SecureLLM

SecureLLM is a prototype security in LLM chatbot designed to answer vulnerability related questions using a retrieval augmented architecture.

The system retrieves CVE vulnerability records from a FAISS vector index built from NVD data and uses a language model to generate structured responses.

This repository contains the V1 baseline implementation.

---

Architecture

SecureLLM uses a two stage pipeline.

Data Retrieval

A FAISS vector index stores vulnerability descriptions extracted from CVE records. Queries are embedded using SentenceTransformers and matched against the index to retrieve the most relevant vulnerability records.

Response Generation

Retrieved vulnerability records are filtered and formatted using rule based logic. A language model then generates a readable explanation using the retrieved security context.

---

Project Structure

SecureLLM
│
├── V1_Scripts
│   ├── __init__.py
│   ├── retrieval_utils.py
│   └── response_utils.py
│
├── initial
│   ├── securellm_chunks.pkl
│   └── securellm_faiss.index
│
├── inference_SecureLLM_CPU_V1.py
├── initial_testing_retrieval.py
├── environment.yml
├── README.md
└── .gitignore

---

Environment

This project was developed using:

• macOS
• Python 3.10
• Conda environment manager

Main libraries used:

• transformers
• sentence-transformers
• faiss
• pytorch
• numpy

The environment can be recreated using the included environment.yml.

---

Setup

Clone the repository

git clone https://github.com/YOUR_USERNAME/SecureLLM.git
cd SecureLLM

Create the conda environment

conda env create -f environment.yml

Activate the environment

conda activate SecureLLM_app

Run the chatbot

python inference_SecureLLM_CPU_V1.py

Current Questions for V1:

- What is CVE-2024-0999?
- Explain CVE-2024-1002?
- List 2 vulnerabilities.
- Show me 2 recent critical vulnerabilities.
- Tell me about a Totolink vulnerability.
- Show a buffer overflow vulnerability.