Using LLMs to Automate Threat Intelligence Analysis Workflows in Security Operation Centers

Détail du document
Identifiant

oai:arXiv.org:2407.13093

Sujet
Computer Science - Cryptography an...
Auteur
Tseng, PeiYu Yeh, ZihDwo Dai, Xushu Liu, Peng
Catégorie

Computer Science

Année

2024

Date de référencement

24/07/2024

Mots clés
security
Métrique

Résumé

SIEM systems are prevalent and play a critical role in a variety of analyst workflows in Security Operation Centers.

However, modern SIEMs face a big challenge: they still cannot relieve analysts from the repetitive tasks involved in analyzing CTI (Cyber Threat Intelligence) reports written in natural languages.

This project aims to develop an AI agent to replace the labor intensive repetitive tasks involved in analyzing CTI reports.

The agent exploits the revolutionary capabilities of LLMs (e.g., GPT-4), but it does not require any human intervention.

Tseng, PeiYu,Yeh, ZihDwo,Dai, Xushu,Liu, Peng, 2024, Using LLMs to Automate Threat Intelligence Analysis Workflows in Security Operation Centers

Document

Ouvrir

Partager

Source

arXiv

Articles recommandés par ES/IODE IA

Computer Science
Analysis of the ICML 2023 Ranking Data: Can Authors' Opinions of Their Own Papers Assist Peer Review in Machine Learning?
 peer author-provided analysis rankings scores review learning machine science computer
BMJ Neurology Open
Batoclimab as induction and maintenance therapy in patients with myasthenia gravis: rationale and study design of a phase 3 clinical trial
 gravis myasthenia study clinical phase baseline improvement mg-adl 340 week trial placebo period mg maintenance qw
American Journal of Cancer R...
NOLC1 was identified as a tumor suppressor gene in thyroid cancer and correlated with prognosis by bioinformatics
 cancer patients thca tumor nolc1