all InfoSec news
Advancing TTP Analysis: Harnessing the Power of Encoder-Only and Decoder-Only Language Models with Retrieval Augmented Generation. (arXiv:2401.00280v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Tactics, Techniques, and Procedures (TTPs) outline the methods attackers use
to exploit vulnerabilities. The interpretation of TTPs in the MITRE ATT&CK
framework can be challenging for cybersecurity practitioners due to presumed
expertise, complex dependencies, and inherent ambiguity. Meanwhile,
advancements with Large Language Models (LLMs) have led to recent surge in
studies exploring its uses in cybersecurity operations. This leads us to
question how well encoder-only (e.g., RoBERTa) and decoder-only (e.g., GPT-3.5)
LLMs can comprehend and summarize TTPs to inform analysts …
amp analysis att attackers cybersecurity decoder dependencies expertise exploit framework language language models large mitre mitre att& power procedures tactics techniques ttp ttps vulnerabilities