Out of the Cage: How Stochastic Parrots Win in Cyber Security   Environments

Maria Rigaki; Ond\v{r}ej Luk\'a\v{s}; Carlos A. Catania; Sebastian; Garcia

arXiv:2308.12086·cs.CR·April 17, 2024

Out of the Cage: How Stochastic Parrots Win in Cyber Security Environments

Maria Rigaki, Ond\v{r}ej Luk\'a\v{s}, Carlos A. Catania, Sebastian, Garcia

PDF

Open Access 1 Repo

TL;DR

This paper explores the innovative use of pre-trained Large Language Models as decision-making agents in cybersecurity environments, demonstrating their competitive performance and potential for complex network security tasks.

Contribution

It introduces a novel application of LLMs as attacking agents in cybersecurity, along with a new modular environment called NetSecGame for testing such agents.

Findings

01

LLM agents perform comparably or better than state-of-the-art agents.

02

LLM agents match human testers' performance without additional training.

03

NetSecGame mimics real network attacks and supports complex scenarios.

Abstract

Large Language Models (LLMs) have gained widespread popularity across diverse domains involving text generation, summarization, and various natural language processing tasks. Despite their inherent limitations, LLM-based designs have shown promising capabilities in planning and navigating open-world scenarios. This paper introduces a novel application of pre-trained LLMs as agents within cybersecurity network environments, focusing on their utility for sequential decision-making processes. We present an approach wherein pre-trained LLMs are leveraged as attacking agents in two reinforcement learning environments. Our proposed agents demonstrate similar or better performance against state-of-the-art agents trained for thousands of episodes in most scenarios and configurations. In addition, the best LLM agents perform similarly to human testers of the environment without any additional…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

stratosphereips/netsecgame
pytorchOfficial

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsNetwork Security and Intrusion Detection · Topic Modeling · Advanced Malware Detection Techniques

MethodsMulti-Head Attention · Attention Is All You Need · Linear Layer · Dropout · Byte Pair Encoding · Adam · Position-Wise Feed-Forward Layer · Absolute Position Encodings · Residual Connection · Label Smoothing