Cryos is an advanced, multi-agent fraud detection system that uses specialized AI agents working in orchestration to detect, analyze, and respond to fraudulent transactions in real-time. Unlike traditional rule-based or single-model fraud detection systems, Cryos employs a team of 20+ specialized AI agents, each with distinct expertise, that collaborate to understand the full context and intent behind suspicious activity.
Important Note: The demo version available on the website uses a scripted playback of a real AI agent run. Here's why:
- Real AI agents are computationally intensive: A complete analysis with all 20+ agents takes approximately 30 minutes to 1 hour to fully execute
- API costs: Each full run costs approximately $7 in API credits (using tiered models for cost optimization)
- The script is authentic: We ran the real AI agents once, logged all their responses, thoughts, and tool calls, and use that recording as the demo script. What you see in the demo is exactly what the real agents produced.
To use the real AI agents:
- Clone this repository
- Add your own environment variables (OpenRouter API key)
- Run the system locally
- The agents will execute in real-time, making live LLM calls
The demo provides an accurate representation of how the system works, but for production use or experimentation, you'll want to run the real agents with your own API credentials.
Traditional fraud detection systems typically rely on:
- Static Rules: Hard-coded thresholds (e.g., "block if amount > $1000")
- Single Model: One machine learning model making binary decisions
- Reactive Responses: Simple allow/block decisions without strategic thinking
- Limited Context: Focus on individual transactions without understanding attack patterns
- No Learning Loop: Systems don't improve from each incident
Cryos takes a fundamentally different approach:
-
Multi-Agent Architecture: 20+ specialized AI agents, each analyzing different aspects (time, location, merchant, behavior, etc.)
-
Strategic Response: Instead of simple block/allow, Cryos deploys sophisticated strategies:
- Honeypot Traps: Allow small transactions to catch larger fraud attempts
- Deception: Show "approved" while silently blocking
- Evidence Gathering: Monitor suspicious activity to learn attack patterns
- Graduated Friction: Slow down attackers with delays and challenges
-
Predictive Intelligence: Agents predict what fraudsters will do next based on known attack playbooks
-
Adversarial Thinking: An agent that thinks like a hacker to identify vulnerabilities and predict attack vectors
-
Continuous Learning: The system learns from every decision, updating thresholds and patterns automatically
-
Context-Aware Memory: Maintains episodic, semantic, and procedural memory of user behavior and past incidents
-
Human Collaboration: Intelligently decides when to involve human analysts or users
-
Proactive Communication: After analysis, an AI agent with full account context calls the user to verify suspicious activity
The MasterOrchestrator is the central command center that coordinates all agents through a state machine workflow:
Workflow States:
- DETECTION β Parallel execution of detection agents
- PREDICTION β Fraud playbook and pattern prediction agents
- THREAT β Threat escalation agent synthesizes all findings
- RESPONSE β Strategic response agent selects containment strategy
- EXECUTION β Trap deployment and countermeasure agents execute actions
- EVIDENCE β Evidence agent documents the complete audit trail
- LEARNING_UPDATE β Meta-learning agent updates system knowledge
- HUMAN_COLLABORATION β Human collaboration agent decides if user input is needed
- FINAL β Final summary generation and user notification
The orchestrator ensures agents run in the correct sequence, with parallel execution where possible, and maintains working memory throughout the process.
Kratos is a critical component that simulates sophisticated fraud attacks to test and improve the system. It's not just a testing toolβit's an intelligent adversary that:
- Analyzes User Profiles: Studies transaction history, behavioral baselines, and security profiles
- Selects Attack Playbooks: Chooses from attack types like:
- Card Testing: Progressive amount testing ($1 β $5 β $500)
- Velocity Attacks: Rapid-fire small charges
- Impossible Travel: Transactions from physically impossible locations
- Account Takeover: Settings changes followed by account draining
- Generates Realistic Fraud Transactions: Creates transactions that match real-world attack patterns
- Tests System Response: Validates that detection agents catch the attacks
Why Kratos is Important:
- Continuous Testing: Ensures the system can detect evolving attack patterns
- Realistic Scenarios: Generates attacks based on actual user behavior, making tests more meaningful
- System Hardening: By constantly testing, the system learns to defend against new techniques
- Red Team Simulation: Acts as an internal red team, finding vulnerabilities before real attackers do
Cryos employs 20 specialized AI agents, each with a focused domain of expertise:
- Role: Analyzes transaction sequences and patterns
- Detects: Velocity attacks, progressive testing, distributed drains, unusual frequency
- Output: Pattern type, anomaly score, prediction of next steps
- Role: Analyzes time-based patterns
- Detects: Unusual transaction times, rapid-fire timing, day-of-week anomalies, velocity patterns
- Output: Time anomaly score, unusual time indicators, rapid-fire detection
- Role: Analyzes merchant legitimacy and reputation
- Detects: Typosquatting, shell companies, suspicious merchant names, first-time merchants
- Output: Merchant verification status, typosquatting detection, risk assessment
- Role: Analyzes location patterns
- Detects: Impossible travel, high-risk jurisdictions, sudden location switches
- Output: Travel feasibility, jurisdiction risk, location anomaly score
- Role: Analyzes spending amounts and habits
- Detects: Amount deviations, micro-transactions, round number bias, spending anomalies
- Output: Amount anomaly score, deviation from baseline, spending pattern analysis
- Role: Analyzes broader financial context
- Detects: Unusual bill payment patterns, deposit anomalies, suspicious account activity
- Output: Financial health score, bill payment reliability, deposit pattern analysis
- Role: Detects coordinated attacks across multiple accounts
- Detects: Simultaneous activity, sequential probing, ring patterns, linked account fraud
- Output: Coordinated attack detection, correlation score
- Role: Verifies if the real user is transacting
- Detects: Device mismatches, typing speed anomalies, navigation pattern changes, bot indicators
- Output: Behavioral mismatch score, device verification, bot detection
- Role: Detects Account Takeover (ATO) attacks
- Detects: Settings changes, login anomalies, credential stuffing, session hijacking
- Output: ATO detection status, attack stage, takeover probability
- Role: Detects scams and manipulation attacks
- Detects: Urgency patterns, authority impersonation, romance scams, coercion indicators
- Output: Scam type identification, manipulation score, victim alert messages
- Role: Predicts what the fraudster will do next
- Analyzes: Known attack playbooks (Card Testing, Velocity Attack, Gift Card Conversion, Account Drain)
- Output: Attack type, current stage, next predicted step, confidence
- Role: Thinks like a hacker to find vulnerabilities
- Analyzes: Attack surface, vulnerabilities, "what would I do next?" scenarios
- Output: Identified vulnerabilities, attack vectors, recommended hardening
- Role: Detects brand new, unknown fraud techniques
- Detects: Zero-day techniques, emerging industry trends, novel attack vectors
- Output: Novel pattern detection, pattern description, industry correlation
- Role: Synthesizes all detection and prediction results into a single threat level
- Process: Weights agent results by confidence, calculates severity and urgency
- Output: Threat level (0-5: Green, Yellow, Orange, Red, Critical, Black), weighted score, escalation actions
- Role: Decides the best containment strategy
- Strategies:
- ALLOW: Low risk, legitimate transaction
- SILENT_MONITOR: Watch without user notification
- HONEYPOT: Allow small transactions to catch larger fraud
- DECEPTION: Show "approved" while silently blocking
- FREEZE: Immediate account freeze
- CHALLENGE: Require additional authentication
- Output: Selected strategy, reasoning, expected outcome, risk tolerance
- Role: Executes honeypot traps and tripwires
- Trap Types:
- AMOUNT_TRIPWIRE: Trigger on transactions above threshold
- VELOCITY_TRAP: Catch rapid-fire transactions
- GEOGRAPHIC_FENCE: Alert on location changes
- MERCHANT_CANARY: Monitor specific merchant types
- Output: Deployed traps, monitoring level, alert configuration
- Role: Executes active defense tactics
- Tactics:
- DELAY_INJECTION: Slow down attacker with processing delays
- FAKE_ERROR: Show fake errors to confuse attackers
- CHALLENGE_RESPONSE: Require additional verification
- GRADUATED_FRICTION: Gradually increase friction
- SILENT_BLOCK: Block without alerting attacker
- Output: Deployed countermeasures, deception messages, actual actions taken
- Role: Creates complete audit trail of all decisions
- Documents: Reasoning chains, financial impact, regulatory compliance, ROI calculations
- Output: Comprehensive evidence report suitable for audits and reviews
- Role: Learns from every decision to improve the system
- Updates: Agent weights, detection thresholds, pattern reinforcement
- Output: Learning updates, pattern reinforcement, threshold adjustments
- Role: Decides when to ask human users or analysts for input
- Criteria: Asks when confidence is borderline (60-75%), novel patterns detected, or high-value transactions with moderate suspicion
- Output: Decision on whether to escalate, user prompt, evidence summary, recommended default action
Before detecting fraud, the system establishes a baseline:
- Processes user's historical transactions
- Learns typical spending patterns, locations, times, merchants
- Builds behavioral baseline and financial health profile
- Only detection agents run during this phase
When a suspicious transaction arrives:
- Detection agents analyze in parallel (transaction pattern, temporal, merchant, geographic, financial, etc.)
- If suspicious (average anomaly score > 50), prediction agents forecast next steps
- Threat escalation agent synthesizes all findings into a single threat level
- Strategic response agent selects the best containment strategy
- Trap deployment and countermeasure agents execute the strategy
- Evidence agent documents everything
- Meta-learning agent updates system knowledge
- Human collaboration agent decides if user input is needed
After the complete analysis, the system:
-
Generates Comprehensive Summary:
- Attack type and description
- Total transactions analyzed
- Threat level and severity
- Strategy selected and reasoning
- Honeypot deployment (if any)
- Detection agents triggered
- Evidence quality
- Financial impact (fraud prevented, amount at risk)
-
AI Agent Phone Call:
- An AI agent with full context of the account history calls the user
- The agent has access to:
- Complete transaction history
- Behavioral baseline
- All agent findings and analysis
- Threat assessment
- Evidence report
- The agent can:
- Explain what was detected
- Verify if the transaction was legitimate
- Answer questions about the account
- Provide recommendations
- Escalate to human support if needed
This phone call is not a simple notificationβit's an intelligent conversation where the AI agent understands the full context of the user's account and can have a meaningful dialogue about the suspicious activity.
- Node.js 18+
- npm or yarn
- OpenRouter API key (for LLM access)
Note: Running the real AI agents requires API credits. Each complete analysis costs approximately $7 and takes 30-60 minutes. The demo version uses pre-recorded responses from a real run.
# Clone the repository
git clone <repository-url>
cd cryos
# Install dependencies
npm install
# Set up environment variables
cp .env.example .env
# Edit .env and add your OPENROUTER_API_KEYTo use the real AI agents (instead of the scripted demo):
- Ensure you have sufficient OpenRouter API credits
- Set your
OPENROUTER_API_KEYin the.envfile - The system will make live LLM calls when processing transactions
- Each full analysis cycle takes 30-60 minutes and costs ~$7 in API credits
The system uses tiered models for cost optimization:
- Detection agents:
openai/gpt-4o-mini(cheap, fast) - Specialized agents:
claude-3-haiku(lightweight reasoning) - Prediction agents:
openai/gpt-4o-mini(medium complexity) - Strategy agents:
claude-3.5-sonnet(strong reasoning) - Kratos:
openai/gpt-4o-mini(cheap planner)
Override in .env:
OPENROUTER_MODEL_DETECTION=openai/gpt-4o-mini
OPENROUTER_MODEL_SPECIALIZED=anthropic/claude-3-haiku
OPENROUTER_MODEL_PREDICTION=openai/gpt-4o-mini
OPENROUTER_MODEL_STRATEGY=anthropic/claude-3.5-sonnet
OPENROUTER_MODEL_KRATOS=openai/gpt-4o-mini# Start the server
npm run dev:server
# In another terminal, start the frontend
npm run dev
# Or run both together
npm run dev:allThe server runs on http://localhost:5174 and the frontend on http://localhost:5173.
GET /api/users- List available user profilesPOST /api/select-user- Select a user for simulationPOST /api/start-learning- Run baseline learning phasePOST /api/start-attack- Start a Kratos attack simulationPOST /api/run-agents- Process paused fraud transactionPOST /api/resume-kratos- Resume remaining fraud sequencePOST /api/run-demo-attack- Run complete demo (learning + attack)GET /api/replay- Get event replay buffer- WebSocket:
ws://localhost:5174/ws- Real-time event stream
Cryos uses a sophisticated memory architecture:
- Episodic Memory: Stores specific events and transactions
- Semantic Memory: Stores learned patterns and relationships
- Procedural Memory: Stores strategies and procedures that worked
- Vector Memory: Enables semantic search across past incidents
- Working Memory: Temporary context during transaction processing
This allows agents to:
- Reference similar past incidents
- Learn from successful strategies
- Build user-specific behavioral baselines
- Correlate patterns across time
- Real-time Processing: WebSocket-based event streaming
- Parallel Agent Execution: Multiple agents analyze simultaneously
- Cost-Optimized: Tiered model selection based on agent complexity
- Audit Trail: Complete documentation of all decisions
- Learning System: Continuously improves from each incident
- Human-in-the-Loop: Intelligent escalation to human analysts
- Proactive Communication: AI agent calls users with full context
- Frontend: React, Vite, TypeScript, Tailwind CSS
- Backend: Node.js, Express
- AI/LLM: OpenRouter (supports multiple providers)
- Real-time: WebSocket
- Memory: Custom vector and episodic memory system
- Voice: Retell SDK (for AI agent phone calls)
[Your License Here]
[Contributing Guidelines]
[Contact Information]
Cryos - Where AI agents collaborate to protect your financial security.