LLM 蜜罐:利用大型语言模型作为高级互动蜜罐系统

Hakan T. Otal, M. Abdullah Canbaz
{"title":"LLM 蜜罐:利用大型语言模型作为高级互动蜜罐系统","authors":"Hakan T. Otal, M. Abdullah Canbaz","doi":"arxiv-2409.08234","DOIUrl":null,"url":null,"abstract":"The rapid evolution of cyber threats necessitates innovative solutions for\ndetecting and analyzing malicious activity. Honeypots, which are decoy systems\ndesigned to lure and interact with attackers, have emerged as a critical\ncomponent in cybersecurity. In this paper, we present a novel approach to\ncreating realistic and interactive honeypot systems using Large Language Models\n(LLMs). By fine-tuning a pre-trained open-source language model on a diverse\ndataset of attacker-generated commands and responses, we developed a honeypot\ncapable of sophisticated engagement with attackers. Our methodology involved\nseveral key steps: data collection and processing, prompt engineering, model\nselection, and supervised fine-tuning to optimize the model's performance.\nEvaluation through similarity metrics and live deployment demonstrated that our\napproach effectively generates accurate and informative responses. The results\nhighlight the potential of LLMs to revolutionize honeypot technology, providing\ncybersecurity professionals with a powerful tool to detect and analyze\nmalicious activity, thereby enhancing overall security infrastructure.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":"56 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"LLM Honeypot: Leveraging Large Language Models as Advanced Interactive Honeypot Systems\",\"authors\":\"Hakan T. Otal, M. Abdullah Canbaz\",\"doi\":\"arxiv-2409.08234\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The rapid evolution of cyber threats necessitates innovative solutions for\\ndetecting and analyzing malicious activity. Honeypots, which are decoy systems\\ndesigned to lure and interact with attackers, have emerged as a critical\\ncomponent in cybersecurity. In this paper, we present a novel approach to\\ncreating realistic and interactive honeypot systems using Large Language Models\\n(LLMs). By fine-tuning a pre-trained open-source language model on a diverse\\ndataset of attacker-generated commands and responses, we developed a honeypot\\ncapable of sophisticated engagement with attackers. Our methodology involved\\nseveral key steps: data collection and processing, prompt engineering, model\\nselection, and supervised fine-tuning to optimize the model's performance.\\nEvaluation through similarity metrics and live deployment demonstrated that our\\napproach effectively generates accurate and informative responses. The results\\nhighlight the potential of LLMs to revolutionize honeypot technology, providing\\ncybersecurity professionals with a powerful tool to detect and analyze\\nmalicious activity, thereby enhancing overall security infrastructure.\",\"PeriodicalId\":501280,\"journal\":{\"name\":\"arXiv - CS - Networking and Internet Architecture\",\"volume\":\"56 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Networking and Internet Architecture\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.08234\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Networking and Internet Architecture","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.08234","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

网络威胁日新月异,需要创新的解决方案来检测和分析恶意活动。蜜罐是一种诱饵系统,旨在引诱攻击者并与之互动,已成为网络安全的关键组成部分。在本文中,我们提出了一种利用大型语言模型(LLM)创建逼真的交互式蜜罐系统的新方法。通过在攻击者生成的命令和响应的多样化数据集上对预先训练好的开源语言模型进行微调,我们开发出了一种能够与攻击者进行复杂互动的蜜罐。我们的方法包括几个关键步骤:数据收集和处理、提示工程、模型选择和监督微调,以优化模型的性能。研究结果凸显了 LLM 在蜜罐技术领域的变革潜力,为网络安全专业人员提供了检测和分析恶意活动的强大工具,从而增强了整体安全基础设施。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
LLM Honeypot: Leveraging Large Language Models as Advanced Interactive Honeypot Systems
The rapid evolution of cyber threats necessitates innovative solutions for detecting and analyzing malicious activity. Honeypots, which are decoy systems designed to lure and interact with attackers, have emerged as a critical component in cybersecurity. In this paper, we present a novel approach to creating realistic and interactive honeypot systems using Large Language Models (LLMs). By fine-tuning a pre-trained open-source language model on a diverse dataset of attacker-generated commands and responses, we developed a honeypot capable of sophisticated engagement with attackers. Our methodology involved several key steps: data collection and processing, prompt engineering, model selection, and supervised fine-tuning to optimize the model's performance. Evaluation through similarity metrics and live deployment demonstrated that our approach effectively generates accurate and informative responses. The results highlight the potential of LLMs to revolutionize honeypot technology, providing cybersecurity professionals with a powerful tool to detect and analyze malicious activity, thereby enhancing overall security infrastructure.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信