Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Preprint |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://arxiv.org/abs/2408.01993 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1866916346052214784 |
|---|---|
| author | Portnoy, Amit Azikri, Ehud Kels, Shay |
| author_facet | Portnoy, Amit Azikri, Ehud Kels, Shay |
| contents | Endpoint Detection and Remediation (EDR) platforms are essential for identifying and responding to cyber threats. This study presents a novel approach using Large Language Models (LLMs) to detect Hands-on-Keyboard (HOK) cyberattacks. Our method involves converting endpoint activity data into narrative forms that LLMs can analyze to distinguish between normal operations and potential HOK attacks. We address the challenges of interpreting endpoint data by segmenting narratives into windows and employing a dual training strategy. The results demonstrate that LLM-based models have the potential to outperform traditional machine learning methods, offering a promising direction for enhancing EDR capabilities and apply LLMs in cybersecurity. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2408_01993 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | Towards Automatic Hands-on-Keyboard Attack Detection Using LLMs in EDR Solutions Portnoy, Amit Azikri, Ehud Kels, Shay Cryptography and Security Machine Learning Endpoint Detection and Remediation (EDR) platforms are essential for identifying and responding to cyber threats. This study presents a novel approach using Large Language Models (LLMs) to detect Hands-on-Keyboard (HOK) cyberattacks. Our method involves converting endpoint activity data into narrative forms that LLMs can analyze to distinguish between normal operations and potential HOK attacks. We address the challenges of interpreting endpoint data by segmenting narratives into windows and employing a dual training strategy. The results demonstrate that LLM-based models have the potential to outperform traditional machine learning methods, offering a promising direction for enhancing EDR capabilities and apply LLMs in cybersecurity. |
| title | Towards Automatic Hands-on-Keyboard Attack Detection Using LLMs in EDR Solutions |
| topic | Cryptography and Security Machine Learning |
| url | https://arxiv.org/abs/2408.01993 |