tackle this problem with a software solution.

What it does

After creating an account and selecting their subscription, users can forward emails they find suspicious directly to a BaitBlock email using their UUID Key as the subject. After the user data has been verified with the database, the .eml attachment is processed through our LSTM and sent through the anti-tracking algorithm. The LSTM analyzes the content in the email, determining how likely it is to be a phishing scam and generating a representative score. The anti-tracking algorithm locates and removes trackers from the original text. This report is formatted into a new email containing the risk score, the number of trackers found and removed, the original email text, and a dynamic suggestion of what the user should do next.

How we built it

There are two major components to this app. First of all, the node.js (nest.js) is used for the back-end of the website, and all of the email processing is offloaded to an API built in Python. Furthermore, we have a Mongo database to store user information. The front-end is designed using next.js. To process the email, we use an LSTM network that we made to detect phishing attempts and we use a custom-made anti-tracking algorithm.

Challenges we ran into

The most significant challenge we faced was caused by problems with Google's API. The idea had been to access the contents of the forwarded email through the API, but the runtime was extremely slow and the documentation was extremely poor. To work around this, we instead accessed Google's server directly using a custom-made API. Additionally, the machine learning model itself was challenging to create as it was very sensitive to parameters, making it hard to optimize. Along with this, the model itself took a long time to train because LSTMs are unable to utilize parallel computing.

Accomplishments that we're proud of

The machine learning model we made is highly accurate, with a much higher accuracy than we'd expected.

What's next for BaitBlock

As BaitBlock moves through the production phase, the application would likely be implemented as a browser extension or a background application, since this removes the need for the user's judgment. Since phishing emails can be quite well-disguised, scanning every email instead of requiring the user to recognize a suspicious one will overall be more effective.

Built With

Submitted to

Hack the Nest
- Winner C-HIT Cybersecurity Track
- Winner Wolfram Award - Top 7

Created by

I worked on the front-end of the website and built the email template. I also acquired and animated/edited assets for the website.

Chris Ohtake
Created the backend of the website using NestJS and integrated the LSTM model/tracker removal program with our service's inbox.

Pradham K
Worked on the LSTM network, Tracking removal, and Python API in general.

Malhar Khisty
Worked on the front-end of the website and email formatting, helped with the LSTM and general debugging, designed the presentation

Atticus Townley

Updates

Chris Ohtake started this project — Dec 10, 2023 08:25 AM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.