English

Adapting Large Language Models to Emerging Cybersecurity using Retrieval Augmented Generation

Cryptography and Security 2025-11-03 v1 Artificial Intelligence

Abstract

Security applications are increasingly relying on large language models (LLMs) for cyber threat detection; however, their opaque reasoning often limits trust, particularly in decisions that require domain-specific cybersecurity knowledge. Because security threats evolve rapidly, LLMs must not only recall historical incidents but also adapt to emerging vulnerabilities and attack patterns. Retrieval-Augmented Generation (RAG) has demonstrated effectiveness in general LLM applications, but its potential for cybersecurity remains underexplored. In this work, we introduce a RAG-based framework designed to contextualize cybersecurity data and enhance LLM accuracy in knowledge retention and temporal reasoning. Using external datasets and the Llama-3-8B-Instruct model, we evaluate baseline RAG, an optimized hybrid retrieval approach, and conduct a comparative analysis across multiple performance metrics. Our findings highlight the promise of hybrid retrieval in strengthening the adaptability and reliability of LLMs for cybersecurity tasks.

Keywords

Cite

@article{arxiv.2510.27080,
  title  = {Adapting Large Language Models to Emerging Cybersecurity using Retrieval Augmented Generation},
  author = {Arnabh Borah and Md Tanvirul Alam and Nidhi Rastogi},
  journal= {arXiv preprint arXiv:2510.27080},
  year   = {2025}
}
R2 v1 2026-07-01T07:14:55.875Z