Module: AiRootShield

Defined in:
lib/ai_root_shield.rb,
lib/ai_root_shield/version.rb,
lib/ai_root_shield/detector.rb,
lib/ai_root_shield/rasp_protection.rb,
lib/ai_root_shield/risk_calculator.rb,
lib/ai_root_shield/device_log_parser.rb,
lib/ai_root_shield/ai_behavioral_analyzer.rb,
lib/ai_root_shield/advanced_proxy_detector.rb,
lib/ai_root_shield/analyzers/root_detector.rb,
lib/ai_root_shield/dashboard/web_dashboard.rb,
lib/ai_root_shield/enterprise/alert_system.rb,
lib/ai_root_shield/enterprise/policy_manager.rb,
lib/ai_root_shield/enterprise_policy_manager.rb,
lib/ai_root_shield/analyzers/hooking_detector.rb,
lib/ai_root_shield/analyzers/network_analyzer.rb,
lib/ai_root_shield/certificate_pinning_helper.rb,
lib/ai_root_shield/ci_cd/security_test_module.rb,
lib/ai_root_shield/analyzers/emulator_detector.rb,
lib/ai_root_shield/analyzers/integrity_checker.rb,
lib/ai_root_shield/integrations/siem_connector.rb,
lib/ai_root_shield/platform/ios_security_module.rb,
lib/ai_root_shield/enterprise/performance_optimizer.rb,
lib/ai_root_shield/platform/android_security_module.rb,
lib/ai_root_shield/platform/unified_report_generator.rb,
lib/ai_root_shield/enterprise/hybrid_detection_engine.rb,
lib/ai_root_shield/platform/hardware_security_analyzer.rb

Defined Under Namespace

Modules: Analyzers, CiCd, Dashboard, Enterprise, Integrations, Platform Classes: AdvancedProxyDetector, AiBehavioralAnalyzer, CertificatePinningHelper, Detector, DeviceLogParser, EnterprisePolicyManager, Error, RaspProtection, RiskCalculator

Constant Summary collapse

VERSION = 
"1.0.0"

Class Method Summary collapse

Class Method Details

.analyze_android_device(device_logs_path, config = {}) ⇒ Object

Platform-specific analysis methods for CLI



242
243
244
245
246
247
248
249
 
# File 'lib/ai_root_shield.rb', line 242

def self.analyze_android_device(device_logs_path, config = {})
  device_logs = JSON.parse(File.read(device_logs_path))
  android_module = AiRootShield::Platform::AndroidSecurityModule.new(
    api_key: config[:safetynet_api_key],
    package_name: config[:package_name]
  )
  android_module.analyze_device_security(device_logs)
end

.analyze_android_security(device_logs, config = {}) ⇒ Hash

v0.5.0 Platform-specific security analysis Analyze Android device security using SafetyNet and Play Integrity APIs

Parameters:

  • device_logs (Hash)

    Device logs data

  • config (Hash) (defaults to: {})

    Configuration options

Returns:

  • (Hash)

    Android security analysis results



162
163
164
165
 
# File 'lib/ai_root_shield.rb', line 162

def self.analyze_android_security(device_logs, config = {})
  @android_module ||= Platform::AndroidSecurityModule.new(config)
  @android_module.analyze_device_security(device_logs)
end

.analyze_hardware_security(device_logs, platform) ⇒ Hash

Analyze hardware security features (TEE/SE, biometrics)

Parameters:

  • device_logs (Hash)

    Device logs data

  • platform (String)

    Platform type (‘android’ or ‘ios’)

Returns:

  • (Hash)

    Hardware security analysis results



179
180
181
182
 
# File 'lib/ai_root_shield.rb', line 179

def self.analyze_hardware_security(device_logs, platform)
  @hardware_analyzer ||= Platform::HardwareSecurityAnalyzer.new
  @hardware_analyzer.analyze_hardware_security(device_logs, platform)
end

.analyze_ios_device(device_logs_path, config = {}) ⇒ Object 



251
252
253
254
255
 
# File 'lib/ai_root_shield.rb', line 251

def self.analyze_ios_device(device_logs_path, config = {})
  device_logs = JSON.parse(File.read(device_logs_path))
  ios_module = AiRootShield::Platform::IosSecurityModule.new
  ios_module.analyze_device_security(device_logs)
end

.analyze_ios_security(device_logs) ⇒ Hash

Analyze iOS device security with advanced jailbreak detection

Parameters:

  • device_logs (Hash)

    Device logs data

Returns:

  • (Hash)

    iOS security analysis results



170
171
172
173
 
# File 'lib/ai_root_shield.rb', line 170

def self.analyze_ios_security(device_logs)
  @ios_module ||= Platform::IosSecurityModule.new
  @ios_module.analyze_device_security(device_logs)
end

.certificate_pinningCertificatePinningHelper?

Get current certificate pinning helper instance

Returns:



147
148
149
 
# File 'lib/ai_root_shield.rb', line 147

def self.certificate_pinning
  @certificate_pinning
end

.configure_certificate_pinning(config = {}) ⇒ CertificatePinningHelper

Configure certificate pinning

Parameters:

  • config (Hash) (defaults to: {})

    Certificate pinning configuration

Returns:



102
103
104
 
# File 'lib/ai_root_shield.rb', line 102

def self.configure_certificate_pinning(config = {})
  @certificate_pinning = CertificatePinningHelper.new(config)
end

.configure_policy(policy_config) ⇒ EnterprisePolicyManager

Configure enterprise policy

Parameters:

  • policy_config (String, Hash)

    Policy file path or configuration hash

Returns:



95
96
97
 
# File 'lib/ai_root_shield.rb', line 95

def self.configure_policy(policy_config)
  @policy_manager = EnterprisePolicyManager.new(policy_config)
end

.configure_proxy_detection(config = {}) ⇒ AdvancedProxyDetector

Configure proxy detection

Parameters:

  • config (Hash) (defaults to: {})

    Proxy detection configuration

Returns:



109
110
111
 
# File 'lib/ai_root_shield.rb', line 109

def self.configure_proxy_detection(config = {})
  @proxy_detector = AdvancedProxyDetector.new(config)
end

.configure_siem(platform, config = {}) ⇒ Integrations::SiemConnector

Configure SIEM integration

Parameters:

  • platform (Symbol)

    SIEM platform (:splunk, :elastic, etc.)

  • config (Hash) (defaults to: {})

    SIEM configuration

Returns:



220
221
222
 
# File 'lib/ai_root_shield.rb', line 220

def self.configure_siem(platform, config = {})
  @siem_connector = Integrations::SiemConnector.new(platform, config)
end

.detect_proxy(ip_address, additional_data = {}) ⇒ Hash

Detect proxy usage for an IP address

Parameters:

  • ip_address (String)

    IP address to analyze

  • additional_data (Hash) (defaults to: {})

    Additional network data

Returns:

  • (Hash)

    Proxy detection result



127
128
129
130
131
 
# File 'lib/ai_root_shield.rb', line 127

def self.detect_proxy(ip_address, additional_data = {})
  return { error: "Proxy detection not configured" } unless @proxy_detector
  
  @proxy_detector.detect_proxy(ip_address, additional_data)
end

.generate_ci_config(platform) ⇒ Object

Generate CI configuration for CLI



211
212
213
214
 
# File 'lib/ai_root_shield.rb', line 211

def self.generate_ci_config(platform, options = {})
  @ci_cd_module ||= CiCd::SecurityTestModule.new
  @ci_cd_module.generate_ci_config(platform, options)
end

.generate_unified_report(android_results: nil, ios_results: nil, metadata: {}) ⇒ Object

Generate unified cross-platform report for CLI



189
190
191
192
193
194
195
196
 
# File 'lib/ai_root_shield.rb', line 189

def self.generate_unified_report(android_results: nil, ios_results: nil, metadata: {})
  @report_generator ||= Platform::UnifiedReportGenerator.new
  @report_generator.generate_unified_report(
    android_results: android_results,
    ios_results: ios_results,
    metadata: metadata
  )
end

.policy_managerEnterprisePolicyManager?

Get current policy manager instance

Returns:



141
142
143
 
# File 'lib/ai_root_shield.rb', line 141

def self.policy_manager
  @policy_manager
end

.proxy_detectorAdvancedProxyDetector?

Get current proxy detector instance

Returns:



153
154
155
 
# File 'lib/ai_root_shield.rb', line 153

def self.proxy_detector
  @proxy_detector
end

.rasp_active?Boolean

Check if RASP protection is active

Returns:

  • (Boolean)

    True if RASP protection is active



281
282
283
 
# File 'lib/ai_root_shield.rb', line 281

def self.rasp_active?
  @rasp_protection&.protection_status&.dig(:active) || false
end

.rasp_protectionRaspProtection?

Get current RASP protection instance

Returns:



135
136
137
 
# File 'lib/ai_root_shield.rb', line 135

def self.rasp_protection
  @rasp_protection
end

.run_ci_cd_tests(device_logs_path, config = {}) ⇒ Object

CI/CD integration method for CLI



202
203
204
205
 
# File 'lib/ai_root_shield.rb', line 202

def self.run_ci_cd_tests(device_logs_path, options = {})
  @ci_cd_module ||= CiCd::SecurityTestModule.new(options)
  @ci_cd_module.run_security_tests(device_logs_path, options)
end

.scan_device(device_logs_path) ⇒ Hash

Main entry point for device scanning

Parameters:

  • device_logs_path (String)

    Path to device logs JSON file

Returns:

  • (Hash)

    Risk assessment result with score and factors



51
52
53
 
# File 'lib/ai_root_shield.rb', line 51

def self.scan_device(device_logs_path)
  scan_device_with_config(device_logs_path)
end

.scan_device_with_config(device_logs_path, config = {}) ⇒ Hash

Scan device with custom configuration and policy validation

Parameters:

  • device_logs_path (String)

    Path to device logs JSON file

  • config (Hash) (defaults to: {})

    Configuration options

Returns:

  • (Hash)

    Risk assessment result with score, factors, and compliance



59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
# File 'lib/ai_root_shield.rb', line 59

def self.scan_device_with_config(device_logs_path, config = {})
  detector = Detector.new(config)
  scan_result = detector.scan(device_logs_path)
  
  # Add network security analysis if enabled
  if config[:enable_network_analysis]
    scan_result = enhance_with_network_analysis(scan_result, config)
  end
  
  # Add policy compliance validation if policy manager is configured
  if @policy_manager
    compliance_result = @policy_manager.validate_compliance(scan_result)
    scan_result[:compliance] = compliance_result
  end
  
  scan_result
end

.security_statusHash

Get comprehensive security status

Returns:

  • (Hash)

    Security status across all components



287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
 
# File 'lib/ai_root_shield.rb', line 287

def self.security_status
  {
    version: VERSION,
    rasp_active: rasp_active?,
    policy_configured: !@policy_manager.nil?,
    certificate_pinning_configured: !@certificate_pinning.nil?,
    proxy_detection_configured: !@proxy_detector.nil?,
    siem_configured: !@siem_connector.nil?,
    platform_modules: {
      android_module: !@android_module.nil?,
      ios_module: !@ios_module.nil?,
      hardware_analyzer: !@hardware_analyzer.nil?,
      report_generator: !@report_generator.nil?
    },
    components: {
      rasp: @rasp_protection&.protection_status,
      policy: @policy_manager&.policy_statistics,
      certificate_pinning: @certificate_pinning&.pinning_status,
      proxy_detection: @proxy_detector&.detection_statistics,
      siem: @siem_connector ? { platform: @siem_connector.instance_variable_get(:@platform) } : nil
    }
  }
end

.send_to_siem(analysis_results, metadata = {}) ⇒ Hash

Send security events to SIEM

Parameters:

  • analysis_results (Hash)

    Security analysis results

  • metadata (Hash) (defaults to: {})

    Event metadata

Returns:

  • (Hash)

    SIEM response



228
229
230
231
232
 
# File 'lib/ai_root_shield.rb', line 228

def self.send_to_siem(analysis_results, metadata = {})
  return { error: "SIEM not configured" } unless @siem_connector
  
  @siem_connector.send_security_event(analysis_results, metadata)
end

.start_dashboard(port = 4567) ⇒ Object

Start web dashboard

Parameters:

  • port (Integer) (defaults to: 4567)

    Port number



236
237
238
239
 
# File 'lib/ai_root_shield.rb', line 236

def self.start_dashboard(port = 4567)
  dashboard = AiRootShield::Dashboard::WebDashboard.new
  dashboard.start(port)
end

.start_rasp_protection(config = {}) ⇒ RaspProtection

Start RASP protection

Parameters:

  • config (Hash) (defaults to: {})

    RASP configuration options

Returns:



80
81
82
83
84
 
# File 'lib/ai_root_shield.rb', line 80

def self.start_rasp_protection(config = {})
  @rasp_protection = RaspProtection.new(config)
  @rasp_protection.start_protection
  @rasp_protection
end

.stop_rasp_protectionObject

Stop RASP protection



87
88
89
90
 
# File 'lib/ai_root_shield.rb', line 87

def self.stop_rasp_protection
  @rasp_protection&.stop_protection
  @rasp_protection = nil
end

.validate_certificate_pinning(url) ⇒ Hash

Validate certificate pinning for a URL

Parameters:

  • url (String)

    URL to validate

Returns:

  • (Hash)

    Validation result



116
117
118
119
120
121
 
# File 'lib/ai_root_shield.rb', line 116

def self.validate_certificate_pinning(url)
  return { error: "Certificate pinning not configured" } unless @certificate_pinning
  
  cert_chain = @certificate_pinning.get_certificate_chain(url)
  @certificate_pinning.validate_pin(url, cert_chain)
end

.versionString

Get version information

Returns:

  • (String)

    Current version



313
314
315
 
# File 'lib/ai_root_shield.rb', line 313

def self.version
  VERSION
end