The funny thing is that there are 3-4 other LLM / GPT projects with the Sirius name, but completely unrelated to this one.
If anyone has a great name please let me know!
Introducing SiriusGPT: The First Real-Time GPT / LLM AI based Antimalware Solution
- Thread starter danb
- Start date
- Featured
If anyone has a great name please let me know!
CyberlockLLM (seriously) keep the various versions in the Cyberlock family...?? (either brilliant or stupid)
Ding ding ding, buy that man a beer, excellent suggestion.
Thank you guys for the suggestions! Foundation LLM... that is interesting and very creative, I love it. If we went with CyberLock, then what would we call the original Sirius, or the original CyberLock I mean? I am so confused now 
. I get where you are going though .
. I get where you are going though .
Just call everything Cyberlock. That is your brand.Thank you guys for the suggestions! Foundation LLM... that is interesting and very creative, I love it. If we went with CyberLock, then what would we call the original Sirius, or the original CyberLock I mean? I am so confused now
I'd call the the original Cyberlock, "Cyberlock"... and CyberlockLLM &/or CyberlockGPT (CyberlockgrokThank you guys for the suggestions! Foundation LLM... that is interesting and very creative, I love it. If we went with CyberLock, then what would we call the original Sirius, or the original CyberLock I mean? I am so confused now
)
You can go with what WinPatrol did and have your dog (like win patrol scotty ) be the name of the GPT.
BorgGPT infection is futile
F
ForgottenSeer 123960
Name Suggestions
Emphasizing Multi-Layered AI & Intelligence
Your core feature is the three-LLM iterative configuration. These names lean into that concept of a "thinking" or multi-faceted defense.
Cerberus AI: In mythology, Cerberus is the three-headed hound that guards the underworld. This perfectly mirrors your three-LLM architecture and the "watchdog" theme.
The Trinity Engine: A direct reference to the three models working as one.
Synapse Guard: Evokes the idea of a digital brain, with interconnected nodes (the LLMs) working to protect the user.
Cortex Security: "Cortex" refers to the outer layer of the cerebrum, playing a key role in consciousness and thought.
Oracle Sentinel: An oracle implies a source of ultimate wisdom and foresight, fitting for a predictive AI.
Emphasizing Proactive & Dynamic Defense
Your "AutoPilot" and "Dynamic Security Postures" sound like a proactive, adaptive system. These names focus on action and response.
Aegis Protocol: The Aegis was the shield of the Greek gods, symbolizing impenetrable protection. "Protocol" gives it a modern, technical feel.
Reflex Security: Suggests an instantaneous, automatic response to threats, much like a biological reflex.
Iterative Guard: A name that comes directly from your own description ("iterative configuration"). It's accurate and unique.
Dynamic Threat Shield: Combines the "Dynamic" posture with the classic "Shield" security metaphor.
Building on Your Existing "Sirius" Concept.
You're already happy with "Sirius," so we can build from there by replacing the generic "GPT."
Sirius Sentinel: "Sentinel" means a soldier or guard whose job is to stand and keep watch. It's a classic and strong security term.
Sirius Guard: Simple, strong, and to the point.
Sirius Cybernetics: A more futuristic and technical-sounding name.
Canis Major Security: Canis Major is the constellation where the star Sirius is located. It's a more subtle, clever reference.
Very cool, thank you for all of the suggestions, I really appreciate your help! I will think all of these through over the weekend and if anyone has a favorite or two, please post it.
The only one I would stay away from is "Oracle Sentinel" Oracle is very very litigious happy. Just fyi.
Given all the excitement surrounding SiriusGPT, I decided to make the video on the old VM after all.
I've almost finished my new thumbnails and my new intro, so the video will be released on September 6
( @danb )
I've almost finished my new thumbnails and my new intro, so the video will be released on September 6
( @danb )
Very cool, thank you Shadowra, I really appreciate your help!Given all the excitement surrounding SiriusGPT, I decided to make the video on the old VM after all.
I've almost finished my new thumbnails and my new intro, so the video will be released on September 6
( @danb )
@danb, while using SiriusGPT 0.72 along with Defender UI, I think I discovered a false positive. A Mullvad VPN latency tester hosted at Github, was seen as 95% chance it is malware. But I think that might be just because it's not signed. I reported it within the app, but thought I might do the same here. This is not malware.
Thank you for letting me know! That actually might not be a false positive after all, even though there are only 4 hits on VirusTotal (mainly from high FP prone engines).
Not that I am a huge fan of sandboxes, Hybrid Analysis is for me one of the better ones. I am getting ready to take Gracie to the park, but if I have time tonight I will look at this a little closer. Either way, it certainly is not Safe to run on your computer, until we can prove otherwise.
I took a closer look at latency_tester_gui.exe and long story short, it would have to be completely reversed to know for sure. The Hybrid Analysis report contains a lot super odd indicators, and as I was reviewing them, I kept thinking "why the heck would this file need to perform this function?". Then again, when I analyze the files that I develop with sandboxes, they always contain several indicators (usually suspicious or informative) that I am 100% certain are not actual functions that my software performs. A lot of times the sandboxes are WAY off and just completely wrong.
I am not an expert malware reverser... it takes years of experience and dedication to become one, and I would rather develop software, so I cannot say for sure on this file. It is odd that the VirusTotal hits dropped from 4 to 2 in the last couple of hours. So this might be a safe file, but I certainly would not want to take a chance... sorry I am unable to tell you for sure.
I am not an expert malware reverser... it takes years of experience and dedication to become one, and I would rather develop software, so I cannot say for sure on this file. It is odd that the VirusTotal hits dropped from 4 to 2 in the last couple of hours. So this might be a safe file, but I certainly would not want to take a chance... sorry I am unable to tell you for sure.
@Divergent - thanks again for the list... here are my favorites so far, in no particular order.
The Trinity Engine: A direct reference to the three models working as one.
Reflex Security: Suggests an instantaneous, automatic response to threats, much like a biological reflex.
Iterative Guard: A name that comes directly from your own description ("iterative configuration"). It's accurate and unique.
Dynamic Threat Shield: Combines the "Dynamic" posture with the classic "Shield" security metaphor.
Sirius Sentinel: "Sentinel" means a soldier or guard whose job is to stand and keep watch. It's a classic and strong security term.
Sirius Guard: Simple, strong, and to the point.
The Trinity Engine: A direct reference to the three models working as one.
Reflex Security: Suggests an instantaneous, automatic response to threats, much like a biological reflex.
Iterative Guard: A name that comes directly from your own description ("iterative configuration"). It's accurate and unique.
Dynamic Threat Shield: Combines the "Dynamic" posture with the classic "Shield" security metaphor.
Sirius Sentinel: "Sentinel" means a soldier or guard whose job is to stand and keep watch. It's a classic and strong security term.
Sirius Guard: Simple, strong, and to the point.
BTW, here is a very similar situation to latency_tester_gui.exe... someone tested VirusTotalScanner.exe by SecurityXploded, and Sirius returned a Not Safe verdict.
As I was reading the Sirius Analysis Report, I noticed one key line in the report... it said "Digital signature: Absent. Legitimate security tools are almost always signed." This is a smaller example of what I was talking about emergent behavior that I am noticing in the three models. See, we do not have a prompt instruction that says "Legitimate security tools are almost always signed, so if you encounter a security related tool that is not signed, consider that a potential indicator of maliciousness." Sirius thought of that on its own, and if you ask me, that is super insightful of the model to do so. In fact, we might even add this instruction so that all three models are aware of this. In other words, ALL security developers know the importance of signing files, and if the security related file is not signed, that is very suspicious.
We are still using the same instructions from a month or two ago, with the exception of the 9 new command line instructions, and I think I might have updated one or two of the initial file instructions. So far, Sirius has had less than 1% misses (false positives and negatives combined) for files (not command lines), and it sounds funny, but I am actually looking forward to more misses, that way we can add new or tweak existing instructions. The command line instructions are getting close, but they are still have a few more false positives than I would like to see... but that will be an easy fix once we have more data / misses.
As I was reading the Sirius Analysis Report, I noticed one key line in the report... it said "Digital signature: Absent. Legitimate security tools are almost always signed." This is a smaller example of what I was talking about emergent behavior that I am noticing in the three models. See, we do not have a prompt instruction that says "Legitimate security tools are almost always signed, so if you encounter a security related tool that is not signed, consider that a potential indicator of maliciousness." Sirius thought of that on its own, and if you ask me, that is super insightful of the model to do so. In fact, we might even add this instruction so that all three models are aware of this. In other words, ALL security developers know the importance of signing files, and if the security related file is not signed, that is very suspicious.
We are still using the same instructions from a month or two ago, with the exception of the 9 new command line instructions, and I think I might have updated one or two of the initial file instructions. So far, Sirius has had less than 1% misses (false positives and negatives combined) for files (not command lines), and it sounds funny, but I am actually looking forward to more misses, that way we can add new or tweak existing instructions. The command line instructions are getting close, but they are still have a few more false positives than I would like to see... but that will be an easy fix once we have more data / misses.
I hope this is not beyond the scope of SiriusGPT, but it would be nice is there was a way to see what was recently blocked, why, and the ability to allow them. A lot of time blocks can occur at night, since I use the scheduler to automate a lot of different things, and I don't know it. Since I cannot see the allow prompts things don't get run when they are supposed to, and the only thing I can do is try and trigger the event again. It would be nice if there was an area where I could see things that have been blocked and alter that.
Yes, the blocks are logged in the Windows Event Viewer / Windows Logs / Application, under Event ID 1111, and source "SiriusGPT Block".
Here is an example event...
SiriusGPT blocked: c:\users\user\desktop\virustotalscanner.exe
Action: User Blocked
Hash: c0eaf19a0a77620b22f0a043330da184993b76c934e88153b3b8e90caa0b34ee
Commandline: "c:\users\user\desktop\virustotalscanner.exe"
File size: 2368000
Parent process: c:\windows\explorer.exe
Publisher:
Digital signature verified:
WhitelistCloud: Not Safe
RuleID: 17
The odds of SiriusGPT blocking an item when you are not using the computer are very small. I would go into details, but it would take forever to explain why. You can look in your Windows Event Viewer logs, and if there are issues with blocks when the user is not at the computer, then we will figure out what we are going to do about a whitelist editor sooner than later. It will most likely be implemented into the Web Management Console and not the GUI itself.
Please keep in mind that CyberLock is soon going to have 100% of the SiriusGPT tech very soon, including the new user prompt. And obviously, it already has the Whitelist Editor and User Log. I just do not want to create another product just like CyberLock... and besides, SiriusGPT is targeted even more toward business endpoints than CyberLock, thank you!
You may also like...
-
Testing real-time protection of antiviruses with 10.124 Sample- Started by Dexter_Morgan31
- Replies: 120
-
-
-
MAnalyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
- Started by Microsoft Threat Intelligence
- Replies: 0
-
ESET repports that OilRig’s persistent attacks using cloud service-powered downloaders- Started by Lymphocyte
- Replies: 0