Anti-ransomware bot using gpt oss 20b

The goal of these bots is to automatically generate code that can detect, neutralize, and remove ransomware threats from computer systems.

Comment

Inspiration

I am inspired by an research projec from ESET's about artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. In turn, I want to create anti-ransomware AI bot to counter this threat and other ransomware threats.

What it does:

  • This is a cybersecurity AI bot.
  • Prompt the LLM – The user supplies a base directory to scan, and the script sends a carefully‑worded prompt to Ollama.
  • LLM returns a single‑shot Python snippet – Only pure Python code is returned (no extraneous text).
  • Dry run vs. kill – By default the script prints the LLM output and does not execute it. If the user explicitly confirms (y/N), the generated code is run, but it will still only terminate processes if it’s certain that the user approved it.
  • Execution safety – The script captures stdout/stderr, uses a 45‑second timeout, and prints the result. ⚠️ IMPORTANT This script is for educational / defensive use only. Do not run it on systems that contain critical data unless you are absolutely sure that the model’s suggestions are safe. Always double‑check the LLM’s outputs before executing any destructive actions.

How we built it:

Architecture & Tech Stack:

  • Frontend - python input
  • AI runtime: Ollama, advance local AI tool
  • Model : OpenAI's GPT OSS 20B (21B parameters with 3.6B active parameters)

I use Ollama so I can run gpt oss 20b locally. What it does, after we provide prompt to generate python or any language code that can detect, neutralize, and remove ransomware, with different extension, threats from computer systems, the gpt oss 20b model will output python code and than execute the code to kill any ransomware.

Challenges we ran into

  1. Making sure the implementation is safe and use for defensive purpose only
  2. Ensure that the prompts and code are not malicious code but to detect malicious files and ransomware
  3. Ensure all code are safe

Accomplishments that we're proud of

I am proud of that I can create a new bot that uses gpt oss 20b in cybersecurity, especially against hackers, especially hacker bots.

What we learned

I learned that the gpt oss 20b didn't first allow the prompt to generate anti-ransomware code due to safety, but I was able to rewrite the prompt to allow to generate the code.

What's next for Anti-ransomware bot with OpenAI OSS 20B model

I want to have full functional anti hacking bot that generate different programs for different malware.

Reference:

Built With

Share this project:

Updates