Large Language Models (LLMs) are Generative Artificial Intelligence tools enabling advanced text reasoning and generation. In the context of cybersecurity, they are emerging as smart assistants that can effectively support the definition of the most appropriate assessment procedures. This work presents a real application of LLMs to support vulnerability assessment and penetration testing in automotive engineering. Firstly, we describe a Graph Knowledge Base (GKB) including both proprietary and public data about cybersecurity reports, vulnerabilities, risk metrics, and attack paths. Then, we present a Retrieval Augmented Generation (RAG) platform aimed at supporting conversations in natural language tailored to the GKB content that is mostly relevant to the end-user queries. The preliminary results, achieved on an in-domain collection of question-answer pairs, show (1) the effectiveness of the RAG system in correctly retrieving content from the GKB and (2) the pertinence, conciseness, and completeness of the free-text answers produced by the LLM.
Retrieval augmented generation to support cybersecurity verification in automotive engineering / Gensale, Aurora; Basile, Cataldo; Cagliero, Luca; Garza, Paolo; Ferrua, Luca; Faranda Cordella, Giuseppe. - ELETTRONICO. - (2024). (Intervento presentato al convegno 22th escar Europe : The World's Leading Automotive Cyber Security Conference tenutosi a Dortmund (DE) nel 19-20 November 2024) [10.13154/294-12715].
Retrieval augmented generation to support cybersecurity verification in automotive engineering
Aurora Gensale;Cataldo Basile;Luca Cagliero;Paolo Garza;
2024
Abstract
Large Language Models (LLMs) are Generative Artificial Intelligence tools enabling advanced text reasoning and generation. In the context of cybersecurity, they are emerging as smart assistants that can effectively support the definition of the most appropriate assessment procedures. This work presents a real application of LLMs to support vulnerability assessment and penetration testing in automotive engineering. Firstly, we describe a Graph Knowledge Base (GKB) including both proprietary and public data about cybersecurity reports, vulnerabilities, risk metrics, and attack paths. Then, we present a Retrieval Augmented Generation (RAG) platform aimed at supporting conversations in natural language tailored to the GKB content that is mostly relevant to the end-user queries. The preliminary results, achieved on an in-domain collection of question-answer pairs, show (1) the effectiveness of the RAG system in correctly retrieving content from the GKB and (2) the pertinence, conciseness, and completeness of the free-text answers produced by the LLM.File | Dimensione | Formato | |
---|---|---|---|
escar_Europe_2024_paper_9982.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
446.22 kB
Formato
Adobe PDF
|
446.22 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/3001466