Enregistré dans:
Détails bibliographiques
Auteurs principaux: Wang, Xiaoqing, Tian, Yuanjing, Huang, Keman, Liang, Bin
Format: Preprint
Publié: 2024
Sujets:
Accès en ligne:https://arxiv.org/abs/2409.14058
Tags: Ajouter un tag
Pas de tags, Soyez le premier à ajouter un tag!
_version_ 1866909321996009472
author Wang, Xiaoqing
Tian, Yuanjing
Huang, Keman
Liang, Bin
author_facet Wang, Xiaoqing
Tian, Yuanjing
Huang, Keman
Liang, Bin
contents Incorporating LLM into cybersecurity operations, a typical real-world high-stakes task, is critical but non-trivial in practice. Using cybersecurity as the study context, we conduct a three-step mix-method study to incorporate LLM into the vulnerability remediation process effectively. Specifically, we deconstruct the deficiencies in user satisfaction within the existing process (Study 1). This inspires us to design, implement, and empirically validate an LLM-supported collaborative vulnerability remediation process through a field study (Study 2). Given LLM's diverse contributions, we further investigate LLM's double-edge roles through the analysis of remediation reports and follow-up interviews (Study 3). In essence, our contribution lies in promoting an efficient LLM-supported collaborative vulnerability remediation process. These first-hand, real-world pieces of evidence suggest that when incorporating LLMs into practical processes, facilitating the collaborations among all associated stakeholders, reshaping LLMs' roles according to task complexity, as well as approaching the short-term side effects of improved user engagement facilitated by LLMs with a rational mindset.
format Preprint
id arxiv_https___arxiv_org_abs_2409_14058
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Practically implementing an LLM-supported collaborative vulnerability remediation process: a team-based approach
Wang, Xiaoqing
Tian, Yuanjing
Huang, Keman
Liang, Bin
Cryptography and Security
Incorporating LLM into cybersecurity operations, a typical real-world high-stakes task, is critical but non-trivial in practice. Using cybersecurity as the study context, we conduct a three-step mix-method study to incorporate LLM into the vulnerability remediation process effectively. Specifically, we deconstruct the deficiencies in user satisfaction within the existing process (Study 1). This inspires us to design, implement, and empirically validate an LLM-supported collaborative vulnerability remediation process through a field study (Study 2). Given LLM's diverse contributions, we further investigate LLM's double-edge roles through the analysis of remediation reports and follow-up interviews (Study 3). In essence, our contribution lies in promoting an efficient LLM-supported collaborative vulnerability remediation process. These first-hand, real-world pieces of evidence suggest that when incorporating LLMs into practical processes, facilitating the collaborations among all associated stakeholders, reshaping LLMs' roles according to task complexity, as well as approaching the short-term side effects of improved user engagement facilitated by LLMs with a rational mindset.
title Practically implementing an LLM-supported collaborative vulnerability remediation process: a team-based approach
topic Cryptography and Security
url https://arxiv.org/abs/2409.14058