Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/dewitt4/ai-security-alerts

Security monitoring system that logs suspicious activities and alerts your security team, allowing you to make informed decisions about escalating genuine threats.
https://github.com/dewitt4/ai-security-alerts

ai ai-sec ai-security cybersecurity llm-security

Last synced: 16 days ago
JSON representation

Security monitoring system that logs suspicious activities and alerts your security team, allowing you to make informed decisions about escalating genuine threats.

Host: GitHub
URL: https://github.com/dewitt4/ai-security-alerts
Owner: dewitt4
License: mit
Created: 2024-11-22T16:29:00.000Z (about 2 months ago)
Default Branch: main
Last Pushed: 2024-11-22T16:40:08.000Z (about 2 months ago)
Last Synced: 2024-11-22T17:31:22.808Z (about 2 months ago)
Topics: ai, ai-sec, ai-security, cybersecurity, llm-security
Language: Python
Homepage:
Size: 8.79 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE

Awesome Lists containing this project

README

# ai-security-alerts
Security monitoring system that logs suspicious activities and alerts your security team, allowing you to make informed decisions about escalating genuine threats.

Written by: DeWitt Gibson https://linkedin.com/in/dewitt-gibson/

# AI Model Security Monitor

Real-time security monitoring and team alert system for AI model deployments. Detects threats, alerts security teams, and logs suspicious activities.

## Features

- Real-time threat detection
- Automatic security team notifications
- Rate limiting and pattern analysis
- Incident logging and reporting
- IP-based monitoring
- Request pattern analysis
- Configurable alert thresholds
- SMTP email notifications

## Installation

```bash
pip install -r requirements.txt
```

Required dependencies in requirements.txt:
```
numpy>=1.21.0
typing>=3.7.4
smtplib
email
datetime
logging
```

## Usage

```python
from ai_security_monitor import AISecurityMonitor

# Initialize monitor
monitor = AISecurityMonitor(
model_name="production_model",
alert_settings={
"email_recipients": ["[email protected]"],
"smtp_settings": {
"server": "smtp.company.com",
"port": 587,
"sender": "[email protected]",
"use_tls": True,
"username": "alert_system",
"password": "your_secure_password"
},
"alert_thresholds": {
"max_requests_per_minute": 100,
"suspicious_pattern_threshold": 0.8,
"failed_attempts_threshold": 5
}
}
)

# Monitor requests
threat_assessment = monitor.detect_threat({
"ip_address": request.remote_addr,
"input_data": model_input,
"timestamp": datetime.now()
})

# Get incident summary
summary = monitor.get_incident_summary(hours=24)
```

## Configuration

### Environment Variables
```bash
SMTP_SERVER=smtp.company.com
SMTP_PORT=587
[email protected]
[email protected]
```

### Alert Thresholds
```python
{
"max_requests_per_minute": 100, # Maximum requests per minute per IP
"suspicious_pattern_threshold": 0.8, # Threshold for pattern detection
"failed_attempts_threshold": 5 # Maximum failed attempts before alert
}
```

## Threat Detection

The monitor detects:
- Rate limit violations
- Suspicious input patterns
- Repeated failed attempts
- Unusual request patterns
- Potential adversarial attacks

## Logging

Logs are saved to: `security_{model_name}_{date}.log`

Log format:
```
timestamp - level - message
```

## Security Considerations

- Secure SMTP credentials
- Monitor alert thresholds
- Regular log review
- Update recipient list
- Rotate credentials

## Contributing

See [CONTRIBUTING.md](CONTRIBUTING.md)

## License

MIT License - See [LICENSE](LICENSE)