Large Language Models (LLMs) are Generative Artificial Intelligence tools enabling advanced text reasoning and generation. In the context of cybersecurity, they are emerging as smart assistants that can effectively support the definition of the most appropriate assessment procedures. This work presents a real application of LLMs to support vulnerability assessment and penetration testing in automotive engineering. Firstly, we describe a Graph Knowledge Base (GKB) including both proprietary and public data about cybersecurity reports, vulnerabilities, risk metrics, and attack paths. Then, we present a Retrieval Augmented Generation (RAG) platform aimed at supporting conversations in natural language tailored to the GKB content that is mostly relevant to the end-user queries. The preliminary results, achieved on an in-domain collection of question-answer pairs, show (1) the effectiveness of the RAG system in correctly retrieving content from the GKB and (2) the pertinence, conciseness, and completeness of the free-text answers produced by the LLM.

Retrieval augmented generation to support cybersecurity verification in automotive engineering / Gensale, Aurora; Basile, Cataldo; Cagliero, Luca; Garza, Paolo; Ferrua, Luca; Faranda Cordella, Giuseppe. - ELETTRONICO. - (2024). (Intervento presentato al convegno 22th escar Europe : The World's Leading Automotive Cyber Security Conference tenutosi a Dortmund (DE) nel 19-20 November 2024) [10.13154/294-12715].

Retrieval augmented generation to support cybersecurity verification in automotive engineering

Aurora Gensale;Cataldo Basile;Luca Cagliero;Paolo Garza;
2024

Abstract

Large Language Models (LLMs) are Generative Artificial Intelligence tools enabling advanced text reasoning and generation. In the context of cybersecurity, they are emerging as smart assistants that can effectively support the definition of the most appropriate assessment procedures. This work presents a real application of LLMs to support vulnerability assessment and penetration testing in automotive engineering. Firstly, we describe a Graph Knowledge Base (GKB) including both proprietary and public data about cybersecurity reports, vulnerabilities, risk metrics, and attack paths. Then, we present a Retrieval Augmented Generation (RAG) platform aimed at supporting conversations in natural language tailored to the GKB content that is mostly relevant to the end-user queries. The preliminary results, achieved on an in-domain collection of question-answer pairs, show (1) the effectiveness of the RAG system in correctly retrieving content from the GKB and (2) the pertinence, conciseness, and completeness of the free-text answers produced by the LLM.
File in questo prodotto:
File Dimensione Formato  
escar_Europe_2024_paper_9982.pdf

accesso riservato

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 446.22 kB
Formato Adobe PDF
446.22 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/3001466