SecureLogger is a Python-based cyber deception tool that uses a Generative Adversarial Network (GAN) to flood web server access logs with realistic, plausible, but entirely fake log entries. Its purpose is to obfuscate real user activity, helping defenders mask true traffic patterns and frustrate attackers or unauthorized auditors.
- Customizable Training Data: Works with any simple text file of URL paths, allowing you to train the GAN to mimic any style of web traffic.
- GAN-Powered Noise: Utilizes a PyTorch-based GAN (with LSTM layers) to learn and generate highly convincing, novel URL paths.
- Dynamic Log Flooding: Configure to inject a fixed number of fake logs or maintain a dynamic noise-to-signal ratio.
- Manual & Real-Time Modes: Includes scripts for both on-demand (manual) log injection and continuous, real-time monitoring and injection.
- Easy integration: Simple scripts for rapid deployment and testing.
- Data privacy: Redacts sensitive information, helping maintain privacy in logs.
- Thread-safe and high-performance logging: Designed for reliability in operational environments.
The SecureLogger pipeline is illustrated below:
+------------------+ +-----------------------+ +-----------------------+
| Your Dataset | --> | GAN Training | --> | Trained Generator |
| (dataset.txt) | | (train_gan.py) | | (.pth file) |
+------------------+ +-----------------------+ +-----------------------+
|
v
+--------------------+
| Log Injector |
| (manual_injector...)
+--------------------+
|
v
+--------------------+
| Camouflaged Log |
+--------------------+
Pipeline Steps:
- Prepare Data: You provide a dataset of sample URL paths that you want the AI to learn from.
- Train: The
train_gan.pyscript reads your dataset, converts the text to numerical tensors, and trains a GAN to learn the URL patterns. The trained Generator model is saved. - Inject: The
manual_injector.pyorlog_watcher.pyscript loads the trained Generator, produces a flood of fake URL paths, and injects them as new entries into a target access log file.
git clone https://github.com/karash10/SecureLogger.git
cd SecureLoggerpython -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activatepip install torch torchvision torchaudio --index-url https://download.pytorch.org/whl/cu121 # For GPU powered machines
pip install numpy watchdogIn one terminal, run the dummy web app:
python TesterWebsite.pyIn a separate terminal, run the log watcher script (runs continuously):
python Flooder.pyVisit a page on your website. The watcher will automatically detect the new log and inject a flood of fake ones.
You can configure SecureLogger using environment variables or configuration files. Common options include:
LOG_LEVEL: Set the logging verbosityLOG_FILE: Specify the log file pathENCRYPTION_KEY: Set encryption key for log storage
SecureLogger is built with security in mind:
- All logs can be optionally encrypted at rest.
- Sensitive data can be automatically redacted or hashed.
- Access to logs can be restricted via permissions.
Contributions are welcome! Please open issues or pull requests for bug fixes, improvements, or new features.
- Fork this repository
- Create your feature branch (
git checkout -b feature/my-feature) - Commit your changes (
git commit -am 'Add new feature') - Push to the branch (
git push origin feature/my-feature) - Open a pull request
This project is licensed under the MIT License. See the LICENSE file for details.
For questions or support, please open an issue or contact karash10.