Cybersecurity + AI Graduation Project

Secure Natural Language to Bash Execution

ShellSentry helps users run Linux administration tasks on remote machines by converting plain English requests into safe, validated Bash commands.

$ "Check disk usage on all servers" -> df -h
View Architecture Try Demo
7 Execution Stages
2 Validation Layers
100% Security Focused

Project Overview

ShellSentry is a web-based system that accepts user requests in natural language, uses an LLM to generate Linux commands, validates those commands with security rules, then executes approved commands on remote servers via SSH.

Problem

System administration requires command-line expertise and can be error-prone, especially when managing multiple remote machines.

Solution

Provide an AI-assisted but security-first interface that makes command execution easier while preserving strict validation and control.

Project Objectives

Natural Language Processing

Transform user requests into Bash commands or scripts.

Security and Validation

Apply sanitization plus whitelist/blacklist checks before command execution.

Secure Remote Execution

Execute approved commands on one or more servers via Paramiko SSH.

Security Features

Command Sanitization

Strips risky symbols and suspicious prompt patterns before processing.

Input Validation

Rejects unsafe requests using regex checks and rule-based policy gates.

Whitelist & Blacklist Filtering

Allows approved commands while blocking privileged or destructive actions.

Secure SSH Execution

Runs validated commands over authenticated Paramiko SSH sessions.

Activity Logging

Records user requests, generated commands, and execution results for audits.

Role-Based Access Control

Scopes command privileges based on user role and allowed execution mode.

System Architecture Diagram

User
Web Interface
AI Processing
Validation Engine
SSH Executor
Remote Linux Server

Interactive Workflow

  1. 1. User Authentication

    Secure login ensures accountability and controlled access.

  2. 2. Request Submission

    The user sends a natural language task in plain English.

  3. 3. Input Sanitization

    Prompt-injection and malicious content checks are applied.

  4. 4. AI Command Generation

    The LLM converts the request to a shell command or script.

  5. 5. Validation Engine

    Whitelist and blacklist checks decide if execution is safe.

  6. 6. Secure SSH Execution

    Approved command runs on selected Linux hosts via Paramiko.

  7. 7. Result Reporting

    STDOUT, STDERR, status, and summaries are returned to the user.

Technology Stack

Backend

  • Python Flask
  • Paramiko SSH
  • Validation and Logging Modules

Frontend

  • HTML, CSS, JavaScript
  • Responsive Web Interface
  • Result Presentation UI

Demo Showcase

Terminal Execution Preview

$ Request: "Show failed SSH logins in last hour"

$ Generated: sudo journalctl -u ssh --since "1 hour ago" | grep "Failed password"

$ Validated: Allowed by security policy

$ Output: 3 failed login attempts detected

Execution Response Cards

AI Request

Check open ports and active network listeners.

Validated Bash

ss -tlnp && ss -ulnp

Success Response

Execution completed on 3 servers with zero policy violations.

Future Enhancements

Multi-server Orchestration

Coordinate command execution across clustered infrastructure.

Voice Command Support

Use secure voice-to-command workflows for fast operations.

AI Risk Analysis

Predict risk score before execution using behavior-aware models.

Threat Detection

Flag suspicious execution patterns and anomaly events in real time.

Audit Dashboards

Visualize command history, policies, and team activity centrally.

Domain, Hosting, and Professional Email

This website includes the required senior project elements and a deployment plan:

1) Domain Name

Proposed: shellsentry.com

Short, project-related, and professional.

2) Hosting

Proposed: GitHub Pages or Hostinger

Fast setup for publishing a public senior project website.

3) Professional Email

Proposed: info@shellsentry.com

Uses project domain for official team communication.

Project Deliverables

Open or download our senior project materials. Place files in the documents folder with the names below, or edit these links in index.html to point to Google Drive, YouTube, or your live deployment.

Official Website

Visit the live ShellSentry web application or main project entry point.

Visit website

Technical Report

Full written report documenting design, security, and evaluation.

Download report

Project Poster

Conference-style poster summarizing the project at a glance.

Download poster

Presentation Slides

Defense or showcase slides (PDF recommended for the web).

Download slides

Demo Video

Screen recording walkthrough of ShellSentry in use.

Watch demo

3-Minute Explanation

A concise overview of the project goals, architecture, and demo—about three minutes.

Watch explanation

Team

Project members and supervision details:

1) Team Member

Name: Aljazi Ali Almujaddam

Student ID: 202202227

Role: Security and Validation

2) Team Member

Name: Dana Hussain Alhayki

Student ID: 202203431

Role: Frontend and User Interface

3) Supervisor

Name: Dr. Abdullah Khalifa Aldoseri

Role: Project Supervisor