Large Language Models Are An Inflection Point For Cyber Security

Uploaded on 2024-04-19 in TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Resilience, TECHNOLOGY--Developments, FREE TO VIEW

Large Language Models (LLMs) are making a big impact acroos the technology sector. In particular, the ability of LLMs to perform tasks seemingly equivalent  humans has led to rapid adoption in a variety of different domains, including cyber security.

LLMs are widley considered to be an inflection point on AI, a step change which will introduce epoch‐defining changes comparable to the invention of the Internet. A multi‐billion pound race is underway to dominate this market.

LLM applications have burgeoned across diverse sectors, such as creative arts, medicine, law, and software engineering. Yet, their adoption in cyber security, despite its data-intensive and technically intricate nature, remains a tantalising prospect. 

The urgency to stay ahead of cyber threats, including those posed by state-affiliated actors wielding LLMs, amplifies this allure.

Carnegie Mellon University & OpenAI

Carnegie Mellon University’s Software Engineering Institute (SEI) and Microsoft's OpenAI are now claiming that large language models could be an asset for cyber security professionals, but must be evaluated using real and complex scenarios to better understand the technology’s capabilities and risks. Their researchr found that LLMs could be an asset for cyber security professionals, but should be evaluated using real and complex scenarios to better understand the technology’s capabilities and risks.

LLMs underlie today’s Generative AI platforms, including Google’s Gemini, Microsoft’s Bing AI, and ChatGPT, released in November 2022 by OpenAI.

While LLMs are excellent at recalling facts, the Carnegie Mellon White Paper “Considerations for Evaluating Large Language Models for Cybersecurity Tasks” claims that it is not enough, the LLM knows a lot, but it doesn’t necessarily know how to deploy the information correctly in the right order. The paper claims that the solution is to evaluate LLMs like one would evaluate a human cyber security operator: theoretical, practical, and applied knowledge.

According to Techxplore, focusing on theoretical knowledge ignores the complexity and nuance of real-world cybersecurity tasks, which results in cyber security professionals not knowing how or when to incorporate LLMs into their operations. However, testing an artificial neural network is extremely challenging, as even defining the tasks is hard in a field as diverse as cybersecurity.

Furthermore, once the tasks are defined, an evaluation must ask up to millions of questions in order for LLMs to learn and mimic the human brain. While creating that volume of questions can be done through automation, there isn’t a tool that can generate enough practical or applied scenarios for the LLM.

In the meantime, as the technology catches up, the white paper provides a framework for designing realistic cyber security evaluations of LLMs: define the real-world task for the evaluation to capture, represent tasks appropriately, make the evaluation robust, and frame results appropriately.

The paper’s authors believe LLMs will eventually enhance human cyber security operators in a supporting role, rather than work autonomously, and emphasise that even so, LLMs will still need to be evaluated. They also express their hope that the paper starts a movement toward practices that can inform the decision-makers in charge of integrating LLMs into cyber operations.

Conclusion

The collaboration between Carnegie Mellon University’s SEI and OpenAI represents a significant step forward in understanding the role of Large Language Models (LLMs) in cyber security. By proposing a comprehensive evaluation framework, stakeholders can make informed decisions about integrating LLMs into their operations.

This signifies a growing recognition of the potential benefits and risks associated with AI-driven solutions in the cyber security market, highlighting the need for rigorous evaluation practices to ensure effective and responsible implementation.

Carnegie Mellon University     |     Carnegie Mellon University    |     Carnegie Mellon University     |     I-HIS    |    

 Medium     |     UK Parliament

Image: googledeepmind

You Might Also Read: 

Guidelines For The ‘Catastrophic Risks’ Of AI:

DIRECTORY OF SUPPLIERS - AI Security & Governance:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« DoS Attacks That Can Crash Web Servers With Ease
Hackers Using YouTube To Deliver Malware »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DTEX Systems

DTEX Systems

DTEX Systems is the global leader for insider risk management. We empower organizations to prevent data loss by proactively stopping insider risks from becoming insider threats.

Portnox

Portnox

In 2007, Portnox set out to create one of the world’s easiest to use, most loved, value-driven network security solutions — and our customers will tell you we’ve succeeded.

Vaddy

Vaddy

Vaddy provide an automatic web vulnerability scanner for DevOps that performs robust security checks to ensure that web app code is secure.

HudsonCyber

HudsonCyber

HudsonCyber, part of HudsonAnalytix, provides leading cyber risk management services for the global maritime transportation industry.

Cloudentity

Cloudentity

Cloudentity combines Identity for all things with API and Application security in a unique deployment model, combining cloud-transformation and legacy systems.

CyberSecurityTrainingCourses.com

CyberSecurityTrainingCourses.com

Cyber Security Training Courses is a portal to help candidates find the best courses to progress their career within the IT security industry.

ArcRan Information Technology

ArcRan Information Technology

ArcRan concentrates on developing comprehensive cybersecurity solutions for smart city applications. We believe that cybersecurity is the fundamental enabler of IoT development.

BwCIRT

BwCIRT

BwCIRT is the Computer Incident Response Team (CIRT) for Botswana and provides an official point of contact for dealing with computer security incidents.

astarios

astarios

astarios provide near-shore software development services including secure software development (DevSecOps), quality assurance and testing.

KnectIQ

KnectIQ

Building Trust Environments in a Zero-Trust World. KnectIQ offers KIQAssure, an Ultra High Security Solution for Data in Flight.

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

Cybersecurity Center for Secure Evolvable Energy Delivery Systems (SEEDS)

SEEDS conducts research and develops innovative cybersecurity technologies, tools, and methodologies that advance the energy sector’s ability to survive cyber incidents.

Cyber Coaching

Cyber Coaching

Cyber Coaching is a community for enhancing technical cyber skills, through unofficial certification training, cyber mentorship, and personalised occupational transition programs.

ITProTV

ITProTV

ITProTV is part of the ACI Learning family of companies providing Audit, Cyber, and IT learning solutions for enterprise and consumer markets.

Saiflow

Saiflow

SaiFlow provides a tailor-made cybersecurity solution for Electric Vehicles Charging Infrastructure (EVCI), Distributed Energy Resources (DERs) and energy networks and assets.

KnoTra Global

KnoTra Global

KnoTra Global is a next-generation Managed Service provider with a portfolio of services including Cybersecurity Solutions, Network Management, IT Leadership, and Day-to-Day Helpdesk and IT services.

Amyna Systems

Amyna Systems

Amyna has developed an IoT cybersecurity platform that prevents malignant attacks, helping users to protect themselves from cyberattacks.