Talk with your vulnerabilities: LLM based report generation

This internship or MSc thesis project is one of several interesting projects available for Data Science students at SURF. If you want to receive further project proposals at SURF, please contact Johannes Textor (Johannes.textor@ru.nl)

Competencies Required:

AI, LLMs, Databases, Basic Frontend Elements

Project Overview:

We use a Neo4j graph database for our vulnerability scanner, creating a relational set of objects that portray vulnerabilities, software, websites, and IP addresses. The project involves creating a tool called Neo4GPT that integrates LLMs with the Neo4j database to facilitate natural language interaction.

Key Tasks:

Database Interaction via LLMs:

• Provide the LLM (e.g., GPT-3.5-turbo) with the structure of our Neo4j database.
• Enable the LLM to generate Cypher queries based on natural language prompts. (It

can do this by default, you just use it as an API)

• Execute these queries on the database and handle any errors with retries.
• Summarize the query results in natural language using the LLM.

Dynamic Report Generation:

• Use the data from queries and predefined HTML components (charts, tables, etc.).
• Enable the LLM to decide how to display the data, generating specific, dynamic

reports.

Advanced Reporting (If Time Permits):

• Further develop reporting capabilities, enhancing data presentation and visualization.

Attack Chain Generation:

• Based on the graph database and vulnerability classifications, generate attack chains to visualize potential attack paths through the network.