English
Related papers

Related papers: Retrieval-Augmented LLMs for Security Incident Ana…

200 papers

Effective incident response (IR) is critical for mitigating cyber threats, yet security teams are overwhelmed by alert fatigue, high false-positive rates, and the vast volume of unstructured Cyber Threat Intelligence (CTI) documents. While…

Cryptography and Security · Computer Science 2025-08-15 Amine Tellache , Abdelaziz Amara Korba , Amdjed Mokhtari , Horea Moldovan , Yacine Ghamri-Doudane

Successful defense against dynamically evolving cyber threats requires advanced and sophisticated techniques. This research presents a novel approach to enhance real-time cybersecurity threat detection and response by integrating large…

Cryptography and Security · Computer Science 2025-04-02 Shuva Paul , Farhad Alemi , Richard Macwan

Large Language Models (LLMs) are increasingly used in software development to generate functions, such as attack detectors, that implement security requirements. A key challenge is ensuring the LLMs have enough knowledge to address specific…

Software Engineering · Computer Science 2025-09-18 Samuele Pasini , Jinhan Kim , Tommaso Aiello , Rocio Cabrera Lozoya , Antonino Sabetta , Paolo Tonella

The indexing-retrieval-generation paradigm of retrieval-augmented generation (RAG) has been highly successful in solving knowledge-intensive tasks by integrating external knowledge into large language models (LLMs). However, the…

Cryptography and Security · Computer Science 2025-02-25 Xun Liang , Simin Niu , Zhiyu Li , Sensen Zhang , Hanyu Wang , Feiyu Xiong , Jason Zhaoxin Fan , Bo Tang , Shichao Song , Mengwei Wang , Jiawei Yang

Security applications are increasingly relying on large language models (LLMs) for cyber threat detection; however, their opaque reasoning often limits trust, particularly in decisions that require domain-specific cybersecurity knowledge.…

Cryptography and Security · Computer Science 2025-11-03 Arnabh Borah , Md Tanvirul Alam , Nidhi Rastogi

Cybersecurity post-incident reviews are essential for identifying control failures and improving organisational resilience, yet they remain labour-intensive, time-consuming, and heavily reliant on expert judgment. This paper investigates…

Cryptography and Security · Computer Science 2026-01-08 Huan Lin Oh , Jay Yong Jun Jie , Mandy Lee Ling Siu , Jonathan Pan

Retrieval-augmented generation (RAG) on specialized domain datasets has shown improved performance when large language models (LLMs) are fine-tuned for generating responses to user queries. In this study, we develop a cybersecurity…

Machine Learning · Computer Science 2024-11-05 Varun Badrinath Krishna

Context. Risk analysis assesses potential risks in specific scenarios. Risk analysis principles are context-less; the same methodology can be applied to a risk connected to health and information technology security. Risk analysis requires…

Computation and Language · Computer Science 2024-09-10 Matteo Esposito , Francesco Palagiano , Valentina Lenarduzzi , Davide Taibi

The escalating sophistication of phishing emails necessitates a shift beyond traditional rule-based and conventional machine-learning-based detectors. Although large language models (LLMs) offer strong natural language understanding, using…

Cryptography and Security · Computer Science 2026-01-30 Abrar Hamed Al Barwani , Abdelaziz Amara Korba , Raja Waseem Anwar

Event log analysis is an important task that security professionals undertake. Event logs record key information on activities that occur on computing devices, and due to the substantial number of events generated, they consume a large…

Artificial Intelligence · Computer Science 2025-02-04 Siraaj Akhtar , Saad Khan , Simon Parkinson

Large Language Models (LLMs) have demonstrated remarkable capabilities across various cybersecurity tasks, including vulnerability classification, detection, and patching. However, their potential in automated vulnerability report…

Although large language models (LLMs) are increasingly used in security-critical workflows, practitioners lack quantitative guidance on which safeguards are worth deploying. This paper introduces a decision-oriented framework and…

Cryptography and Security · Computer Science 2025-12-18 Richard Helder Moulton , Austin O'Brien , John D. Hastings

As cyber threats continue to grow in complexity, traditional security mechanisms struggle to keep up. Large language models (LLMs) offer significant potential in cybersecurity due to their advanced capabilities in text processing and…

Computation and Language · Computer Science 2025-11-10 Tiago Dinis , Miguel Correia , Roger Tavares

Intrusion Detection and Prevention Systems (IDS/IPS) in large enterprises can generate hundreds of thousands of alerts per hour, overwhelming analysts with logs requiring rapidly evolving expertise. Conventional machine-learning detectors…

Cryptography and Security · Computer Science 2026-02-10 Francesco Blefari , Cristian Cosentino , Francesco Aurelio Pironti , Angelo Furfaro , Fabrizio Marozzo

The rapid advancement of Large Language Models (LLMs) presents new opportunities for automated software vulnerability detection, a crucial task in securing modern codebases. This paper presents a comparative study on the effectiveness of…

Software Engineering · Computer Science 2026-01-05 Md Hasan Saju , Maher Muhtadi , Akramul Azim

Retrieval-Augmented Generation (RAG) compensates for the static knowledge limitations of Large Language Models (LLMs) by integrating external knowledge, producing responses with enhanced factual correctness and query-specific…

Computation and Language · Computer Science 2025-05-21 Ruobing Yao , Yifei Zhang , Shuang Song , Neng Gao , Chenyang Tu

Incident management is essential to maintain the reliability and availability of cloud computing services. Cloud vendors typically disclose incident reports to the public, summarizing the failures and recovery process to help minimize their…

Performance · Computer Science 2026-03-18 Xiaoyu Chu , Shashikant Ilager , Yizhen Zang , Sacheendra Talluri , Alexandru Iosup

Log data are essential for intrusion detection and forensic investigations. However, manual log analysis is tedious due to high data volumes, heterogeneous event formats, and unstructured messages. Even though many automated methods for log…

Cryptography and Security · Computer Science 2026-03-05 Max Landauer , Wolfgang Hotwagner , Thorina Boenke , Florian Skopik , Markus Wurzenberger

Large Language Models (LLMs) are increasingly being used as security engineering tools to summarize and explain malware behavior to analysts. A common assumption is that Retrieval-Augmented Generation (RAG) improves explanation quality by…

Cryptography and Security · Computer Science 2026-05-06 Jayson Ng , Amin Milani Fard

We present a new benchmark for evaluating Deep Search--a realistic and complex form of retrieval-augmented generation (RAG) that requires source-aware, multi-hop reasoning over diverse, sparsed, but related sources. These include documents,…

Computation and Language · Computer Science 2025-07-01 Prafulla Kumar Choubey , Xiangyu Peng , Shilpa Bhagavath , Kung-Hsiang Huang , Caiming Xiong , Chien-Sheng Wu
‹ Prev 1 2 3 10 Next ›