Update app.py

app.py

@@ -1,26 +1,70 @@
 import streamlit as st
 import pandas as pd
 import subprocess
+import time
 
-# Create the data
+# ---------------------------- Header and Introduction ----------------------------
+
+# Set the page configuration
+st.set_page_config(
+    page_title="LLMs for Cyber Security",
+    page_icon="🔒",
+    layout="wide",
+    initial_sidebar_state="expanded",
+)
+
+# Title of the application
+st.title("🔒 LLMs for Cyber Security: State-of-the-Art Surveys")
+
+# Introduction text with link to the paper
+st.markdown("""
+This app is based on the paper: [Large Language Models for Cyber Security](https://arxiv.org/pdf/2405.04760v3). 
+It showcases LLMs in the cybersecurity landscape, summarizing key surveys and insights.
+""")
+
+# ---------------------------- Data Preparation ----------------------------
+
+# Create the data dictionary
 data = {
-    "Reference": ["Motlagh et al.", "Divakaran et al.", "Yao et al.", "Yigit et al.", "Coelho et al.", "Novelli et al.", "LLM4Security"],
+    "Reference": [
+        "Motlagh et al.", "Divakaran et al.", "Yao et al.", "Yigit et al.", 
+        "Coelho et al.", "Novelli et al.", "LLM4Security"
+    ],
     "Year": [2024, 2024, 2023, 2024, 2024, 2024, 2024],
-    "Scope": ["Security application", "Security application", "Security application, Security of LLM", "Security application, Security of LLM", "Security application", "Security application", "Security application"],
-    "Dimensions": ["Task", "Task", "Model, Task", "Task", "Task, Domain specific technique", "Task, Model, Domain specific technique", "Model, Task, Domain specific technique, Data"],
-    "Time frame": ["2022-2023", "2020-2024", "2019-2024", "2020-2024", "2021-2023", "2020-2024", "2020-2024"],
+    "Scope": [
+        "Security application", "Security application", "Security application, Security of LLM", 
+        "Security application, Security of LLM", "Security application", 
+        "Security application", "Security application"
+    ],
+    "Dimensions": [
+        "Task", "Task", "Model, Task", "Task", "Task, Domain specific technique", 
+        "Task, Model, Domain specific technique", "Model, Task, Domain specific technique, Data"
+    ],
+    "Time frame": [
+        "2022-2023", "2020-2024", "2019-2024", "2020-2024", 
+        "2021-2023", "2020-2024", "2020-2024"
+    ],
     "Papers": ["Not specified", "Not specified", 281, "Not specified", 19, "Not specified", 127]
 }
 
-# Streamlit UI
-st.title("🔒 LLMs for Cyber Security: State-of-the-Art Surveys")
-st.write("This app is based on the paper: [Large Language Models for Cyber Security](https://arxiv.org/pdf/2405.04760v3). It showcases LLMs in the cybersecurity landscape.")
-
-# Display the table
+# Convert the data dictionary into a pandas DataFrame
 df = pd.DataFrame(data)
-st.write(df)
 
-# Mermaid graph visualization for LLM in security
+# ---------------------------- Display Data Table ----------------------------
+
+st.subheader("📊 Survey Overview Table")
+
+# Display the DataFrame as an interactive table
+st.dataframe(df, height=300)
+
+# Add some spacing
+st.markdown("---")
+
+# ---------------------------- Mermaid Diagram Visualization ----------------------------
+
+st.subheader("🛡️ Security Model Visualization with Mermaid")
+
+# Define the Mermaid code
 mermaid_code = '''
 graph TD;
     A[LLMs in Security] --> B[Security Application]
@@ -30,48 +74,170 @@ graph TD;
     E --> F[Data]
 '''
 
-st.subheader("🛡️ Security Model Visualization with Mermaid")
-st.markdown(f"```mermaid\n{mermaid_code}\n```")
+# Display the Mermaid diagram using markdown
+st.markdown(f"""
+```mermaid
+{mermaid_code}
+```
+""")
+
+# Explanation of the diagram
+st.markdown("""
+Figure: The diagram illustrates how Large Language Models (LLMs) are applied in security, highlighting the flow from general applications to specific tasks, models, domain-specific techniques, and data considerations.
+""")
 
-# Scrollable content for additional insights
+# Add some spacing
+st.markdown("---")
+
+# ---------------------------- Scrollable Content for Additional Insights ----------------------------
+st.subheader("📝 Additional Insights")
+
+# Custom CSS for scrollable content
 st.markdown("""
 <style>
     .scrollable-content {
-        height: 200px;
+        height: 250px;
         overflow-y: scroll;
+        padding: 10px;
+        border: 1px solid #ccc;
     }
 </style>
+""", unsafe_allow_html=True)
+
+# Scrollable content with insights
+st.markdown("""
 <div class="scrollable-content">
-    <h3>Scroll Through for More Insights:</h3>
+    <h4>Survey Highlights:</h4>
     <ul>
-        <li>2022-2023: Not specified by Motlagh et al.</li>
-        <li>2020-2024: Yigit and Divakaran focusing on tasks and models.</li>
-        <li>Coelho introduces domain-specific techniques from 2021 to 2023.</li>
+        <li><strong>Motlagh et al. (2024)</strong>: Focused on security applications within 2022-2023 but did not specify the number of papers reviewed.</li>
+        <li><strong>Divakaran et al. (2024)</strong>: Explored security applications from 2020-2024 without specifying the number of papers.</li>
+        <li><strong>Yao et al. (2023)</strong>: Reviewed 281 papers covering both security applications and the security of LLMs between 2019-2024.</li>
+        <li><strong>Yigit et al. (2024)</strong>: Concentrated on security applications and the security of LLMs from 2020-2024 without specifying paper count.</li>
+        <li><strong>Coelho et al. (2024)</strong>: Introduced domain-specific techniques in security applications, covering 19 papers from 2021-2023.</li>
+        <li><strong>Novelli et al. (2024)</strong>: Discussed tasks, models, and domain-specific techniques in security applications without specifying paper count.</li>
+        <li><strong>LLM4Security (2024)</strong>: Comprehensive survey of 127 papers from 2020-2024, covering models, tasks, domain-specific techniques, and data.</li>
     </ul>
+    <h4>Key Observations:</h4>
+    <ol>
+        <li>The interest in applying LLMs to cybersecurity has significantly increased since 2019.</li>
+        <li>There's a growing focus on not just using LLMs for security tasks but also securing the LLMs themselves.</li>
+        <li>Domain-specific techniques are becoming more prominent, indicating a move towards specialized security solutions.</li>
+    </ol>
 </div>
 """, unsafe_allow_html=True)
 
-# Simulate running a security audit using pip-audit
+# Add some spacing
+st.markdown("---")
+
+# ---------------------------- Security Audit Section ----------------------------
 st.subheader("🔍 Run Python Dependency Security Audit")
 
-# Define a button for auditing
+# Explanation of the security audit
+st.markdown("""
+Keeping your project's dependencies secure is crucial. Use the button below to run a security audit on the Python packages used in this environment.
+""")
+
+# Button to trigger the security audit
 if st.button('Run pip-audit for Security Check'):
     with st.spinner('Running security audit...'):
+        # Simulate a delay for the audit process
+        time.sleep(2)
+        # Run the pip-audit command
         result = subprocess.run(['pip-audit'], capture_output=True, text=True)
+        # Display the audit results
         st.code(result.stdout)
+    st.success('Security audit completed!')
 
-# AI Tips for Reducing Security Risks with Pair Programming
+# Note about pip-audit
+st.markdown("""
+Note: The pip-audit tool checks your Python environment for packages with known vulnerabilities, referencing public CVE databases.
+""")
+
+# Add some spacing
+st.markdown("---")
+
+# ---------------------------- AI Pair Programming Recommendations ----------------------------
 st.subheader("🤖 AI Pair Programming: Security Recommendations")
+
+st.markdown("""
+Leveraging AI in pair programming can enhance code security and quality. Here are some recommendations:
+
+1. **Reduce Code Complexity**: AI tools can suggest code refactoring to simplify complex code blocks, making them more maintainable and less error-prone.
+2. **Minimize Attack Surface**: AI can identify unnecessary code paths and dependencies, allowing developers to remove or secure them.
+3. **Automate Security Scans**: Integrate AI-powered security scanners to continuously monitor code for vulnerabilities.
+4. **Code Review Assistance**: AI can assist in code reviews by highlighting potential security issues and non-compliance with best practices.
+5. **Secure Coding Practices**: AI can provide real-time suggestions for secure coding patterns and discourage the use of insecure functions.
+""")
+
+# Add some spacing
+st.markdown("---")
+
+# ---------------------------- Azure Deployment Information ----------------------------
+st.subheader("☁️ Azure Deployment Information")
+
+st.markdown("""
+While this demo does not include operational deployment, here's how you can deploy this application using Azure services:
+
+**Azure Container Apps**: Use Azure Container Apps to deploy and manage containerized applications at scale without managing infrastructure.
+- Benefits:
+  - Serverless containers
+  - Built-in support for scaling
+  - Integrated with Azure services
+
+**Azure Container Registry (ACR)**: Store and manage your container images securely.
+- Steps:
+  1. Build your Docker image.
+  2. Push the image to ACR.
+  3. Configure Azure Container Apps to pull the image from ACR.
+
+**Azure Cosmos DB**: Use Cosmos DB to store security audit results, logs, and other application data.
+- Features:
+  - Globally distributed
+  - Multi-model database service
+  - Low latency and high availability
+""")
+
+# Add some spacing
+st.markdown("---")
+
+# ---------------------------- Footer and Additional Resources ----------------------------
+st.subheader("📚 Additional Resources")
+
+# List of additional resources and links
 st.markdown("""
-- **Reduce Code Complexity**: AI can recommend code simplification strategies.
-- **Minimize Attack Surface**: AI can simulate attacks and highlight vulnerable points.
-- **Automate Security Scans**: Use tools like `pip-audit` for continuous CVE checks.
+- [Official Streamlit Documentation](https://docs.streamlit.io/)
+- [pip-audit GitHub Repository](https://github.com/pypa/pip-audit)
+- [Mermaid Live Editor](https://mermaid.live/) - Design and preview Mermaid diagrams.
+- [Azure Container Apps Documentation](https://docs.microsoft.com/en-us/azure/container-apps/)
+- [Cybersecurity Best Practices by CISA](https://www.cisa.gov/cybersecurity-best-practices)
 """)
 
-# Add Azure deployment details (not operational in this demo)
-st.subheader("Azure Deployment Information")
-st.write("""
-- **Azure Container Apps**: Easily deploy and scale your app with Azure Container Apps.
-- **Azure Container Registry**: Store and manage container images.
-- **Cosmos DB**: Use Cosmos DB to store security audit results and logs.
+# Contact information or call to action
+st.markdown("""
+If you have any questions or would like to contribute to this project, please reach out or submit a pull request on GitHub.
 """)
+
+# Add some spacing
+st.markdown("---")
+
+# ---------------------------- Sidebar Content ----------------------------
+# Add content to the sidebar
+st.sidebar.title("Navigation")
+st.sidebar.markdown("""
+- [Introduction](#llms-for-cyber-security-state-of-the-art-surveys)
+- [Survey Overview Table](#survey-overview-table)
+- [Security Model Visualization](#security-model-visualization-with-mermaid)
+- [Additional Insights](#additional-insights)
+- [Security Audit](#run-python-dependency-security-audit)
+- [AI Recommendations](#ai-pair-programming-security-recommendations)
+- [Azure Deployment](#azure-deployment-information)
+- [Additional Resources](#additional-resources)
+""", unsafe_allow_html=True)
+
+# Add an about section
+st.sidebar.title("About")
+st.sidebar.info("""
+This Streamlit app was developed to demonstrate the intersection of Large Language Models and Cybersecurity, highlighting recent surveys and providing tools and recommendations for secure coding practices.
+""")
+
+# ---------------------------- End of App ----------------------------