Large Language Models Are An Inflection Point For Cyber Security

Uploaded on 2024-04-19 in TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Resilience, TECHNOLOGY--Developments, FREE TO VIEW

Large Language Models (LLMs) are making a big impact acroos the technology sector. In particular, the ability of LLMs to perform tasks seemingly equivalent  humans has led to rapid adoption in a variety of different domains, including cyber security.

LLMs are widley considered to be an inflection point on AI, a step change which will introduce epoch‐defining changes comparable to the invention of the Internet. A multi‐billion pound race is underway to dominate this market.

LLM applications have burgeoned across diverse sectors, such as creative arts, medicine, law, and software engineering. Yet, their adoption in cyber security, despite its data-intensive and technically intricate nature, remains a tantalising prospect. 

The urgency to stay ahead of cyber threats, including those posed by state-affiliated actors wielding LLMs, amplifies this allure.

Carnegie Mellon University & OpenAI

Carnegie Mellon University’s Software Engineering Institute (SEI) and Microsoft's OpenAI are now claiming that large language models could be an asset for cyber security professionals, but must be evaluated using real and complex scenarios to better understand the technology’s capabilities and risks. Their researchr found that LLMs could be an asset for cyber security professionals, but should be evaluated using real and complex scenarios to better understand the technology’s capabilities and risks.

LLMs underlie today’s Generative AI platforms, including Google’s Gemini, Microsoft’s Bing AI, and ChatGPT, released in November 2022 by OpenAI.

While LLMs are excellent at recalling facts, the Carnegie Mellon White Paper “Considerations for Evaluating Large Language Models for Cybersecurity Tasks” claims that it is not enough, the LLM knows a lot, but it doesn’t necessarily know how to deploy the information correctly in the right order. The paper claims that the solution is to evaluate LLMs like one would evaluate a human cyber security operator: theoretical, practical, and applied knowledge.

According to Techxplore, focusing on theoretical knowledge ignores the complexity and nuance of real-world cybersecurity tasks, which results in cyber security professionals not knowing how or when to incorporate LLMs into their operations. However, testing an artificial neural network is extremely challenging, as even defining the tasks is hard in a field as diverse as cybersecurity.

Furthermore, once the tasks are defined, an evaluation must ask up to millions of questions in order for LLMs to learn and mimic the human brain. While creating that volume of questions can be done through automation, there isn’t a tool that can generate enough practical or applied scenarios for the LLM.

In the meantime, as the technology catches up, the white paper provides a framework for designing realistic cyber security evaluations of LLMs: define the real-world task for the evaluation to capture, represent tasks appropriately, make the evaluation robust, and frame results appropriately.

The paper’s authors believe LLMs will eventually enhance human cyber security operators in a supporting role, rather than work autonomously, and emphasise that even so, LLMs will still need to be evaluated. They also express their hope that the paper starts a movement toward practices that can inform the decision-makers in charge of integrating LLMs into cyber operations.

Conclusion

The collaboration between Carnegie Mellon University’s SEI and OpenAI represents a significant step forward in understanding the role of Large Language Models (LLMs) in cyber security. By proposing a comprehensive evaluation framework, stakeholders can make informed decisions about integrating LLMs into their operations.

This signifies a growing recognition of the potential benefits and risks associated with AI-driven solutions in the cyber security market, highlighting the need for rigorous evaluation practices to ensure effective and responsible implementation.

Carnegie Mellon University     |     Carnegie Mellon University    |     Carnegie Mellon University     |     I-HIS    |    

 Medium     |     UK Parliament

Image: googledeepmind

You Might Also Read: 

Guidelines For The ‘Catastrophic Risks’ Of AI:

DIRECTORY OF SUPPLIERS - AI Security & Governance:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« DoS Attacks That Can Crash Web Servers With Ease
Hackers Using YouTube To Deliver Malware »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CNCERT/CC

CNCERT/CC

CNCERT is the national Computer Network Emergency Response Technical Team / Coordination Center of China.

HUB International

HUB International

HUB is one of the largest insurance brokers in the world. HUB Risk Services provides the full range of expert consulting to identify risks, reduce exposure to loss and manage claims issues.

SecureWorks

SecureWorks

SecureWorks provides intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

Zerocopter

Zerocopter

Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.

Genians

Genians

Genians provides the industry’s leading Network Access Control (NAC) solution, which ensures full visibility of all IP-enabled devices regardless of whether they are wired, wireless, or virtual.

German Israeli Partnership Accelerator (GIPA)

German Israeli Partnership Accelerator (GIPA)

GIPA is based on two pillars: it is an incubator aimed at young academics and a program to transfer cybersecurity expertise to corporate partners.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

SAST

SAST

SAST provide Static Application Security Testing as a service based on SAST Tools.

Cypress Data Defense

Cypress Data Defense

Cypress Data Defense helps clients build secure applications by providing training, best practices, and evaluating security during every stage of the Secure Application Development Lifecycle.

Kocho

Kocho

Kocho (formerly TiG) is a provider of identity and access, cyber security, cloud transformation, and managed IT services.

Contechnet Deutschland

Contechnet Deutschland

Contechnet Deutschland started as a specialist in the area of IT disaster recovery and has since broadened its portfolio into information security and data protection.

Sydeco

Sydeco

Sydeco offer a complete range of products that secure computer and industrial networks, servers, programs and data against any type of computer attack.

Valtix

Valtix

Valtix is the first and only multi-cloud network security platform delivered as a service that enables cloud teams to meet the most stringent security requirements in a cloud-first & simple way.

Mitigo Group

Mitigo Group

Mitigo offers a well considered and effective approach to keeping businesses completely secure from any digital attacks.

Orbis Cyber Security

Orbis Cyber Security

Orbis is one of the leading cybersecurity company in USA. Our cybersecurity specialist defends your data, combat threat, and modernize your compliance.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.