import streamlit as st import pandas as pd import subprocess import time # ---------------------------- Header and Introduction ---------------------------- # Set the page configuration st.set_page_config( page_title="LLMs for Cyber Security", page_icon="🔒", layout="wide", initial_sidebar_state="expanded", ) # Title of the application st.title("🔒 LLMs for Cyber Security: State-of-the-Art Surveys") # Introduction text with link to the paper st.markdown(""" This app is based on the paper: [Large Language Models for Cyber Security](https://arxiv.org/pdf/2405.04760v3). It showcases LLMs in the cybersecurity landscape, summarizing key surveys and insights. """) # ---------------------------- Data Preparation ---------------------------- # Create the data dictionary data = { "Reference": [ "Motlagh et al.", "Divakaran et al.", "Yao et al.", "Yigit et al.", "Coelho et al.", "Novelli et al.", "LLM4Security" ], "Year": [2024, 2024, 2023, 2024, 2024, 2024, 2024], "Scope": [ "Security application", "Security application", "Security application, Security of LLM", "Security application, Security of LLM", "Security application", "Security application", "Security application" ], "Dimensions": [ "Task", "Task", "Model, Task", "Task", "Task, Domain specific technique", "Task, Model, Domain specific technique", "Model, Task, Domain specific technique, Data" ], "Time frame": [ "2022-2023", "2020-2024", "2019-2024", "2020-2024", "2021-2023", "2020-2024", "2020-2024" ], "Papers": ["Not specified", "Not specified", 281, "Not specified", 19, "Not specified", 127] } # Convert the data dictionary into a pandas DataFrame df = pd.DataFrame(data) # ---------------------------- Display Data Table ---------------------------- st.subheader("📊 Survey Overview Table") # Display the DataFrame as an interactive table st.dataframe(df, height=300) # Add some spacing st.markdown("---") # ---------------------------- Mermaid Diagram Visualization ---------------------------- st.subheader("🛡️ Security Model Visualization with Mermaid") # Define the Mermaid code mermaid_code = ''' graph TD; A[LLMs in Security] --> B[Security Application] B --> C[Task] B --> D[Model] D --> E[Domain-Specific Techniques] E --> F[Data] ''' # Display the Mermaid diagram using markdown st.markdown(f""" ```mermaid {mermaid_code} ``` """) # Explanation of the diagram st.markdown(""" Figure: The diagram illustrates how Large Language Models (LLMs) are applied in security, highlighting the flow from general applications to specific tasks, models, domain-specific techniques, and data considerations. """) # Add some spacing st.markdown("---") # ---------------------------- Scrollable Content for Additional Insights ---------------------------- st.subheader("📝 Additional Insights") # Custom CSS for scrollable content st.markdown(""" """, unsafe_allow_html=True) # Scrollable content with insights st.markdown("""

Survey Highlights:

Key Observations:

  1. The interest in applying LLMs to cybersecurity has significantly increased since 2019.
  2. There's a growing focus on not just using LLMs for security tasks but also securing the LLMs themselves.
  3. Domain-specific techniques are becoming more prominent, indicating a move towards specialized security solutions.
""", unsafe_allow_html=True) # Add some spacing st.markdown("---") # ---------------------------- Security Audit Section ---------------------------- st.subheader("🔍 Run Python Dependency Security Audit") # Explanation of the security audit st.markdown(""" Keeping your project's dependencies secure is crucial. Use the button below to run a security audit on the Python packages used in this environment. """) # Button to trigger the security audit if st.button('Run pip-audit for Security Check'): with st.spinner('Running security audit...'): # Simulate a delay for the audit process time.sleep(2) # Run the pip-audit command result = subprocess.run(['pip-audit'], capture_output=True, text=True) # Display the audit results st.code(result.stdout) st.success('Security audit completed!') # Note about pip-audit st.markdown(""" Note: The pip-audit tool checks your Python environment for packages with known vulnerabilities, referencing public CVE databases. """) # Add some spacing st.markdown("---") # ---------------------------- AI Pair Programming Recommendations ---------------------------- st.subheader("🤖 AI Pair Programming: Security Recommendations") st.markdown(""" Leveraging AI in pair programming can enhance code security and quality. Here are some recommendations: 1. **Reduce Code Complexity**: AI tools can suggest code refactoring to simplify complex code blocks, making them more maintainable and less error-prone. 2. **Minimize Attack Surface**: AI can identify unnecessary code paths and dependencies, allowing developers to remove or secure them. 3. **Automate Security Scans**: Integrate AI-powered security scanners to continuously monitor code for vulnerabilities. 4. **Code Review Assistance**: AI can assist in code reviews by highlighting potential security issues and non-compliance with best practices. 5. **Secure Coding Practices**: AI can provide real-time suggestions for secure coding patterns and discourage the use of insecure functions. """) # Add some spacing st.markdown("---") # ---------------------------- Azure Deployment Information ---------------------------- st.subheader("☁️ Azure Deployment Information") st.markdown(""" While this demo does not include operational deployment, here's how you can deploy this application using Azure services: **Azure Container Apps**: Use Azure Container Apps to deploy and manage containerized applications at scale without managing infrastructure. - Benefits: - Serverless containers - Built-in support for scaling - Integrated with Azure services **Azure Container Registry (ACR)**: Store and manage your container images securely. - Steps: 1. Build your Docker image. 2. Push the image to ACR. 3. Configure Azure Container Apps to pull the image from ACR. **Azure Cosmos DB**: Use Cosmos DB to store security audit results, logs, and other application data. - Features: - Globally distributed - Multi-model database service - Low latency and high availability """) # Add some spacing st.markdown("---") # ---------------------------- Footer and Additional Resources ---------------------------- st.subheader("📚 Additional Resources") # List of additional resources and links st.markdown(""" - [Official Streamlit Documentation](https://docs.streamlit.io/) - [pip-audit GitHub Repository](https://github.com/pypa/pip-audit) - [Mermaid Live Editor](https://mermaid.live/) - Design and preview Mermaid diagrams. - [Azure Container Apps Documentation](https://docs.microsoft.com/en-us/azure/container-apps/) - [Cybersecurity Best Practices by CISA](https://www.cisa.gov/cybersecurity-best-practices) """) # Contact information or call to action st.markdown(""" If you have any questions or would like to contribute to this project, please reach out or submit a pull request on GitHub. """) # Add some spacing st.markdown("---") # ---------------------------- Sidebar Content ---------------------------- # Add content to the sidebar st.sidebar.title("Navigation") st.sidebar.markdown(""" - [Introduction](#llms-for-cyber-security-state-of-the-art-surveys) - [Survey Overview Table](#survey-overview-table) - [Security Model Visualization](#security-model-visualization-with-mermaid) - [Additional Insights](#additional-insights) - [Security Audit](#run-python-dependency-security-audit) - [AI Recommendations](#ai-pair-programming-security-recommendations) - [Azure Deployment](#azure-deployment-information) - [Additional Resources](#additional-resources) """, unsafe_allow_html=True) # Add an about section st.sidebar.title("About") st.sidebar.info(""" This Streamlit app was developed to demonstrate the intersection of Large Language Models and Cybersecurity, highlighting recent surveys and providing tools and recommendations for secure coding practices. """) # ---------------------------- End of App ----------------------------