High-speed malicious URL detection using a Bloom Filter
Project description
dvara
High-speed malicious URL detection using a Bloom Filter accelerated verification pipeline backed by PostgreSQL, Redis, FastAPI, and AWS infrastructure.
pip install dvara
dvara check https://google.com
✅ CLEAN | 0.03ms | online
dvara check "http://xn--90abegbttpjb3bzb2j.xn--p1ai/doc/En/ACCOUNT/Auditor-of-State-Notification-of-EFT-Deposit"
🚨 MALICIOUS | 213.2ms | online
What is dvara?
dvara is a malicious URL detection platform inspired by large-scale safe browsing systems.
It combines:
- Probabilistic Bloom Filters
- PostgreSQL verification
- Redis caching
- FastAPI APIs
- AWS-hosted infrastructure
to provide extremely fast malicious URL lookups while maintaining a small memory footprint.
Threat intelligence is continuously aggregated from:
- URLhaus
- PhishTank
- OpenPhish
- CERT Polska
The current dataset contains:
268,970+ confirmed malicious URLs
compressed into a Bloom Filter occupying only:
5.14 MB
Most benign URLs are resolved entirely in memory without touching the database.
Only Bloom Filter hits trigger PostgreSQL verification.
Key Features
- Bloom Filter accelerated malicious URL detection
- Two-stage verification architecture
- PostgreSQL-backed confirmation database
- Redis integration
- FastAPI REST API
- Python CLI client
- AWS-hosted deployment
- Dockerized infrastructure
- Threat intelligence feed aggregation
- Memory-efficient large-scale URL indexing
Architecture
Threat Intelligence Feeds
↓
Normalization & Deduplication
↓
Bloom Filter Generation
↓
PostgreSQL Verification Database
↓
FastAPI Backend
↓
CLI / REST API
URL Check Pipeline
dvara check [url]
↓
Bloom Filter Lookup
↓
No Match
└──► CLEAN
Possible Match
↓
SHA256(URL)
↓
PostgreSQL Verification
↓
MALICIOUS / SUSPICIOUS
Infrastructure
Dvara is deployed as a fully self-hosted cybersecurity service on AWS.
Production architecture:
AWS EC2
├── FastAPI API
├── PostgreSQL Database
├── Redis Cache
├── Bloom Filter Storage
└── Docker Compose
Infrastructure stack:
| Component | Technology |
|---|---|
| API Server | FastAPI |
| Infrastructure | AWS EC2 |
| Containerization | Docker + Docker Compose |
| Database | PostgreSQL |
| Cache Layer | Redis |
| URL Index | Bloom Filter |
| Package Distribution | PyPI |
The deployment is fully containerized and operates without managed database or cache providers.
Features:
- Self-hosted AWS deployment
- Dockerized infrastructure
- PostgreSQL-backed malicious URL verification
- Redis caching layer
- Bloom Filter accelerated lookups
- Persistent volume storage
- REST API + CLI support
Why Bloom Filters?
Traditional hash sets containing millions of URLs require hundreds of megabytes of memory.
Bloom Filters provide:
- Massive memory compression
- Constant-time lookups
- Zero false negatives
- Extremely high throughput
Tradeoff:
- Small false positive probability
False positives are resolved through PostgreSQL verification.
Benchmarks
| Metric | Result |
|---|---|
| Local Bloom Lookup Latency | ~0.003 ms (3 μs) |
| Throughput | ~145k URLs/sec |
| Indexed Malicious URLs | 268,970+ |
| Filter Size | 5.14 MB |
| Peak RAM Usage | ~10.53 MB |
| False Negatives | 0 observed |
| False Positives | 0 / 100,000 tested |
| Bloom Capacity | 3,000,000 URLs |
Benchmark latency refers to local in-memory Bloom Filter checks. Network requests naturally incur additional latency.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dvara-0.2.1.tar.gz.
File metadata
- Download URL: dvara-0.2.1.tar.gz
- Upload date:
- Size: 30.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
108404fd4ba9746f7ec3c5d972c7a241bb976f01c6d165ff110caaff14f96bdf
|
|
| MD5 |
a4e3f1a248043626f0f470329dd4efc4
|
|
| BLAKE2b-256 |
310204cf30b3ad128f07fce472b93d6a4e49604f6d81cb2801bb4a9fba918187
|
File details
Details for the file dvara-0.2.1-py3-none-any.whl.
File metadata
- Download URL: dvara-0.2.1-py3-none-any.whl
- Upload date:
- Size: 24.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1173c4d7558a264bd1c8830dfc17cebfc550dcd5021d81011053cf3982bc185f
|
|
| MD5 |
aca7e7ff3f7aea47b8185eaa9c1bcadc
|
|
| BLAKE2b-256 |
3bc78b004fd1d8f1e73b93057dfe7683c91a19b278d92820df5fae99dd3a81cc
|