English
Related papers

Related papers: Retrieval-Augmented LLMs for Security Incident Ana…

200 papers

Advanced Persistent Threats (APTs) are prolonged, stealthy intrusions by skilled adversaries that compromise high-value systems to steal data or disrupt operations. Reconstructing complete attack chains from massive, heterogeneous logs is…

Cryptography and Security · Computer Science 2025-09-03 Rujie Dai , Peizhuo Lv , Yujiang Gui , Qiujian Lv , Yuanyuan Qiao , Yan Wang , Degang Sun , Weiqing Huang , Yingjiu Li , XiaoFeng Wang

In cybersecurity, security analysts constantly face the challenge of mitigating newly discovered vulnerabilities in real-time, with over 300,000 vulnerabilities identified since 1999. The sheer volume of known vulnerabilities complicates…

Cryptography and Security · Computer Science 2026-01-26 Reza Fayyazi , Stella Hoyos Trueba , Michael Zuzak , Shanchieh Jay Yang

Despite significant advancements, large language models (LLMs) still struggle with providing accurate answers when lacking domain-specific or up-to-date knowledge. Retrieval-Augmented Generation (RAG) addresses this limitation by…

Cryptography and Security · Computer Science 2025-04-01 Yuefeng Peng , Junda Wang , Hong Yu , Amir Houmansadr

Despite recent advances, Large Language Models (LLMs) still generate vulnerable code. Retrieval-Augmented Generation (RAG) has the potential to enhance LLMs for secure code generation by incorporating external security knowledge. However,…

Cryptography and Security · Computer Science 2026-03-17 Jiahao Shi , Tianyi Zhang

Understanding adversarial behavior in cybersecurity has traditionally relied on high-level intelligence reports and manual interpretation of attack chains. However, real-time defense requires the ability to infer attacker intent and…

Cryptography and Security · Computer Science 2025-10-27 Soham Hans , Stacy Marsella , Sophia Hirschmann , Nikolos Gurney

Retrieval-Augmented Generation (RAG) mitigates LLM hallucinations but introduces a critical vulnerability: corpus integrity. We present SilentRetrieval, a two-stage data poisoning attack that hijacks RAG systems through adversarially…

Cryptography and Security · Computer Science 2026-05-28 Jiachen Qian

Rapidly evolving cyberattacks demand incident response systems that can autonomously learn and adapt to changing threats. Prior work has extensively explored the reinforcement learning approach, which involves learning response strategies…

Cryptography and Security · Computer Science 2026-04-16 Yiran Gao , Kim Hammar , Tao Li

Sophisticated evasion tactics in malicious Android applications, combined with their intricate behavioral semantics, enable attackers to conceal malicious logic within legitimate functions, underscoring the critical need for robust and…

Software Engineering · Computer Science 2025-09-12 Guangyu Zhang , Xixuan Wang , Shiyu Sun , Peiyan Xiao , Kun Sun , Yanhai Xiong

Security analysts are overwhelmed by the volume of alerts and the low context provided by many detection systems. Early-stage investigations typically require manual correlation across multiple log sources, a task that is usually…

Cryptography and Security · Computer Science 2026-04-29 Even Eilertsen , Vasileios Mavroeidis , Gudmund Grov

Information retrieval systems are crucial for enabling effective access to large document collections. Recent approaches have leveraged Large Language Models (LLMs) to enhance retrieval performance through query augmentation, but often rely…

Information Retrieval · Computer Science 2025-04-15 Pengcheng Jiang , Jiacheng Lin , Lang Cao , Runchu Tian , SeongKu Kang , Zifeng Wang , Jimeng Sun , Jiawei Han

We introduce PROVSEEK, an LLM-powered agentic framework for automated provenance-driven forensic analysis and threat intelligence extraction. PROVSEEK employs specialized toolchains to dynamically retrieve relevant context by generating…

Cryptography and Security · Computer Science 2025-11-18 Kunal Mukherjee , Murat Kantarcioglu

Large language models (LLMs) have shown remarkable capabilities in natural language processing tasks, yet their application in hardware security verification remains limited due to scarcity of publicly available hardware description…

Cryptography and Security · Computer Science 2026-03-09 Touseef Hasan , Blessing Airehenbuwa , Nitin Pundir , Souvika Sarkar , Ujjwal Guin

Cryptographic algorithms are fundamental to modern security, yet their implementations frequently harbor subtle logic flaws that are hard to detect. We introduce CryptoScope, a novel framework for automated cryptographic vulnerability…

Cryptography and Security · Computer Science 2025-08-18 Zhihao Li , Zimo Ji , Tao Zheng , Hao Ren , Xiao Lan

In modern IT systems and computer networks, real-time and offline event log analysis is a crucial part of cyber security monitoring. In particular, event log analysis techniques are essential for the timely detection of cyber attacks and…

Cryptography and Security · Computer Science 2025-04-15 Risto Vaarandi , Hayretdin Bahsi

Security analysts routinely query system logs to detect threats and investigate incidents, but each log source uses its own semi-structured format: logs are cheap to produce, but expensive to use. The standard approach, building per-source…

Cryptography and Security · Computer Science 2026-05-22 Evan Luo , Julien Piet , David Wagner

Retrieval-Augmented Generation (RAG) systems have emerged as a promising solution to mitigate LLM hallucinations and enhance their performance in knowledge-intensive domains. However, these systems are vulnerable to adversarial poisoning…

Information Retrieval · Computer Science 2025-07-29 Jinyan Su , Jin Peng Zhou , Zhengxin Zhang , Preslav Nakov , Claire Cardie

Causality detection and mining are important tasks in information retrieval due to their enormous use in information extraction, and knowledge graph construction. To solve these tasks, in existing literature there exist several solutions --…

Computation and Language · Computer Science 2025-06-02 Thushara Manjari Naduvilakandy , Hyeju Jang , Mohammad Al Hasan

Context: Software Vulnerability Assessment (SVA) plays a vital role in evaluating and ranking vulnerabilities in software systems to ensure their security and reliability. Objective: Although Large Language Models (LLMs) have recently shown…

Software Engineering · Computer Science 2025-11-24 Zhijie Chen , Xiang Chen , Ziming Li , Jiacheng Xue , Chaoyang Gao

Graph-based Retrieval-Augmented Generation (RAG) has shown great potential for improving multi-level reasoning and structured evidence aggregation. However, existing graph-based RAG frameworks heavily rely on exploiting large language…

Information Retrieval · Computer Science 2026-04-21 Xiao Yue , Guangzhi Qu , Lige Gan

To address the increasing complexity and frequency of cybersecurity incidents emphasized by the recent cybersecurity threat reports with over 10 billion instances, cyber threat intelligence (CTI) plays a critical role in the modern…

Cryptography and Security · Computer Science 2024-06-04 Hangyuan Ji , Jian Yang , Linzheng Chai , Chaoren Wei , Liqun Yang , Yunlong Duan , Yunli Wang , Tianzhen Sun , Hongcheng Guo , Tongliang Li , Changyu Ren , Zhoujun Li