Cilium-Shield: The AI-DLP Firewall

Stop Shadow AI data leaks instantly. Cilium-Shield uses eBPF + Wasm to redact sensitive data in real-time before it reaches LLM APIs—zero code changes, zero sidecars, zero performance impact.

Comment

Project Description

What it does

Cilium-Shield is a Kubernetes-native Data Leakage Prevention (DLP) system that secures Large Language Model (LLM) adoption by preventing sensitive data from leaving your cluster.

As organizations race to adopt Generative AI, developers frequently use public APIs from providers like OpenAI, Anthropic, and Google. This creates "Shadow AI" risk—developers might accidentally paste internal source code, customer PII, credit cards, or API keys into prompts. Traditional network firewalls are blind to encrypted (TLS) payload contents, and sidecar-based service meshes add significant latency and resource overhead.

Cilium-Shield solves this by:

  • Intercepting outbound traffic to AI APIs using Cilium's eBPF-based networking
  • Injecting a lightweight WebAssembly (Wasm) filter into Envoy proxy's filter chain
  • Scanning HTTP request bodies in real-time for PII, credit cards, API keys, and emails
  • Redacting sensitive data with [REDACTED] before requests leave the cluster
  • Logging all redaction events to a CISO Command Center dashboard
  • Providing real-time visibility into potential data leaks across the entire cluster

Key Innovation: By combining eBPF for L7 redirection with Wasm for L7 parsing, we get kernel-level performance with user-space flexibility—no sidecars, no app changes, sub-millisecond latency.

How we built it

Architecture:

  1. Wasm Filter (Data Plane) - Written in TinyGo using proxy-wasm-go-sdk

    • Hooks into OnHttpRequestBody phase
    • Uses optimized regex and Luhn algorithm for accurate detection
    • Memory-safe, sandboxed execution in Envoy
    • <1ms latency overhead

  2. Cilium Integration - Via CiliumClusterwideEnvoyConfig CRD

    • No sidecars—uses Cilium's per-node proxy architecture
    • Dynamically injects Wasm module into Envoy filter chain
    • Targets outbound traffic to configured AI API endpoints

  3. Control Plane (Go) - Event ingestion and storage

    • Goroutines for high-volume, non-blocking event processing
    • In-memory store for hackathon MVP (production would use persistent DB)
    • RESTful API for dashboard integration

  4. Backend API (Node.js/Express) - REST endpoints for dashboard

    • CORS-enabled for cross-origin requests
    • Event submission, listing, and statistics endpoints
    • Real-time data aggregation

  5. Dashboard (React + PWA) - CISO Command Center

    • Progressive Web App with offline support
    • Service Worker for caching and background sync
    • Install-to-home-screen capability (desktop & mobile)
    • Real-time event streaming with auto-refresh
    • Dark theme optimized for security operations

Tech Stack:

  • eBPF/Cilium: L7 traffic interception
  • WebAssembly (TinyGo): High-performance L7 filtering
  • Go: Control plane and event processing
  • Node.js/Express: Backend API
  • React + Tailwind CSS: Frontend dashboard
  • PWA: Offline-first, installable web app
  • Kubernetes: Native deployment with CRDs

Challenges we ran into

  1. Wasm Memory Management

    • Challenge: TinyGo's GC in Wasm environment required careful buffer handling
    • Solution: Optimized request body processing to minimize allocations

  2. Luhn Algorithm Implementation

    • Challenge: Balancing accuracy vs false positives for credit card detection
    • Solution: Combined regex pre-filtering with Luhn validation for high precision

  3. Service Worker Caching Strategy

    • Challenge: Deciding between cache-first vs network-first for different resources
    • Solution: Hybrid approach—cache-first for static assets, network-first for API with offline fallback

  4. Cilium CRD Configuration

    • Challenge: Complex YAML structure for CiliumClusterwideEnvoyConfig
    • Solution: Extensive documentation reading and iterative testing

  5. Real-time Dashboard Updates

    • Challenge: Efficient polling without overwhelming the backend
    • Solution: 5-second interval with request deduplication and client-side caching

Accomplishments that we're proud of

  1. True Cilium Native Extension - Not just using Cilium, but extending it via CRD
  2. Production-Grade Code Quality - Comprehensive error handling, unit tests, detailed comments
  3. Sub-millisecond Latency - Wasm filter adds <1ms overhead
  4. Sophisticated Detection - Luhn algorithm for credit cards goes beyond simple regex
  5. Progressive Web App - Modern, installable, offline-capable dashboard
  6. Zero Developer Friction - No code changes, no sidecars, transparent operation
  7. Complete Documentation - Architecture docs, testing guide, troubleshooting, demo script
  8. Professional Presentation - Clean UI, comprehensive README, ready for B2B pitch

What we learned

  1. eBPF + Wasm Synergy - How to leverage eBPF's kernel-level speed with Wasm's user-space flexibility
  2. Cilium Extensibility - Deep understanding of CiliumEnvoyConfig CRD and Envoy filter chains
  3. TinyGo for Wasm - Memory-safe, high-performance Wasm compilation from Go
  4. PWA Best Practices - Service Worker lifecycle, caching strategies, install prompts
  5. Kubernetes-Native Security - Building security tools as K8s extensions, not overlays
  6. Real-world DLP Requirements - CISO needs for visibility, compliance, and audit trails

What's next for Cilium-Shield

Immediate (Post-Hackathon):

  1. Persistent Storage - Replace in-memory store with TimescaleDB/PostgreSQL
  2. Advanced Regex Patterns - Add more PII types (SSN, phone numbers, addresses)
  3. Custom Policies - Per-namespace redaction rules and allowlists
  4. Helm Chart - One-command deployment for enterprises

Medium-term:

  1. Push Notifications - Real-time alerts for critical redaction events
  2. Machine Learning - Anomaly detection for unusual data patterns
  3. gRPC Support - Extend beyond HTTP to gRPC traffic
  4. Multi-cluster - Federated view across multiple K8s clusters

Long-term (Production):

  1. Enterprise Vault Integration - Custom regex rules from HashiCorp Vault
  2. SIEM Integration - Export to Splunk, Elastic, Datadog
  3. Compliance Reports - Automated GDPR/CCPA/PCI-DSS audit reports
  4. Block Mode - Option to block (not just redact) sensitive requests
  5. WebSocket/SSE Support - Real-time streaming protocols
  6. Custom Wasm Modules - Plugin architecture for company-specific detectors

Business Vision:

  • B2B SaaS Product - Managed Cilium-Shield for enterprises
  • Target Market: FinTech, HealthTech, any company with strict compliance
  • Pricing Model: Per-node or per-event licensing
  • Go-to-Market: Partner with Cilium/Isovalent for enterprise distribution

Technical Highlights

1. Relevance to eBPF & Cilium (Native Extension)

  • ✅ Uses CiliumClusterwideEnvoyConfig CRD—pure Cilium extension
  • ✅ No sidecars—leverages Cilium's per-node proxy
  • ✅ eBPF for L7 redirection, Wasm for L7 parsing (right tool for right job)

2. Technical Depth (Engineering Excellence)

  • ✅ Wasm module with Luhn algorithm (not just regex)
  • ✅ Concurrent Go backend with goroutines
  • ✅ Production-grade error handling and memory management
  • ✅ Unit tests for both Wasm and Go components

3. Creativity (Solving a Modern Problem)

  • ✅ Addresses "Shadow AI"—a critical, current security risk
  • ✅ Novel application of eBPF/Wasm to GenAI security
  • ✅ Turns Cilium into a proactive AI-DLP firewall

4. Clarity & Presentation (Judge-Friendly)

  • ✅ Clean, well-documented codebase
  • ✅ Comprehensive documentation (PRD, Architecture, Testing)
  • ✅ Professional dashboard with PWA capabilities
  • ✅ Clear demo script and compelling story

Built With

Share this project:

Updates