With the rapid development of technology and the acceleration of
digitalisation, the frequency and complexity of cyber security threats are
increasing. Traditional cybersecurity approaches, often based on static rules
and predefined scenarios, are struggling to adapt to the rapidly evolving
nature of modern cyberattacks. There is an urgent need for more adaptive and
intelligent defence strategies. The emergence of Large Language Model (LLM)
provides an innovative solution to cope with the increasingly severe cyber
threats, and its potential in analysing complex attack patterns, predicting
threats and assisting real-time response has attracted a lot of attention in
the field of cybersecurity, and exploring how to effectively use LLM to defend
against cyberattacks has become a hot topic in the current research field. This
survey examines the applications of LLM from the perspective of the cyber
attack lifecycle, focusing on the three phases of defense reconnaissance,
foothold establishment, and lateral movement, and it analyzes the potential of
LLMs in Cyber Threat Intelligence (CTI) tasks. Meanwhile, we investigate how
LLM-based security solutions are deployed and applied in different network
scenarios. It also summarizes the internal and external risk issues faced by
LLM during its application. Finally, this survey also points out the facing
risk issues and possible future research directions in this domain.

Questo articolo esplora i giri e le loro implicazioni.

Scarica PDF: