Project · Prototype

ViShield

Android vishing detection prototype that turns live-call audio into speech, language cues, and risk-scored user alerts.

Stack
BERTNLPRisk scoring
01Problem
Voice phishing relies on urgency, impersonation, and social pressure to push users into disclosing sensitive information. ViShield focuses on the intent of the conversation instead of caller reputation, making it more relevant against spoofed numbers and AI-assisted social engineering.
02Prototype Architecture
ViShield is structured as a product prototype around mobile capture, speech-to-text, semantic classification, risk scoring, and user alerts. The architecture treats the phone as the decision surface while keeping the detection pipeline explicit and explainable.
03Audio Pipeline
The prototype runs on a rooted Android device with Magisk and SKVALEX Call Recorder. A foreground CallDetection Service watches the dynamic .wav.temp recording buffer, copies five-second audio segments, then sends them asynchronously through transcription and classification while the call is still active.
04Language Model
The detection layer compares transformer-based classifiers including RoBERTa and ModernBERT. The models were trained on a combined phishing corpus of 74,014 SMS and email samples, relying on the transferability of fraud semantics from text to transcribed voice conversations.
05User Feedback
The Kotlin and Jetpack Compose interface exposes a protection dashboard, threat analysis screens, and sensitivity settings. Suspicious conversations are translated into risk scores, contextual indicators, notifications, and haptic or audio cues so the user can react without leaving the call flow.
06Deployment Constraint
The root-based implementation proves feasibility but is not a consumer deployment path. A production version would require OS-level, OEM, or operator integration to access call audio safely while preserving privacy and platform security guarantees.

Prototype visuals

Screens & evidence

Architecture

ViShield architecture pipeline from incoming call to data collection, preprocessing, detection, scoring, alerting, and logging

Detection pipeline

End-to-end architecture showing how call signals move through collection, preprocessing, model analysis, scoring, alerting, and feedback loops.

ViShield landing page concept with mobile dashboard mockup

Product concept

A dark-mode presentation concept used to explain ViShield's protection model and real-time call monitoring.

Mobile prototype

ViShield mobile dashboard showing protected status and recent call activity

Protection dashboard

The dashboard summarizes protection state, analyzed calls, blocked threats, and recent call activity.

ViShield threat analysis screen showing critical risk indicators

Threat analysis

Suspicious calls are translated into a risk score and contextual indicators such as urgency and impersonation.

ViShield settings screen with sensitivity level and notification toggles

Protection settings

Sensitivity controls let the user tune how aggressively the prototype surfaces risk alerts.

Evaluation

Word cloud comparing phishing and safe text terms used for model analysis

Semantic dataset analysis

The model work included dataset exploration to compare phishing and safe language patterns before fine-tuning.

XGBoost recall versus false positive rate chart for metadata classifier

Metadata classifier trade-off

A complementary metadata classifier explored recall versus false-positive trade-offs for configurable protection levels.