This specification defines the Context Risk Engine (CRE): how it correlates multiple signals into compound risk scores, the scoring model, temporal/context multipliers, and decision thresholds.
Audience: Detection/ML engineers, security auditors.
In-Scope Out-of-Scope Risk scoring model (base + multipliers) Individual detector implementation Temporal correlation windows Event persistence and delivery Context multiplier definitions Policy hierarchy and conflict resolution Decision thresholds and actions Cloud Enrichment internals
The compound risk score is computed from three factors:
Each individual signal carries an inherent danger rating.
Signal Type Base Score Source Call from unknown number 15 Call Monitor Call from known fraud database 80 Call Monitor + Cloud Urgency language detected 40 ML NLP (Stage 2) App installation (sideload) 35 App Monitor App installation (official store) 5 App Monitor Remote access app detected 60 App Monitor Banking app opened 10 App Monitor Phishing URL detected 70 Network Monitor Unknown HID device 25 System Monitor
When multiple signals occur within the same time window, their risk scores are multiplied, not added . This reflects the exponentially increased danger of simultaneous threat indicators.
Time Window Multiplier Rationale 0–2 minutes 2.0× Short-window correlation (e.g., call + app install within 2 minutes) 2–10 minutes 1.5× Medium-window correlation 10–60 minutes 1.2× Long-window correlation (multi-hour attack progression)
Specific signal combinations are classified as extra dangerous, receiving additional multipliers.
Signal Combination Context Multiplier Rationale Active call + remote access app install 3.0× Classic tech-support scam pattern Active call + banking app opened 2.5× Bank impersonation pattern Sideload + accessibility permission request 2.5× Malware installation pattern Unknown call + urgency language + transfer attempt 3.0× Financial fraud pattern
Compound Risk Score Action Guardian Notification 0–29 Allow (logged, no visible intervention)No 30–69 Warn (user sees explanation + decision prompt)Optional (configurable) 70–100 Block (automatic intervention)Yes (immediate)
Current workspace note: the prototype policy path currently uses simpler thresholds and does not implement the full documented target model on this page.
Action User Experience Audit Allow No visible intervention Event logged with full context Warn User sees context explanation + recommendation. User can proceed or abort. Event logged with user decision Block Automatic intervention (app install stopped, permission denied, connection blocked) Event logged. Guardian notified with timeline.
target_compound_score = Σ(base_scores) × temporal_multiplier × context_multiplier
Where:
Σ(base_scores) = sum of all active signal base scores in the current evaluation windowtemporal_multiplier = multiplier based on time proximity of signals (≥ 1.0)context_multiplier = multiplier for known dangerous combinations (≥ 1.0)
The compound score is clamped to the range [0, 100].
Current workspace note: the implemented prototype context engine is currently additive and does not yet apply the documented temporal/context multipliers.
Time Event Signal Score Running Compound Action T+0s Incoming call from unknown number Low Low Allow T+30s Urgency language detected in call context Medium Medium Allow T+90s AnyDesk installation attempted during active call High Critical (temporal × context multiplier)Block + Guardian Alert
Time Event Signal Score Running Compound Action T+0s Incoming call from spoofed bank number Low Low Allow T+45s Banking app opened during call Medium Medium Allow T+120s Unusually high transfer amount initiated High Very High (temporal × context multiplier)Warn + Context Explanation
Time Event Signal Score Running Compound Action T+0s Sideloaded app installed Medium Medium Allow T+10s App requests accessibility permission High High (context multiplier: sideload + accessibility) Warn T+60s Incoming call from unknown number Medium → Critical Critical (three-signal compound)Block + Disable App + Guardian Alert
Component Target Status Signal ingestion → base score < 10 ms Target only Temporal correlation evaluation < 5 ms Target only Context multiplier lookup < 1 ms Target only Total CRE evaluation < 20 ms Target only
Failure Impact Mitigation Signal source unavailable Incomplete compound score CRE evaluates available signals only. Reduced correlation but no false silence. Temporal window missed Late signal not correlated Configurable window extension. Late signals trigger re-evaluation. Context multiplier misconfigured Over-blocking or under-blocking Policy Engine validates multiplier ranges. Out-of-range values rejected. CRE process crash No compound scoring Signals fall through to Policy Engine with individual scores. Fail-open for allow, fail-closed for high-confidence threats.
