Application of Large Language Models for Assessing Parameters and Possible Scenarios of Cyberattacks on Information and Communication Systems

Authors

  • Lesia Alekseichuk Igor Sikorsky Kyiv Polytechnic Institute, Educational and research institute of physics and technology, Ukraine
  • Dmitry Lande National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute," Educational and Scientific Physical-Technical Institute, Ukraine
  • Oleksii Novikov National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute," Educational and Scientific Physical-Technical Institute, Ukraine

DOI:

https://doi.org/10.20535/tacs.2664-29132024.1.315242

Abstract

This paper explores the use of large language models (LLMs) to evaluate parameters and identify potential hostile penetration scenarios in corporate networks, considering logical and probabilistic relationships between network nodes. The developed methodology is based on analyzing the network structure, which includes components such as the Firewall, Mail Server, Web Server, administrator and client workstations, application server, and database server. The probabilities of transitions between these nodes during adversarial attacks are determined using a swarm of virtual experts and two sets of prompts aimed at different LLMs. Among the results obtained through the swarm approach are average transition probabilities, which enable modeling the most likely attack paths from both external and internal network origins. Based on logical-probabilistic analysis, penetration scenarios are ranked according to probabilities, execution time, and resource minimization required by attackers. The proposed methodology facilitates rapid response to threats and ensures an adequate level of cybersecurity by focusing on the most probable and dangerous attack scenarios.

Downloads

Published

2024-12-16

Issue

Vol. 6 No. 1 (2024): Theoretical and Applied Cyber Security

Section

Intelligent Data analysis methods in cybersecurity

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).