Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
41 tokens/sec
GPT-4o
59 tokens/sec
Gemini 2.5 Pro Pro
41 tokens/sec
o3 Pro
7 tokens/sec
GPT-4.1 Pro
50 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

LLMs Killed the Script Kiddie: How Agents Supported by Large Language Models Change the Landscape of Network Threat Testing (2310.06936v1)

Published 10 Oct 2023 in cs.CR and cs.LG

Abstract: In this paper, we explore the potential of LLMs to reason about threats, generate information about tools, and automate cyber campaigns. We begin with a manual exploration of LLMs in supporting specific threat-related actions and decisions. We proceed by automating the decision process in a cyber campaign. We present prompt engineering approaches for a plan-act-report loop for one action of a threat campaign and and a prompt chaining design that directs the sequential decision process of a multi-action campaign. We assess the extent of LLM's cyber-specific knowledge w.r.t the short campaign we demonstrate and provide insights into prompt design for eliciting actionable responses. We discuss the potential impact of LLMs on the threat landscape and the ethical considerations of using LLMs for accelerating threat actor capabilities. We report a promising, yet concerning, application of generative AI to cyber threats. However, the LLM's capabilities to deal with more complex networks, sophisticated vulnerabilities, and the sensitivity of prompts are open questions. This research should spur deliberations over the inevitable advancements in LLM-supported cyber adversarial landscape.

PDF HTML Abstract
Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize File Document Download Save Streamline Icon: https://streamlinehq.com PDF File Document Download Save Streamline Icon: https://streamlinehq.com Markdown Bookmark Chat Bubble Oval Streamline Icon: https://streamlinehq.com Chat (Pro)
Definition Search Book Streamline Icon: https://streamlinehq.com
References (33)
  1. Andreas, J. Language models as agent models, 2022.
  2. Gpt-neox-20b: An open-source autoregressive language model, 2022.
  3. Language models are few-shot learners, 2020.
  4. Cybervan: A cyber security virtual assured network testbed. In MILCOM 2016-2016 IEEE Military Communications Conference (2016), IEEE, pp. 1125–1130.
  5. Palm: Scaling language modeling with pathways. arXiv preprint arXiv:2204.02311 (2022).
  6. Collaborating with language models for embodied reasoning. arXiv preprint arXiv:2302.00763 (2023).
  7. Bert: Pre-training of deep bidirectional transformers for language understanding, 2019.
  8. The pile: An 800gb dataset of diverse text for language modeling, 2020.
  9. Deberta: Decoding-enhanced bert with disentangled attention, 2021.
  10. Bron–linking attack tactics, techniques, and patterns with defensive weaknesses, vulnerabilities and affected platform configurations. arXiv preprint arXiv:2010.00533 (2020).
  11. Using a collated cybersecurity dataset for machine learning and artificial intelligence. ArXiv abs/2108.02618 (2021).
  12. Training compute-optimal large language models, 2022.
  13. Language models as zero-shot planners: Extracting actionable knowledge for embodied agents. In International Conference on Machine Learning (2022), PMLR, pp. 9118–9147.
  14. Inner monologue: Embodied reasoning through planning with language models. In arXiv preprint arXiv:2207.05608 (2022).
  15. Few-shot learning with retrieval augmented language models. arXiv preprint arXiv:2208.03299 (2022).
  16. Roberta: A robustly optimized bert pretraining approach, 2019.
  17. Microsoft. Cyberbattlesim. https://github.com/microsoft/CyberBattleSim, 2021.
  18. MITRE. ATT&CK Matrix for Enterprise.
  19. Cyberevo: evolutionary search of knowledge-based behaviors in a cyber attack campaign. In Proceedings of the Genetic and Evolutionary Computation Conference Companion (2022), pp. 2168–2176.
  20. Cyber threat assessment via attack scenario simulation using an integrated adversary and network modeling approach. The Journal of Defense Modeling and Simulation 15, 1 (2018), 13–29.
  21. OpenAI. Gpt-4 technical report, 2023.
  22. Adversarial genetic programming for cyber security: A rising application domain where gp matters. Genetic Programming and Evolvable Machines 21 (2020), 219–250.
  23. Language models are unsupervised multitask learners. OpenAI blog 1, 8 (2019), 9.
  24. Scaling language models: Methods, analysis & insights from training gopher. arXiv preprint arXiv:2112.11446 (2021).
  25. Exploring the limits of transfer learning with a unified text-to-text transformer, 2020.
  26. Bloom: A 176b-parameter open-access multilingual language model. arXiv preprint arXiv:2211.05100 (2022).
  27. Synthetic prompting: Generating chain-of-thought demonstrations for large language models. arXiv preprint arXiv:2302.00618 (2023).
  28. Llama: Open and efficient foundation language models. arXiv preprint arXiv:2302.13971 (2023).
  29. GPT-J-6B: A 6 Billion Parameter Autoregressive Language Model. https://github.com/kingoflolz/mesh-transformer-jax, May 2021.
  30. Self-consistency improves chain of thought reasoning in language models, 2023.
  31. Describe, explain, plan and select: Interactive planning with large language models enables open-world multi-task agents, 2023.
  32. Chain of thought prompting elicits reasoning in large language models. arXiv preprint arXiv:2201.11903 (2022).
  33. Cyber ranges and security testbeds: Scenarios, functions, tools and architecture. Computers & Security 88 (2020), 101636.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (4)
  1. Stephen Moskal (6 papers)
  2. Sam Laney (1 paper)
  3. Erik Hemberg (27 papers)
  4. Una-May O'Reilly (43 papers)
Citations (11)
View on Semantic Scholar