🚀 TeleChat 🔒

🌟 Professional-Grade Secure Chat Application

TeleChat is an enterprise-level, TCP-based secure chat room application built with Python, featuring cutting-edge PyQt5 GUI, high-grade encryption, advanced cybersecurity features, intelligent file sharing, and real-time security monitoring. This application showcases advanced programming concepts including Object-Oriented Programming (OOP), Data Structures & Algorithms (DSA), and comprehensive cybersecurity implementation.

Overview

Softwarica College of IT and E-Commerce

"Coursework 2"

Programming and Algorithm 2 (Python) - Lecturer: Suman Shrestha

Telechat - 26th June (3rd Semester)

⚡ Quick Start - Verify Security Works

🔍 Complete security verification:

cd Main-PyQT-GUI
python comprehensive_security_test.py

🖥️ Start the secure server:

cd Main-PyQT-GUI
python Main_Server.py

💻 Start the client:

cd Main-PyQT-GUI
python Main_Client.py

🎯 What you'll experience:

🔐 Password Protection Server authentication challenges	🛡️ Real-time Security Live threat detection	🚫 XSS Blocking Dangerous content warnings
📊 Rate Limiting Spam & DoS protection	🔍 File Security Malware detection	📋 Audit Logging Security event tracking
⚠️ Live Alerts Security notifications	👮 Admin Controls User management	💎 Modern UI Professional interface

🚀 Features

🛡️ Security Features

🔐 Advanced Authentication & Access Control

🔐 Password Authentication: Military-grade server access with brute-force protection
🛡️ Session Management: Secure session handling with intelligent timeout protection
🚫 Brute-force Protection: Smart rate limiting on authentication attempts
📊 Session Tracking: Real-time monitoring of user sessions and activities

🛡️ Real-time Threat Detection & Prevention

🚨 XSS Detection: Advanced real-time blocking of malicious script injections
🔐 Content Filtering: Intelligent detection of dangerous content patterns
⚡ Live Monitoring: Instant threat detection with immediate response
📋 Threat Intelligence: Comprehensive analysis of security threats

📊 Intelligent Rate Limiting & DoS Protection

🎯 Smart Filtering: Multi-tier rate limiting (5 msg/min, 3 auth/min, 10 conn/min)
🚫 DoS Prevention: Advanced protection against denial of service attacks
⚖️ Load Balancing: Intelligent message throttling and queue management
📋 Analytics: Real-time monitoring of usage patterns and anomalies

🔍 Advanced File Security & Malware Detection

🦠 Malware Scanning: Advanced file content analysis and threat detection
🔐 Size Validation: Intelligent file size limits with security considerations
🔐 Type Validation: Comprehensive file type analysis and filtering
✅ Transfer Confirmation: Explicit success/failure notifications with detailed feedback

💻 Core Functionality

🌐 Network	🎨 Interface	🔐 Security	📁 File System
Multi-client TCP server	Modern PyQt5 GUI	AES-256 encryption	Intelligent file sharing
Concurrent connections	Professional dark theme	PBKDF2 key derivation	Malware detection
Authentication handling	Responsive design	Message validation	Size validation
Thread-safe operations	Real-time updates	Security monitoring	Auto-download system

⚙️ Advanced Technical Features

graph TB
    A[🔒 Security Dashboard] --> B[🔍 Real-time Monitoring]
    A --> C[📊 Multi-tier Rate Limiting]
    A --> D[🛡️ Session Management]

    B --> E[⚠️ Threat Detection]
    B --> F[📋 Security Events]

    C --> G[💬 Message Limits]
    C --> H[🔑 Auth Limits]
    C --> I[🌐 Connection Limits]

    D --> J[✅ File Validation]
    D --> K[🔄 Thread-safe Ops]
    D --> L[🎨 Modern UI]

🖥️ Security Dashboard: Real-time monitoring of connections, threats, and security events
📊 Multi-tier Rate Limiting: Intelligent limits for messages, authentication, and connections
🔐 Session Management: Advanced session handling with timeout protection
✅ File Transfer Validation: Server-side acceptance/rejection with detailed client feedback
🔄 Thread-safe Operations: Bulletproof concurrent access protection
🎯 Error Handling: Comprehensive error management with graceful degradation
💎 Modern UI Design: Professional interface with security-focused color coding

🏗️ Technical Implementation

🧠 Object-Oriented Programming (OOP)

Advanced modular design with inheritance, encapsulation, and polymorphism

📊 Data Structures & Algorithms

🔍 Click to view detailed implementation

🔄 Multi-tier Rate Limiting: Separate FIFO queues for different operation types
🗂️ User Management: Thread-safe HashMaps for efficient user lookup and session management
🔍 Security Events: Ordered lists with efficient searching and filtering algorithms
🔑 Authentication Tracking: Binary search trees for lightning-fast session validation
⚡ Thread-safe Collections: Advanced concurrent access protection with proper synchronization
📁 File Transfer Tracking: Dictionary-based tracking of transfer states and confirmations

🎯 Design Patterns

👁️ Observer Pattern: Real-time security monitoring and event handling
🏭 Factory Pattern: Dynamic message creation and processing
🎯 Singleton Pattern: Centralized security manager for system-wide protection

🔐 Security Stack

Layer	Technology	Purpose
🔒 Encryption	AES-256 with Fernet	Military-grade message protection
🔑 Key Derivation	PBKDF2-HMAC-SHA256 (100k iterations)	Quantum-resistant key generation
🛡️ Threat Detection	Advanced regex + ML patterns	XSS, injection, malware detection
🔐 Authentication	Password + session management	Multi-factor access control
🌐 Network Security	Rate limiting + protocol filtering	DoS protection + traffic analysis

📋 Requirements & Installation

🖥️ System Requirements

Component	Requirement	Status
🐍 Python	3.12+
💻 OS	Windows/Linux/MacOS
🧠 RAM	4GB minimum
🌐 Network	TCP connectivity

📦 Python Dependencies

# 🎨 GUI Framework
PyQt5>=5.15.0

# 🖼️ Image Processing
pillow>=9.0.0

# 🔐 Cryptography
cryptography>=3.4.8

# 🌐 Built-in Modules
socket threading json

🛠️ Installation

📥 Step 1: Clone Repository

git clone https://github.com/Makkkiiii/Coursework2-Tele-ChatRoom.git
cd Tele-ChatRoom

🔧 Step 2: Install Dependencies

pip install PyQt5 pillow cryptography

✅ Step 3: Verify Installation

cd Main-PyQT-GUI
python comprehensive_security_test.py

✨ If you see green checkmarks, you're ready to go! ✨

🚀 Quick Start Guide

🎯 Method 1: Run Applications (Recommended)

🖥️ Server Setup

cd Main-PyQT-GUI
python Main_Server.py

💻 Client Connection

cd Main-PyQT-GUI
python Main_Client.py

🎉 Launch both in separate terminals for the full experience! 🎉

🔍 Method 2: Security Verification

🛡️ Complete Security Testing Suite

cd Main-PyQT-GUI
python comprehensive_security_test.py

This will test:

✅ Password authentication systems
✅ XSS detection and blocking
✅ Rate limiting effectiveness
✅ File malware detection
✅ Encryption/decryption integrity
✅ Session management security

🎮 Legacy Demo & Testing

cd Tests
python demo_usage.py

For legacy compatibility and testing:

🔄 Basic functionality verification
📊 Performance benchmarking
🧪 Unit test execution

📖 Usage Guide

🖥️ Server Administration

🛡️ Security Control Center

🚀 Server Startup

Configure host/port
Set server password
Click "Start Server"

🔐 Password Protection

Server authentication required
Brute-force protection active
Session timeout management

📊 Security Dashboard

Real-time threat monitoring
Rate limiting statistics
Security event tracking

🎯 Advanced Admin Features

👥 User Management & Monitoring

📋 Connected Users: View all active users with authentication status
⚡ Real-time Actions: Kick problematic users with one-click
📊 Session Tracking: Monitor user activity and connection duration
🔍 Behavior Analysis: Track user patterns and security events

💬 Message & Communication Control

🔍 Message Monitoring: View all server communications with filtering
🛡️ Security Filtering: Automatic XSS and malware detection
📋 Audit Trail: Comprehensive logging of all security events
⚠️ Threat Alerts: Real-time notifications of security incidents

🚫 Rate Limiting & DoS Protection

📊 Smart Throttling: Automatic protection against spam attacks
⚖️ Load Balancing: Intelligent message queue management
🎯 Custom Limits: Configurable rate limits per operation type
📈 Usage Analytics: Real-time monitoring of system performance

💻 Client Usage Experience

🌟 User Journey

flowchart LR
    A[🔗 Connect] --> B[🔑 Authenticate]
    B --> C[💬 Chat Safely]
    C --> D[📁 Share Files]
    D --> E[⚠️ Security Alerts]
    E --> C

🔐 Secure Connection Process

🔗 Step 1: Connect

Enter server details
Provide username
Input server password

🔑 Step 2: Authenticate

Complete password challenge
Establish secure session
Verify connection status

💬 Step 3: Communicate

Send encrypted messages
Real-time XSS protection
Receive security feedback

🛡️ Security Features in Action

🔍 XSS Detection	📊 Rate Limiting	🔒 File Security	🔐 Authentication
Dangerous content blocked	Message throttling	Malware detection	Password protection
Real-time warnings	Spam prevention	Size validation	Session management
Security notifications	DoS protection	Type filtering	Access control

📁 Intelligent File Sharing System

🔒 Advanced Security File Transfer

📋 Feature	📊 Specification	🛡️ Security Level
Supported Types	PNG, JPG, GIF, PDF, TXT, ZIP	✅ Type Validation
Size Limit	50MB with server validation	🔍 Size Monitoring
Security Scanning	Advanced malware detection	🛡️ Threat Analysis
Storage	`received_files/` (client-only)	🔒 No Server Storage
Encryption	AES-256 during transmission	🔐 Military Grade
Feedback	Success/failure notifications	✅ Real-time Status

🏗️ Relay-Based Architecture

sequenceDiagram
    participant C1 as 👤 Client (Sender)
    participant S as 🖥️ Secure Server
    participant C2 as 👥 Other Clients

    C1->>S: 📁 Send Encrypted File
    S->>S: 🔍 Malware Scan
    S->>S: 📏 Size Validation
    S->>S: 🛡️ Type Check

    alt ✅ File Approved
        S->>C1: ✅ Transfer Success
        S->>C2: 📁 Relay to Others
        C2->>C2: 💾 Auto-save to folder
    else ❌ File Rejected
        S->>C1: ⚠️ Security Warning
        S->>S: 📋 Log Security Event
    end

🔄 How It Works

📤 Client Side (Sender)

📁 File Selection: User selects file via intuitive GUI
🔐 Encryption: File encoded to base64 and encrypted with AES-256
📡 Transmission: Secure data sent to server with metadata
✅ Confirmation: Wait for explicit server success/failure response

🖥️ Server Side (Security & Relay)

🔍 Security Validation: File size and type verification
🦠 Malware Detection: Advanced content and metadata scanning
📊 Response Generation: Explicit success/failure notification to sender
🔄 Relay Operation: Immediate forwarding of approved files to all clients
🗑️ No Storage: Server never stores files locally (relay-only architecture)

📥 Client Side (Receivers)

📡 File Reception: Receive file data only if server-approved
💾 Auto-save: Decode and save to received_files/ folder
⚠️ Security Notifications: Receive alerts if files are blocked
🔍 Validation: Each client performs additional security validation

✨ Benefits of Our Architecture

🛡️ Security	⚡ Performance	🎯 User Experience
Server never stores files	Constant memory usage	Clear success/failure feedback
Advanced malware detection	Reduced attack surface	Real-time security notifications
File validation layers	Scalable architecture	Automatic file organization
Comprehensive audit logging	No cleanup required	Professional UI feedback

- Only validation, security scanning, and relay - no persistent storage

Client Side (Receivers):
- Clients receive the file data from server (only if approved)
- Clients decode and save file to received_files/ folder
- Receive security notifications if files are blocked
- Each client manages their own file storage with validation

Benefits of Relay Architecture

Privacy: Server never stores user files
Security: Advanced malware detection and file validation
Storage Efficiency: Server doesn't need file storage space
Attack Surface: Reduces security risks on server
Scalability: Server memory usage remains constant
Simplicity: No file cleanup or management needed on server
User Feedback: Clear success/failure notifications for all file operations

🏗️ Architecture

Network Protocol

Message Format

{
    "type": "message_type",
    "data": {
        "id": "message_id",
        "sender": "username",
        "content": "message_content",
        "type": "text|file|system",
        "file_data": {...},
        "timestamp": "ISO_timestamp"
    }
}

Message Types

text: Regular chat message (subject to XSS detection)
file: File sharing message (subject to malware detection)
system: Server notifications and security alerts
error: Error messages and warnings
server_message: Server announcements
warning: Security warnings (XSS/malware detection)
file_success: File transfer confirmation messages
auth_challenge: Password authentication requests
auth_response: Authentication responses

Data Structures Used

Rate Limiting Queues: Multi-tier FIFO queues for different operation types (messages, auth, connections)
User Management Dictionary: Thread-safe HashMap for user lookup and session management
Security Event Lists: Ordered message history with efficient searching and filtering
Authentication Tracking: Binary search trees for efficient session validation
Thread-safe Collections: Concurrent access protection with proper synchronization
File Transfer Tracking: Dictionary-based tracking of file transfer states and confirmations

🧪 Testing

Run the comprehensive security test suite:

cd Main-PyQT-GUI
python comprehensive_security_test.py

Quick Verification Tools

Complete Security Verification:

cd Main-PyQT-GUI
python comprehensive_security_test.py

Legacy Test Suite:

cd Tests
python Main_Test.py

Test Coverage

✅ Password authentication and session management
✅ XSS detection and dangerous message blocking
✅ Rate limiting and DoS protection
✅ Malicious file detection and blocking
✅ Encryption/Decryption functionality
✅ Message serialization/deserialization
✅ Thread-safe queue operations
✅ User management and kick functionality
✅ File encoding/decoding with security validation
✅ Security event logging and audit trails
✅ Error handling scenarios

🔧 Configuration

Server Configuration

Default Host: localhost
Default Port: 12345
Max Connections: 5 (configurable)
Message Buffer: 4096 bytes

Security Settings

Password Protection: Server requires password authentication (configurable)
Encryption: AES-256 with Fernet implementation
Key Derivation: PBKDF2-HMAC-SHA256 with 100,000 iterations
Rate Limiting: Configurable limits for messages (5/min), auth (3/min), connections (10/min)
XSS Detection: Advanced regex patterns for dangerous content detection
File Security: Malware detection, size limits (50MB), type validation
Session Management: Secure session handling with timeout protection
Audit Logging: Comprehensive security event logging with timestamps

File Sharing Limits

Max File Size: 50MB with server-side validation
Supported Types: All file types with security scanning
Storage Location: received_files/ (client-side only)
Security Scanning: Advanced malware detection and validation
Transfer Confirmation: Explicit success/failure notifications

🔒 Security Features

Password Authentication: Server requires password for access with brute-force protection
Advanced Threat Detection: Real-time XSS, injection, and malicious content blocking
Smart Rate Limiting: Prevents spam and DoS attacks with intelligent message filtering
Malicious File Detection: Advanced file scanning with size and type validation
Security Audit Logging: Comprehensive logging of all security events and threats
Real-time Security Alerts: Live monitoring with instant threat notifications
Input Validation: Complete sanitization of all user inputs and data
Admin Controls: Server administrator can kick users and monitor all activities
Session Management: Secure session handling with timeout protection
End-to-End Encryption: All messages encrypted with AES-256

🛡️ Error Handling

Authentication Failures: Clear feedback for incorrect passwords
Security Violations: Immediate warnings for XSS/malicious content
File Rejection: Detailed notifications for blocked files
Rate Limiting: Clear messages when limits are exceeded
Invalid Messages: Graceful error display with security logging
File Errors: Size/type validation with user feedback and server notifications
Encryption Errors: Secure fallback handling with audit logging
Network Issues: Timeout handling and user notification with reconnection support

🧩 Project Structure

The project is organized into logical folders to make navigation easier:

📁 ProgrammingAlgo2/
├── 📁 Main-PyQT-GUI/                 # Core PyQt Application Files
│   ├── Main_Client.py               # 🖥️ Main PyQt5 Client Application with Security
│   ├── Main_Server.py              # 🔒 Advanced Secure Server with Admin GUI
│   ├── core.py                     # 🏗️ Core classes (Message, User, Security)
│   ├── security.py                 # 🛡️ Enterprise security features
│   ├── launcher.py                 # 🚀 Application launcher
│   ├── comprehensive_security_test.py # 🧪 Complete security test suite
│   └── received_files/             # 📥 Client downloaded files
│
├── 📁 Main-Tkinter-GUI/             # Legacy Tkinter Implementation
│   ├── Main_Client.py              # 🖥️ Tkinter Client (Legacy)
│   ├── Main_Server.py              # 🔒 Tkinter Server (Legacy)
│   ├── core.py                     # 🏗️ Core classes for Tkinter
│   ├── security.py                 # 🛡️ Security features for Tkinter
│   └── received_files/             # 📥 Client downloaded files
│
├── 📁 Tests/                       # Testing & Verification Tools
│   ├── Main_Test.py                # 🧪 Legacy test suite
│   ├── verify_encryption.py        # ✅ Encryption verification
│   ├── demo_usage.py               # 🎮 Usage demonstration
│   ├── chat_core.py                # 🏗️ Core classes for testing
│   ├── advanced_security_fixed.py  # 🛡️ Security features for testing
│   └── debug_client.py             # 🪲 Debug client for testing
│
├── 📁 Read/                        # Documentation & Guides
│   ├── SECURITY_FEATURES.md        # 🔐 Detailed security documentation
│   └── ENCRYPTION_VERIFICATION.md  # 🔍 How to verify encryption works
│
├── 📁 received_files/              # 📥 Global file storage
├── requirements.txt                # 📦 Python dependencies
└── README.md                      # 📖 This documentation

📋 Folder Guide

📁 `Main-PyQT-GUI/` - PRIMARY APPLICATION (Start Here)

What it contains: The main PyQt5 applications with full security features

Main_Server.py - Advanced server with admin GUI, security monitoring, password protection, and user management
Main_Client.py - Modern PyQt5 client with security features, file sharing, and threat detection
core.py - Core classes (Message, User, SecurityManager, FileManager) with advanced features
security.py - Enterprise-grade security (encryption, rate limiting, XSS detection, malware scanning)
launcher.py - Application launcher for easy startup
comprehensive_security_test.py - Complete security verification suite

How to use:

First run python Main_Server.py
Then run python Main_Client.py (can run multiple instances)
Use python comprehensive_security_test.py to verify all security features

📁 `Main-Tkinter-GUI/` - Legacy Implementation

What it contains: Legacy Tkinter version (for compatibility)

Similar structure but with Tkinter GUI instead of PyQt5
Basic security features without advanced monitoring

📁 `Tests/` - Verification & Testing

What it contains: Tools to test and verify everything works

Main_Test.py - Legacy test suite
verify_encryption.py - Encryption verification
demo_usage.py - Usage demonstration examples
chat_core.py - Core classes for testing
advanced_security_fixed.py - Security features for testing

How to use:

cd Tests
python Main_Test.py           # Legacy test suite
python verify_encryption.py  # Encryption verification
python demo_usage.py         # Usage demo

📁 `Read/` - Documentation Hub

What it contains: Detailed documentation and guides

SECURITY_FEATURES.md - Complete security documentation
ENCRYPTION_VERIFICATION.md - Step-by-step encryption verification

How to use: Open these files to understand specific features in detail

📁 `received_files/`

What they contain: File storage for client downloads

received_files/ - Files downloaded by clients
Main-PyQT-GUI/received_files/ - PyQt client file storage
Main-Tkinter-GUI/received_files/ - Tkinter client file storage

How to use: These folders are automatically created and managed by the client applications. The server acts as a relay and does not store files.

🎯 Getting Started Guide

For First-Time Users

📥 Install Dependencies:
```
pip install PyQt5 pillow cryptography
```

🚀 Quick Security Demo:

cd Main-PyQT-GUI
python comprehensive_security_test.py

🖥️ Run the PyQt Application:

cd Main-PyQT-GUI
python Main_Server.py    # Terminal 1
python Main_Client.py    # Terminal 2 (new terminal)

📚 Read Documentation:
- Open Read/SECURITY_FEATURES.md for security details
- Open Read/ENCRYPTION_VERIFICATION.md for encryption verification

For Professors/Reviewers

✅ Complete Security Verification:

cd Main-PyQT-GUI
python comprehensive_security_test.py

🎮 Usage Demo:
```
cd Tests
python demo_usage.py
```
📊 Legacy Test Suite:
```
cd Tests
python Main_Test.py
```

🖥️ Try the Application:

cd Main-PyQT-GUI
python Main_Server.py    # Start server with password protection
python Main_Client.py    # Start client and test security features

🚀 Advanced Usage

Multiple Clients with Security

Start one server instance with password protection
Run multiple client instances (each needs server password)
Each client connects with unique username and authentication
All clients can communicate simultaneously with security monitoring
Server admin can monitor all connections and security events

Secure File Sharing Workflow

Client selects file using "Share File" button
File is encoded to base64 and encrypted with AES-256
Server receives and performs security validation (malware detection, size limits)
Server sends explicit success/failure notification to sender
Server broadcasts approved files to all connected clients
Clients automatically decode and save secure files
All file transfers are logged for security audit

Server Administration & Security

Monitor real-time connection status and authentication events
View security dashboard with threat detection and rate limiting
Review comprehensive security logs and audit trails
Kick problematic users with one click
Monitor XSS/malware detection events
Graceful server shutdown with client notification

🐛 Troubleshooting

Common Issues

Authentication Failed

Ensure you have the correct server password
Check if server is configured with password protection
Verify server is running and accepting connections

Connection Refused

Ensure server is running first
Check host/port configuration
Verify firewall settings
Confirm server password is set correctly

Security Warnings

XSS/dangerous content warnings are normal security features
File blocking indicates malware detection is working
Rate limiting messages show DoS protection is active

Files Not Sharing

Check file size (max 50MB)
Ensure file passes malware detection
Verify network connectivity
Check server security logs for rejection reasons

GUI Not Responding

Close and restart application
Check system resources
Update Python and PyQt5 dependencies
Verify no conflicting processes

📜 License

This project is created for educational purposes as part of the Programming & Algorithm 2 coursework. Feel free to use and modify for learning purposes.

Programming & Algorithm 2 - Enterprise Security Chat Application Built with Python • Featuring PyQt5 GUI, Enterprise Security, OOP, DSA, Encryption, and Advanced Cybersecurity

Download the zip file.
Unzip the zip file.
Run it on your machine.

2. FOR LINUX

Use Text Editor like:

Mousepad
Vim
Nano
Gedit

1. Clone the repository:

git clone https://github.com/Makkkiiii/Coursework2-Tele-ChatRoom.git

2. Compiling

You can just make the script executable by adding the following command

#!/usr/bin/env python

Give permissions

chmod +x Main_Server.py
chmod +x Main_Client.py

3. Launching the program:

cd Main-PyQT-GUI
python3 Main_Server.py
python3 Main_Client.py

Or for legacy Tkinter version:

cd Main-Tkinter-GUI
python3 Main_Server.py
python3 Main_Client.py

3. FOR MAC

It is similar to Linux and Windows.

You can use coding software, a terminal, or just clone it.

Use the desired text editor.

Steps

Follow the given instructions inside the program

Tools Used

This program was written in Python using Visual Studio Code.

What to Expect

🔐 Password Protection: Server requires authentication for access
🛡️ Security Monitoring: Real-time threat detection and prevention
🚫 XSS Protection: Dangerous messages are blocked with warnings
📊 Rate Limiting: Automatic spam and DoS protection
🔍 File Security: Malware detection and validation
📋 Audit Logging: Comprehensive security event tracking
💻 Modern GUI: Professional PyQt5 interface with dark theme
🔒 Encrypted Data: All communications secured with AES-256
⚠️ Security Alerts: Live notifications of security events

Name		Name	Last commit message	Last commit date
Latest commit History 66 Commits
.vscode		.vscode
Main-PyQT-GUI		Main-PyQT-GUI
Main-Tkinter-GUI		Main-Tkinter-GUI
Read		Read
Tests		Tests
__pycache__		__pycache__
received_files		received_files
README.md		README.md
image-1.png		image-1.png
image-2.png		image-2.png
image-3.png		image-3.png
image.png		image.png
requirements.txt		requirements.txt

Makkkiiii/Coursework2-Tele-ChatRoom

Folders and files

Latest commit

History

Repository files navigation