Saved in:
Bibliographic Details
Main Authors: Yin, Zhenyu, Liu, Shang, Xu, Guangyuan
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2409.10561
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912184968151040
author Yin, Zhenyu
Liu, Shang
Xu, Guangyuan
author_facet Yin, Zhenyu
Liu, Shang
Xu, Guangyuan
contents The increasing number of Distributed Denial of Service (DDoS) attacks poses a major threat to the Internet, highlighting the importance of DDoS mitigation. Most existing approaches require complex training methods to learn data features, which increases the complexity and generality of the application. In this paper, we propose DrLLM, which aims to mine anomalous traffic information in zero-shot scenarios through Large Language Models (LLMs). To bridge the gap between DrLLM and existing approaches, we embed the global and local information of the traffic data into the reasoning paradigm and design three modules, namely Knowledge Embedding, Token Embedding, and Progressive Role Reasoning, for data representation and reasoning. In addition we explore the generalization of prompt engineering in the cybersecurity domain to improve the classification capability of DrLLM. Our ablation experiments demonstrate the applicability of DrLLM in zero-shot scenarios and further demonstrate the potential of LLMs in the network domains. DrLLM implementation code has been open-sourced at https://github.com/liuup/DrLLM.
format Preprint
id arxiv_https___arxiv_org_abs_2409_10561
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle DrLLM: Prompt-Enhanced Distributed Denial-of-Service Resistance Method with Large Language Models
Yin, Zhenyu
Liu, Shang
Xu, Guangyuan
Cryptography and Security
Artificial Intelligence
The increasing number of Distributed Denial of Service (DDoS) attacks poses a major threat to the Internet, highlighting the importance of DDoS mitigation. Most existing approaches require complex training methods to learn data features, which increases the complexity and generality of the application. In this paper, we propose DrLLM, which aims to mine anomalous traffic information in zero-shot scenarios through Large Language Models (LLMs). To bridge the gap between DrLLM and existing approaches, we embed the global and local information of the traffic data into the reasoning paradigm and design three modules, namely Knowledge Embedding, Token Embedding, and Progressive Role Reasoning, for data representation and reasoning. In addition we explore the generalization of prompt engineering in the cybersecurity domain to improve the classification capability of DrLLM. Our ablation experiments demonstrate the applicability of DrLLM in zero-shot scenarios and further demonstrate the potential of LLMs in the network domains. DrLLM implementation code has been open-sourced at https://github.com/liuup/DrLLM.
title DrLLM: Prompt-Enhanced Distributed Denial-of-Service Resistance Method with Large Language Models
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2409.10561