This is the Term Project for the Course entitled Data Modeling for Intelligent Networks and Security (ESW7002-41), Fall 2024.
This repository contains the implementation of an AI-driven solution to automate security policy generation. Using OpenAI's GPT-4o-mini language model, the system translates natural language descriptions into XML policies compliant with the I2NSF (Interface to Network Security Functions) Consumer-Facing Interface. This project aims to simplify network security configuration for non-technical users by automating the creation of machine-readable, standards-compliant security policies.
- Natural Language to XML Translation: Converts user-friendly policy descriptions into structured XML policies.
- I2NSF Compliance: Generates policies following the I2NSF Consumer-Facing Interface schema.
- Ease of Use: Enables non-technical users to define high-level security policies.
- Event-Condition-Action Model: Supports defining events (system-events, system-alarms), conditions (e.g., time, URL categories) and actions (e.g., blocking or allowing traffic).
The implementation leverages the following key components:
- Natural Language Understanding: Processes user input to identify key components like events, conditions, and actions.
- Prompt Engineering: Utilizes a tailored prompt to guide the GPT-4o-mini model in generating XML outputs compliant with the I2NSF schema.
- YANG Data Model Integration: Incorporates the standardized Consumer-Facing Interface schema to ensure output interoperability and consistency.
Input: "Block SNS access during office hours with a weekly frequency (9am-5pm; Monday-Friday)."
Generated Output:
<?xml version="1.0" encoding="UTF-8" ?>
<i2nsf-cfi-policy xmlns="urn:ietf:params:xml:ns:yang:ietf-i2nsf-cfi-policy">
<name>block_sns_access_during_office_hours</name>
<rules>
<name>block_sns_access</name>
<condition>
<time>
<frequency>weekly</frequency>
<period>
<start-time>09:00</start-time>
<end-time>17:00</end-time>
<day>Monday</day>
<day>Tuesday</day>
<day>Wednesday</day>
<day>Thursday</day>
<day>Friday</day>
</period>
</time>
<url-category>
<url-name>SNS</url-name>
</url-category>
</condition>
<actions>
<primary-action>
<action>drop</action>
</primary-action>
</actions>
</rules>
</i2nsf-cfi-policy>- Python 3.8+
- OpenAI API Access
- Jupyter Notebook (for running the provided
.ipynbfile)
- Clone the repository:
git clone https://github.com/jaehoonpauljeong/Data-Modeling-Group-2-Project
- Install dependencies:
pip install -r requirements.txt
IMPORTANT: This notebook has been implemented in Kaggle, modifications for different environments may be required.
- Open the Jupyter Notebook
natural-language-to-security-policy.ipynb. - Replace the OpenAI API key placeholder with your key.
- Input your desired policy descriptions and run the cells to generate XML policies.
natural-language-to-security-policy.ipynb: Main implementation notebook.README.md: Documentation of the project.examples/: Directory containing example input and output policies.playground/fewshot_experiments.ipynb: Additional implementation using prompt selector.requirements.txt: Python dependencies.
Contributions are welcome! Please submit a pull request or open an issue for bug fixes, feature requests, or improvements.
- Expand datasets for quantitative evaluation of generated policies.
- Enhance model scalability and context awareness for diverse cybersecurity scenarios.
- Integrate the implementation with I2NSF systems for end-to-end functionality.
- Mikel Larrarte Rodriguez, Jorge Alcorta Berasategui, Jaehoon (Paul) Jeong
This project is licensed under the MIT License.
- I2NSF Consumer-Facing Interface YANG Data Model
- OpenAI GPT-4o-mini Documentation