SentientGate is an intelligent, high-concurrency security infrastructure that protects microservice ecosystems from sophisticated bot attacks, injection attempts, and behavioral anomalies β using real-time AI-driven threat analysis powered by a local LLM (Ollama).
Unlike static firewalls, SentientGate's Sentient MCP (Master Control Program) analyzes user behavioral history using a layered Strategy pattern β from rule-based pattern matching to AI anomaly detection β all without any external API dependency.
π Live Dashboard: https://sentient-gate.vercel.app/
Live Demo Β· Architecture Β· Services Β· Tech Stack Β· Quick Start Β· Docker Setup Β· Folder Structure
The architecture follows a distributed, event-driven microservice model where detection, analysis, and enforcement are completely decoupled for maximum scalability and resilience.
A suspicious request flows through the following pipeline:
Incoming Request
β
βΌ
ApiGateway βββΊ Kafka Event Bus βββΊ MCPService
β β
β βββββββ΄βββββββββββ
β LoggingService AIService
β (via gRPC) (Ollama LLM)
β β
βββββββββ Redis Blacklist βββββββββββ
(TTL Enforcement)
ApiGateway/Β· Spring Boot Β· Maven Β· Port8079
The entry point of the entire system.
- Visitor Identity Signing β generates and validates fingerprinted visitor tokens
- Sub-millisecond Blacklist Enforcement β checks Reactive Redis for blocked IPs/tokens instantly
- Threat Event Publishing β publishes
SecurityAlertEventto Kafka for async analysis - Reactive Architecture β built on Spring WebFlux for non-blocking, high-throughput processing
- Global Filters β authentication, request validation, rate limiting applied as gateway filters
MCPService/Β· Spring Boot Β· Gradle Β· The "Brain"
The core decision-making engine of SentientGate.
- Consumes
SecurityAlertEventfrom Kafka - Fetches 10-minute behavioral history from LoggingService via gRPC
- Applies a layered, Strategy-based threat analysis pipeline:
| Strategy | Type | Detects |
|---|---|---|
PatternMatchStrategy |
Rule-Based | SQL Injection, XSS, Path Traversal |
BurstTrafficStrategy |
Heuristic | Burst traffic, high error rate, bot probing |
AiAnomalyStrategy |
AI-Driven | Behavioral entropy, non-human activity patterns |
- Applies TTL-based dynamic blocking via Redis for temporary bans (prevents false positives)
AIService/Β· Spring Boot Β· Maven Β· Reactive
The AI inference microservice.
- Interfaces with a local Ollama LLM (
llama3model) - Performs deep behavioral anomaly detection on request patterns
- Called only for high-complexity, edge-case threats to avoid latency impact on the gateway
- Fully reactive using Spring WebFlux
LogingService/Β· Spring Boot Β· Gradle Β· gRPC Server
The memory and data layer of the system.
- Records all gateway interaction logs to PostgreSQL
- Exposes gRPC endpoints for MCPService to fetch behavioral history
- Consumes gateway decision events from Kafka
- Powers entropy and pattern-based behavioral scoring
- Provides REST APIs for the monitoring dashboard
EurekaServer/Β· Spring Cloud Β· Gradle Β· Port8761
Netflix Eureka service discovery server.
- All microservices register here dynamically
- Enables load-balanced, service-name-based inter-service routing (used with gRPC and Feign)
DummyService/Β· Spring Boot Β· Gradle
A mock protected backend service that demonstrates the security mesh in action.
- Simulates a real downstream microservice behind the gateway
- Used for end-to-end testing of detection, blocking, and request forwarding behavior
UI/sentinel-gateway-ui/Β· React Β· Vite Β· Tailwind CSS Β· Port5173
A real-time security monitoring dashboard.
- Live request logs and threat detection feed
- Gateway statistics and charts (
/dashboard) - Visualizes blocked IPs, threat reason breakdown, and traffic patterns
- Communicates with backend via the ApiGateway
| Layer | Technology | Purpose |
|---|---|---|
| Backend | Java 21, Spring Boot 3.x | Core service runtime |
| Reactive | Spring WebFlux, Project Reactor | Non-blocking, high-throughput I/O |
| Service Discovery | Spring Cloud Netflix Eureka | Dynamic service registration |
| Messaging | Apache Kafka | Async, decoupled threat event pipeline |
| Communication | gRPC | Low-latency inter-service calls (MCP β Logging) |
| HTTP Client | OpenFeign | REST-based service-to-service calls |
| Cache / Blacklist | Redis (Reactive) | Sub-millisecond TTL-based block enforcement |
| Database | PostgreSQL | Persistent request log storage |
| AI Inference | Ollama (llama3) |
Local, privacy-first LLM anomaly detection |
| Frontend | React, Vite, Tailwind CSS | Security monitoring dashboard |
| Containerization | Docker, Docker Compose | Full-stack orchestration |
| Build Tools | Maven, Gradle | Per-service build management |
- TTL-Based Blocking β temporary bans prevent permanent false positives; auto-expire via Redis
- Kafka Buffering β security events are buffered, preventing system collapse under spike load
- Decoupled AI β AI inference happens asynchronously; it never adds latency to the gateway response
- Strategy Pattern β threat detection rules are modular and independently extensible
- Stateless Services β every service is designed for horizontal scalability with no shared in-memory state
- Local AI β Ollama runs fully on-premise β zero external API dependency, total data privacy
SentientGate/
βββ ApiGateway/ # Spring Boot (Maven) β Entry point, filters, blacklist
β βββ src/main/java/
β βββ filters/ # Global filters: Auth, RateLimit, RequestValidation
β βββ services/ # Redis blacklist service, Kafka publisher
β
βββ MCPService/ # Spring Boot (Gradle) β Sentient threat analysis engine
β βββ src/main/java/
β βββ strategy/ # PatternMatch, BurstTraffic, AiAnomaly strategies
β βββ kafka/ # Security alert consumer
β βββ grpc/ # gRPC client to LoggingService
β
βββ AIService/ # Spring Boot (Maven) β Ollama LLM integration
β βββ src/main/java/
β βββ service/ # OllamaService β behavioral anomaly analysis
β
βββ LogingService/ # Spring Boot (Gradle) β gRPC server, log persistence
β βββ src/main/java/
β βββ kafka/ # Gateway decision consumer
β βββ grpc/ # gRPC server β behavioral history provider
β βββ repository/ # PostgreSQL interaction log repository
β
βββ EurekaServer/ # Spring Cloud Eureka β Service registry
β
βββ DummyService/ # Spring Boot (Gradle) β Mock protected service
β
βββ UI/
β βββ sentinel-gateway-ui/ # React + Vite + Tailwind β Monitoring dashboard
β βββ src/
β βββ components/ # Dashboard, charts, log viewer components
β βββ pages/ # Route-based page views
β
βββ Architectures/ # Architecture and sequence diagrams
βββ docker-compose.yml # Full-stack Docker Compose orchestration
βββ push_images.sh # Docker Hub image publish script
βββ run_tests.sh # Automated test runner script
βββ README.md
| Requirement | Version |
|---|---|
| Java | 21+ |
| Maven | 3.8+ |
| Gradle | 8+ |
| Docker & Docker Compose | Latest |
| Ollama | Latest |
| Node.js | 18+ (for UI dev only) |
The fastest way to run the full stack. All service images are pre-built and published to Docker Hub.
# Install Ollama: https://ollama.com
ollama serve
ollama pull llama3git clone https://github.com/shrihari7396/SentientGate.git
cd SentientGate
docker compose up -dDocker Compose will automatically start:
| Container | Image | Port |
|---|---|---|
sentient-postgres |
postgres:16.2 |
5433 |
sentient-redis |
redis:7.2.4 |
6379 |
sentient-kafka |
confluentinc/cp-kafka:7.5.0 |
9092 |
sentient-zookeeper |
confluentinc/cp-zookeeper:7.5.0 |
β |
eureka-server |
shrihari7396/eureka-server:latest |
8761 |
api-gateway |
shrihari7396/api-gateway:latest |
8079 |
logging-service |
shrihari7396/logging-service:latest |
β |
mcp-server |
shrihari7396/mcp-server:latest |
β |
ai-service |
shrihari7396/ai-service:latest |
β |
dummy-service |
shrihari7396/dummy-service:latest |
β |
sentinel-ui |
shrihari7396/sentinel-ui:latest |
5173 |
http://localhost:5173 β Sentinel Gateway Dashboard (UI)
http://localhost:8761 β Eureka Service Registry
http://localhost:8079 β API Gateway (entry point)
# Start Kafka, Zookeeper, Redis, and PostgreSQL via Docker
docker compose up -d postgres redis zookeeper kafkaollama serve
ollama pull llama3# 1. Service Registry
cd EurekaServer && ./gradlew bootRun
# 2. Data + Memory layer
cd LogingService && ./gradlew bootRun
# 3. AI inference
cd AIService && mvn spring-boot:run
# 4. Sentient brain
cd MCPService && ./gradlew bootRun
# 5. Entry point
cd ApiGateway && mvn spring-boot:run
# 6. Protected mock service
cd DummyService && ./gradlew bootRun
# 7. Dashboard UI
cd UI/sentinel-gateway-ui && npm install && npm run dev# Run all service tests
bash run_tests.sh- A bot starts sending rapid, repeated requests to the ApiGateway
- The gateway detects an anomaly and publishes a
SecurityAlertEventto Kafka (non-blocking) - MCPService consumes the event and fetches the visitor's last 10 minutes of history from LoggingService via gRPC
- The Strategy Engine evaluates:
- Pattern match β checks for SQL injection, XSS payloads
- Burst traffic heuristic β detects abnormal request frequency
- AI anomaly β asks Ollama LLM to evaluate behavioral entropy
- If any strategy triggers, the visitor IP/token is written to Redis with a configurable TTL
- Future requests from this visitor are blocked at the gateway level in sub-millisecond time via Redis lookup
- The entire event is available in the Sentinel Dashboard
- β‘ Sub-millisecond blacklist enforcement using Reactive Redis
- π§ Fully local AI inference (Ollama) β no external API, no cost, full privacy
- π 100% async, event-driven threat pipeline via Apache Kafka
- 𧩠Strategy Patternβbased modular detection engine (easily extendable)
- π Horizontally scalable β all services are stateless and service-discoveryβenabled
- π³ One-command full-stack deployment via Docker Compose
- π Real-time security monitoring dashboard
Shrihari Kulkarni Computer Engineering Student
Specializing in:
- Distributed Systems & Microservice Architecture
- Computer Networking (OSI / TCP-IP)
- AI-Integrated Security Systems
- High-Concurrency & Reactive Programming
This project is licensed under the Apache License 2.0.
You are free to use, modify, and distribute this software in accordance with the terms of the license.
See the LICENSE file for full details.