Neuro-Sentry: A Large Language Model Security Protection Platform for Production Environments

Neuro-Sentry is a large language model (LLM) security protection platform for production environments, designed to address security threats such as prompt injection and jailbreak attacks faced by LLMs integrated into production systems. The platform adopts a three-stage hybrid detection architecture, combining a rule engine, local DistilBERT classifier, and score fusion mechanism. It features attack simulation, red team testing, enterprise-level monitoring and auditing, supports production deployment and local development modes, and provides a practical solution for LLM security protection.

As LLMs like GPT-4 and Llama-3 are increasingly integrated into production systems, security challenges such as prompt injection and jailbreak attacks have become more severe. Malicious users can manipulate model outputs, bypass filters, or leak sensitive information; attack methods have evolved from simple role-playing to complex code obfuscation. The Neuro-Sentry project emerged as a full-stack production-grade platform to demonstrate LLM deployment vulnerabilities, simulate real attack scenarios, and implement layered defense.

The platform uses a microservices architecture. In production environments, HTTPS access is provided via Tailscale Funnel; the frontend is based on React+Tailwind+Vite, the backend uses FastAPI, and the database is PostgreSQL. For local development, SQLite and Ollama are used to run open-source models. The core three-stage detection pipeline:

1. Rule Engine: Uses regex and heuristic matching to quickly block obvious malicious prompts;
2. Local DistilBERT Classifier: Deeply analyzes cases that the rule engine cannot determine;
3. Score Fusion: Weighted integration of results to generate a risk score, deciding whether to block, flag, or allow. Additionally, a session-level adaptive blocking mechanism can handle repeated attacks.

The platform's built-in attack simulation function supports red team testing, covering types such as direct injection (overwriting system prompts), jailbreak libraries (DAN/AIM, etc.), encoding attacks (Base64/ROT13), and social engineering (impersonating authority). The attack lab provides an interactive interface: test with pre-set attack vectors, observe responses to custom payloads, compare model behavior differences with defense switches on/off, and analyze detection paths and score details.

Enterprise-level monitoring and auditing features include:

• Real-time threat intelligence: Threat stream displays request risk scores and decisions, session-level threat tracking, and statistical panels (block count/flag count, etc.);
• Persistent analysis: 30-day telemetry data (request count/Token consumption/latency), threat distribution map, and triggered rule ranking;
• Audit logs: Records original prompts, detection results, decision reasons, timestamps, and session IDs, supporting post-event analysis and compliance auditing.

Application scenarios and value of Neuro-Sentry:

1. Enterprise LLM service protection: Acts as a front-end security gateway to filter malicious requests and protect backend resources;
2. Security research and education: Helps research LLM attack techniques, evaluate defense strategies, and train talents;
3. Compliance and auditing: Complete logs meet the requirements of regulations like GDPR/HIPAA for AI system interpretability and traceability.

The current platform mainly focuses on prompt-level protection and lacks sufficient defense against complex attacks such as multi-turn dialogue induction and indirect prompt injection (e.g., retrieval-augmented generation). Future improvement directions: Integrate advanced detection models (like large model judges), support multi-modal input review, implement fine-grained access control, and add adversarial training to enhance robustness.

Neuro-Sentry combines a rule engine, machine learning classifier, and adaptive mechanism to provide a practical security protection solution for LLM deployment in production environments, which is an important progress in the field of LLM security. For enterprises and developers building or operating LLM services, this platform is a reference implementation worth studying and learning from.