Abstract. The use of artificial intelligence (AI) technology has grown rapidly in recent years, with advanced AI chatbots like ChatGPT becoming increasingly popular. This thesis explores the potential of utilizing the AI models underlying ChatGPT in assisting users to better understand and improve the cybersecurity of their systems. Specifically, our goal is to develop a chatbot that can analyze user’s system security, inform the user of any anomalies or potential threat vectors found from the log data generated by host-based intrusion detection systems (HIDS), and provide informative answers to any questions the user may have regarding cybersecurity and the security status of their system.
To achieve this, we built a web application of a chatbot that uses GPT-3.5, a large natural language model developed by OpenAI, to analyze HIDS log data collected by Wazuh, a host-based intrusion detection system. Our web application provides users with a user-friendly interface to interact with the chatbot to analyze security logs, block IP addresses, and restart Wazuh agents on user’s devices when connected to the user’s Wazuh manager.
The implementation and user testing of the chatbot showcase the potential of AI technology in cybersecurity, and the web application we built can be used as a prototype for further development. The use of GPT-3.5 has shown to be effective in handling natural language prompts and providing informative responses. By contributing to the development of conversational AI technology, this thesis provides insights into the potential of utilizing AI models for assessing system security
