Data

Tools

Indexes

Applications

Experiments

Open Source Science

shellm

Code for shelLM tool

https://github.com/stratosphereips/shellm

Science Score: 44.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (11.8%) to scientific vocabulary
Last synced: 10 months ago · JSON representation ·

Repository

Code for shelLM tool

Basic Info
  • Host: GitHub
  • Owner: stratosphereips
  • License: other
  • Language: Python
  • Default Branch: main
  • Homepage:
  • Size: 71.3 KB
Statistics
  • Stars: 51
  • Watchers: 6
  • Forks: 7
  • Open Issues: 2
  • Releases: 0
Created almost 3 years ago · Last pushed over 1 year ago
Metadata Files
Readme Contributing License Citation

README.md

shelLM

The shelLM honeypot suite creates interactive, dynamic, and realistic honeypots through the use of Large Language Models (LLMs). The shelLM tool was created from a research project to show the effectiveness of dynamic fake file systems and command responses to keep attackers trapped longer, thus increasing the intelligence collected.

The extension of shelLM to a larger deception framework we call VelLMes can be found here: https://github.com/stratosphereips/VelLMes-AI-Honeypot/tree/main

Features

shelLM was developed in Python and currently uses Open AI GPT models. Among its key features are:

  1. The content from a previous session is carried over to a new session to ensure consistency.
  2. It uses a combination of techniques for prompt engineering, including chain-of-thought.
  3. Uses prompts with precise instructions to address common LLM problems.
  4. More creative file and directory names
  5. Allows users to "move" through folders
  6. Response is correct also for non-commands.
  7. sudo command not allowed

Installation

The installation steps are as follows:

bash ~$ # Install requirements ~$ pip install -r requirements.txt ~$ ~$ # Create env file ~$ cp env_TEMPLATE .env ~$ # Edit env file to add OPEN AI API KEY ~$ vim .env

Usage

Run shelLM with the following command: ~$ python3 LinuxSSHbot.py image

FAQ

What services does shelLM uses?

This version of shelLM can simulate an SSH honeypot.

Are you planning on supporting other services?

Yes. This is part of ongoing research focused on more services.

Is this just a wrapper for Open AI?

No. The core of the tool are the Prompts, that have been engineered specially to guarantee a correct behavior. Also shelLM provides other features like session management, error handling, log storage, and other key features needed in honeypots.

About

This tool was developed at the Stratosphere Laboratory at the Czech Technical University in Prague.

Owner

  • Name: Stratosphere IPS
  • Login: stratosphereips
  • Kind: organization
  • Location: Prague

Cybersecurity Research Laboratory at the Czech Technical University in Prague. Creators of Slips, a free software machine learning-based behavioral IDS/IPS.

Citation (CITATION.cff) 

cff-version: 1.2.0
title: "SheLLM"
version: 1.0.0
doi: 
date-released: 2023-07-22
url: "https://github.com/stratosphereips/SheLLM"
message: "If you use this software, please cite it as below."
authors:
- family-names: "Sladic"
  given-names: "Muris"
  email: sladimur@fel.cvut.cz
  affiliation: >-
      Stratosphere Laboratory, AIC, FEL, Czech
      Technical University in Prague
  orcid: "0009-0002-9308-2086"
- family-names: Valeros
  given-names: Veronica
  email: valerver@fel.cvut.cz
  affiliation: >-
      Stratosphere Laboratory, AIC, FEL, Czech
      Technical University in Prague
  orcid: 'https://orcid.org/0000-0003-2554-3231'
- family-names: "Catania"
  given-names: "Carlos"
  email: harpo@ingenieria.uncuyo.edu.ar
  affiliation: >-
      School of Engineering, UNCuyo
  orcid: "https://orcid.org/0000-0002-1749-310X"
- family-names: Garcia
  given-names: Sebastian
  email: sebastian.garcia@agents.fel.cvut.cz
  affiliation: >-
      Stratosphere Laboratory, AIC, FEL, Czech
      Technical University in Prague
  orcid: 'https://orcid.org/0000-0001-6238-9910'

GitHub Events

Total
  • Watch event: 10
  • Push event: 2
  • Fork event: 1
  • Create event: 2
Last Year
  • Watch event: 10
  • Push event: 2
  • Fork event: 1
  • Create event: 2

Dependencies

.github/workflows/autotag.yml actions
  • actions/checkout v2 composite
  • anothrNick/github-tag-action 1.36.0 composite
requirements.txt pypi
  • openai *
  • python-dotenv *
  • pyyaml *
  • requests *