🕵️‍♂️ UFDR AI — Unified Forensic Data Retrieval and Analysis Assistant

🎯 Overview

UFDR AI is an advanced AI-powered forensic intelligence system designed to revolutionize digital investigations by automating the analysis of Unified Forensic Data Reports (UFDRs). Built for law enforcement, intelligence agencies, and forensic laboratories, it transforms unstructured UFDR data into actionable, explainable, and court-ready insights — reducing analysis time from days to minutes.

🖼️ Images

Youtube Video:

🚀 Key Features

🔍 Intelligent Data Processing

Multi-Format Ingestion: Supports UFDRs from Cellebrite, Magnet AXIOM, Oxygen, XRY, and custom exports (JSON, XML, SQLite, PCAP, Text)
OCR & Artifact Extraction: Uses Tesseract to extract text from screenshots and image attachments
Canonical Normalization: Converts vendor-specific formats into a unified forensic schema
Hybrid Search: Combines keyword-based (BM25) and semantic (embedding-based) search for higher precision

🧠 AI-Powered Intelligence

Natural Language Queries: Ask questions like "Show all chats containing cryptocurrency addresses shared with foreign numbers last month."
Provenance-First RAG: Every answer includes exact file name, line number, and confidence score
Entity Extraction: Detects phone numbers, IPs, crypto addresses, device IDs, and user references
Temporal Knowledge Graph: Explore evolving relationships across people, devices, and communication events

📊 Analytical Tools

Timeline Visualization: Chronological view of messages, calls, and events
Interactive Graphs: Relationship mapping using NetworkX and Plotly
Anomaly Detection: Flags irregular patterns such as sudden message bursts or new device appearances
Risk Scoring: Assigns explainable suspicion scores to events

📄 Reporting & Evidence Management

One-Click Report Generation: Exports findings to PDF or CSV with metadata and confidence levels
Executive Summaries: Automatically generated concise overviews for case files
Chain of Custody: Preserves audit trail and source citations for legal admissibility

🧱 System Architecture

┌──────────────────────────────────────────────┐
│          Application Layer (Streamlit)       │
│  UI + NL Query Interface + Visualization     │
└──────────────────────────────────────────────┘
                     ↓
┌──────────────────────────────────────────────┐
│          AI / ML & NLP Processing Layer       │
│  LLM (GPT/Llama) | RAG | Embeddings | OCR     │
│  NER/RE | Anomaly Detection | Graph Analysis  │
└──────────────────────────────────────────────┘
                     ↓
┌──────────────────────────────────────────────┐
│               Data Handling Layer             │
│  Local Filesystem | pandas | joblib | pickle  │
│  (Future: SQLite/PostgreSQL)                  │
└──────────────────────────────────────────────┘
                     ↓
┌──────────────────────────────────────────────┐
│              Security & Compliance            │
│  Local Execution | Audit Logging | HTTPS      │
│  RBAC (Simulated) | Data Purging              │
└──────────────────────────────────────────────┘

💻 Technology Stack

Frontend & Backend (Application Layer)

Framework: Streamlit (Python-based web framework)
Core Libraries: pandas, json, re, os, glob, io, PyPDF2, base64, requests
Visualization: Plotly, Matplotlib, NetworkX
Reporting: FPDF, ReportLab, PDFKit

AI/ML & NLP Layer

Embeddings: Sentence-Transformers (all-MiniLM, mpnet-base-v2)
NLP Models: Hugging Face Transformers (NER, summarization)
LLM: OpenAI GPT / Llama 3 (RAG Pipeline)
OCR: Tesseract (via pytesseract)
Entity Extraction: spaCy + regex-based forensic token identification

Data Storage

Current: Local filesystem & pandas DataFrames
Caching: pickle / joblib for embeddings and entity storage
Future Integration: SQLite / PostgreSQL for metadata, logs, and case management

Security

Local/offline processing for sensitive UFDR data
HTTPS-enabled for secure deployments
Auto-clearing temporary files after session
Optional RBAC (streamlit session-state-based access)

🎨 Innovation & Uniqueness

🔐 1. Provenance-First RAG

Every AI-generated summary includes verifiable evidence citations:

"This address was identified in UFDR_20250710_chatdump.json,
lines 213–226, confidence: 0.92."

⏱️ 2. Temporal Knowledge Graph

Visualizes time-aware relationships between suspects, devices, and events:

Detect when new numbers or wallets appear
Track communication evolution
Link devices across investigations

🧭 3. Smart Investigative Playbooks

Provides context-aware suggestions to guide analysts:

"Correlate with call detail records"
"Extract IMSI/IMEI linkage"
"Check entity occurrence across UFDRs"

🧬 4. Domain-Tuned Forensic Models

Custom entity models trained for forensic contexts — capable of recognizing:

Crypto addresses
Device identifiers (IMEI, IMSI)
Tool-specific forensic metadata

📈 Impact & Benefits

Operational

⏱️ 70% reduction in manual triage time
🎯 >90% precision in evidence retrieval
🔍 Faster cross-case discovery of linked suspects

Legal & Compliance

✅ Fully auditable and court-admissible reports
🔒 Compliant with Indian IT Act & GDPR
🧾 Chain-of-custody maintained end-to-end

Societal

⚖️ Accelerates justice through faster investigations
🛡️ Strengthens India's cyber-forensic infrastructure
💼 Deployable in district labs & police units
🇮🇳 "Make in India" compliant innovation

🛠️ Installation & Setup

Requirements

Python 3.10+
pip or conda environment
8GB+ RAM (Recommended 16GB for OCR/LLM tasks)
Tesseract installed (for OCR)

Quick Start

# Clone this repository
git clone https://github.com/your-org/ufdr-ai.git
cd ufdr-ai

# Install dependencies
pip install -r requirements.txt

# Run the Streamlit app
streamlit run app.py

Then open the app in your browser: 👉 http://localhost:8501

📚 Usage

1. Upload UFDR File

Drag & drop exported UFDRs (ZIP, JSON, XML, SQLite, etc.)

2. Automated Processing

The system extracts, normalizes, and indexes data automatically.

3. Query Evidence

Use natural language — e.g.:

Show me messages with crypto addresses sent to foreign numbers in July 2025

4. Analyze Results

View highlighted excerpts, explore link graphs, and view timelines.

5. Generate Report

Click Export PDF or Export CSV for official report generation.

🧭 Roadmap

Phase	Features	Status
Prototype	Basic ingestion, normalization, indexing	✅ Completed
Stage 1	Entity extraction, hybrid search, reporting	✅ Completed
Stage 2	Graph visualization, RAG summarization	✅ Completed
Final	Anomaly detection, SIEM integration, scaling	🔄 In Progress

🔒 Security & Compliance

End-to-End Encryption: AES-256 at rest, TLS 1.3 in transit
On-Prem Execution: Air-gapped deployment possible
RBAC: Controlled user-level access
Immutable Logs: Every action recorded
Data Retention: Auto-deletion of temporary files
Compliance: Indian IT Act, GDPR, Digital Evidence Guidelines

👥 Team CodeFather

Name	GitHub
🧑‍💻 Member 1	Madhavan
🧑‍💻 Member 2	Akashgautham
🧑‍💻 Member 3	Vijaya Karthick
🧑‍💻 Member 4	Rakshithasri
🧑‍💻 Member 5	Raksha
🧑‍💻 Member 6	Divyesh Hari

📄 License

This project is licensed under the MIT License.
See the LICENSE file for details.

Built with ❤️ for Indian Law Enforcement & National Security
Empowering Justice through Intelligent Forensics

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
Source		Source
utils		utils
README.md		README.md
requirements.txt		requirements.txt

ssmadhavan006/UFDR-AI

Folders and files

Latest commit

History

Repository files navigation