Automated threat detection and response using LLM agents
1 Computer Science and Engineering, Jawaharlal Nehru Technological University, Hyderabad, India.
2 Computer Science and Engineering, University College of Engineering Osmania University, Hyderabad, India.
3 Computer Science and Engineering, Giani Zial Singh College of Engineering and Technology, Bathinda, Punjab, India.
4 Computer science, Sree Sastha institute of engineering and technology, Madras university, Chennai, Tamil Nadu, India.
Review Article
World Journal of Advanced Research and Reviews, 2024, 24(02), 079–090
Publication history:
Received on 22 September 2024; revised on 28 October 2024; accepted on 31 October 2024
Abstract:
The increase of cyber threats from individual cases to a worldwide problem is the reason why people have shifted their cybersecurity perspectives. Basic defense processes, originally well understood and effective, fail to match modern attacks’ complexity and velocity. Taking into consideration LLMs as a recent addition to AI, this paper aims at discussing their application in integrating threat detection and response automation systems. As a result, LLMs, which have higher capabilities for natural language processing, deliver a revolutionary perspective regarding cybersecurity. Since LLM agents can review massive amounts of security data, distinguish patterns, and create contextually appropriate responses, they can bridge the gap between emerging threats and stable security systems. The paper examines the tools used by LLM agents, such as natural language processing to analyse the logs, contextual anomaly detection, pattern identification in network traffic, and the analysis of the user’s behaviour. Also, it describes how LLM agents can support automated threat handling in the context of threat identification, alert prioritization, context-driven response generation, security policy enforcement, and threat handling. The integration of LLM agents into already known systems, including SIEM systems and AI-Ops platforms, is also considered, which allows for further conclusions on the opportunities to create proactive cybersecurity systems. However, open dilemmas such as adversarial attacks and interpretability are still present, the future for LLM agents in cybersecurity is still bright, and there are more possibilities in multi-modal threat analysis and quantum-safe LLM-based cryptography.
Keywords:
LLM Agents; Automated Threat Detection; Cybersecurity; AI-driven Response; Contextual Analysis; Adaptive Security
Full text article in PDF:
Copyright information:
Copyright © 2024 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0