LinuxDays 2023

shelLM: A Linux Honeypot🍯
10-07, 11:30–11:50 (Europe/Prague), 155
Language: English

Honeypots are essential tools in cybersecurity. However, most of them lack the realism required to engage human attackers. This limitation makes them easily discernible, hindering their effectiveness. This work introduces a novel method to create dynamic and realistic software honeypots based on Large Language Models. Our method consisted of using an LLM for simulating a Linux terminal that can be used in real life through a secure shell (SSH). The preliminary results indicate that LLMs can create credible and dynamic honeypots capable of addressing limitations with static responses and similar constraints that are present in previous implementations, reaching an accuracy rate of 0.92.



See also: shelLM repository

Master's degree student of Cyber Security at Faculty of Electrical Engineering at Czech Technical University in Prague. Member of Stratosphere research laboratory at AI Center in FEL ČVUT. Research interests: Network Security, AI, Language Models in Security and Security of Language Models, AI in Cyber Security