PLLM-CS: Pre-trained Large Language Model (LLM) for cyber threat detection in satellite networks

IF 4.4 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Ad Hoc Networks Pub Date : 2024-09-11 DOI:10.1016/j.adhoc.2024.103645

{"title":"PLLM-CS: Pre-trained Large Language Model (LLM) for cyber threat detection in satellite networks","authors":"","doi":"10.1016/j.adhoc.2024.103645","DOIUrl":null,"url":null,"abstract":"<div><p>Satellite networks are vital in facilitating communication services for various critical infrastructures. These networks can seamlessly integrate with a diverse array of systems. However, some of these systems are vulnerable due to the absence of effective intrusion detection systems, which can be attributed to limited research and the high costs associated with deploying, fine-tuning, monitoring, and responding to security breaches. To address these challenges, we propose a pre-trained Large Language Model for Cyber Security, for short PLLM-CS, which is a variant of pre-trained Transformers, which includes a specialized module for transforming network data into contextually suitable inputs. This transformation enables the proposed LLM to encode contextual information within the cyber data. To validate the efficacy of the proposed method, we conducted empirical experiments using two publicly available network datasets, UNSW_NB 15 and TON_IoT, both providing Internet of Things (IoT)-based traffic data. Our experiments demonstrate that proposed LLM method outperforms state-of-the-art techniques such as BiLSTM, GRU, and CNN. Notably, the PLLM-CS method achieves an outstanding accuracy level of 100% on the UNSW_NB 15 dataset, setting a new standard for benchmark performance in this domain.</p></div>","PeriodicalId":55555,"journal":{"name":"Ad Hoc Networks","volume":null,"pages":null},"PeriodicalIF":4.4000,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Ad Hoc Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1570870524002567","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Satellite networks are vital in facilitating communication services for various critical infrastructures. These networks can seamlessly integrate with a diverse array of systems. However, some of these systems are vulnerable due to the absence of effective intrusion detection systems, which can be attributed to limited research and the high costs associated with deploying, fine-tuning, monitoring, and responding to security breaches. To address these challenges, we propose a pre-trained Large Language Model for Cyber Security, for short PLLM-CS, which is a variant of pre-trained Transformers, which includes a specialized module for transforming network data into contextually suitable inputs. This transformation enables the proposed LLM to encode contextual information within the cyber data. To validate the efficacy of the proposed method, we conducted empirical experiments using two publicly available network datasets, UNSW_NB 15 and TON_IoT, both providing Internet of Things (IoT)-based traffic data. Our experiments demonstrate that proposed LLM method outperforms state-of-the-art techniques such as BiLSTM, GRU, and CNN. Notably, the PLLM-CS method achieves an outstanding accuracy level of 100% on the UNSW_NB 15 dataset, setting a new standard for benchmark performance in this domain.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

PLLM-CS：用于卫星网络网络威胁检测的预训练大型语言模型（LLM）

卫星网络对促进各种关键基础设施的通信服务至关重要。这些网络可以与各种系统无缝集成。然而，由于缺乏有效的入侵检测系统，其中一些系统很容易受到攻击，原因可能是研究有限，以及与部署、微调、监控和应对安全漏洞相关的成本高昂。为了应对这些挑战，我们提出了一种预训练的网络安全大型语言模型（简称 PLLM-CS），它是预训练 Transformers 的一种变体，其中包括一个专门模块，用于将网络数据转换为适合上下文的输入。这种转换使拟议的 LLM 能够对网络数据中的上下文信息进行编码。为了验证所提方法的有效性，我们使用两个公开网络数据集（UNSW_NB 15 和 TON_IoT）进行了实证实验，这两个数据集都提供了基于物联网（IoT）的流量数据。实验证明，所提出的 LLM 方法优于 BiLSTM、GRU 和 CNN 等最先进的技术。值得注意的是，PLLM-CS 方法在 UNSW_NB 15 数据集上达到了 100% 的出色准确率水平，为该领域的基准性能设定了新标准。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Ad Hoc Networks 工程技术-电信学

CiteScore

10.20

自引率

4.20%

发文量

131

审稿时长

4.8 months

期刊介绍： The Ad Hoc Networks is an international and archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in ad hoc and sensor networking areas. The Ad Hoc Networks considers original, high quality and unpublished contributions addressing all aspects of ad hoc and sensor networks. Specific areas of interest include, but are not limited to: Mobile and Wireless Ad Hoc Networks Sensor Networks Wireless Local and Personal Area Networks Home Networks Ad Hoc Networks of Autonomous Intelligent Systems Novel Architectures for Ad Hoc and Sensor Networks Self-organizing Network Architectures and Protocols Transport Layer Protocols Routing protocols (unicast, multicast, geocast, etc.) Media Access Control Techniques Error Control Schemes Power-Aware, Low-Power and Energy-Efficient Designs Synchronization and Scheduling Issues Mobility Management Mobility-Tolerant Communication Protocols Location Tracking and Location-based Services Resource and Information Management Security and Fault-Tolerance Issues Hardware and Software Platforms, Systems, and Testbeds Experimental and Prototype Results Quality-of-Service Issues Cross-Layer Interactions Scalability Issues Performance Analysis and Simulation of Protocols.