Show HN: Echolock – Federated AI for real-time phishing detection (github.com)

ECHOLOCK is an open-source, federated phishing-detection system presented on Show HN that combines fast rule checks with a lightweight ML classifier to deliver near real-time, network-wide protection. Built for the Cyber AI Hackathon 2025, it uses a layered validation pipeline (static allowlist → static blocklist → federated blocklist → AI analysis) so known URLs are resolved in milliseconds while unknowns are classified by a LinearSVC model. When any node flags a high-confidence IOC, it publishes the threat hash via Redis Pub/Sub and all subscribers update their local blocklists in under five seconds, turning reactive intelligence into proactive immunity across the network. Technically, ECHOLOCK bundles a React/TypeScript frontend, a Flask orchestration API, a Python federation worker, and Redis Cloud as both broker and datastore. Reported metrics are a 91% detection accuracy, ~45 MB memory footprint, static checks <50 ms, federated blocklist checks <200 ms, and full ML pipeline latency of 2–4 seconds. The author experimented with RandomForest (92% validation), LSTMs and other models but chose LinearSVC for production due to its low inference latency and good accuracy. The repo includes the trained LinearSVC, deployment guidance, and an invitation for contributors — making it a practical blueprint for distributed, low-latency threat sharing in security-focused ML deployments.