Cyberguard: an LLM-Enhanced Honeypot — 39p — Oscar Palmqvist, Emil Sjoberg, Lillian Dennis, Laxmi Gorugantu, Nagraj Naidu

Like other industries, cybersecurity is ripe for innovation with the advent of rapidly emerging AI modalities, large language models (LLMs) among them. Current honeypots, such as those that mimic open SSH ports, while reliable, are static and difficult to configure. Using open-source honeypot structures, we integrated an LLM to create a honeypot that utilizes the model’s creative capabilities to generate a dynamic, deceptive, yet reliable honeypot that bypasses honeypot detectors. Future work includes optimizing inference speed, implementing ease-of-configuration settings, and analyzing attack logs to better understand how to deceive attackers.

Dakota State University
Chalmers University of Technology
Mark Spanier