Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Out of the Cage: How Stochastic Parrots Win in Cyber Security Environments

Maria Rigaki, Ondřej Lukáš, Carlos A. Catania, Sebastian Garcia

TL;DR

This work tackles the problem of enabling autonomous cyber decision-making with pre-trained LLMs by integrating them as agents in realistic cybersecurity environments. It introduces NetSecGame, a modular RL environment with attacker and defender dynamics and a realistic exfiltration goal, designed to test planning capabilities without expensive online learning. The study shows that GPT-4–based LLM agents, especially using ReAct prompting, can reach or exceed the performance of conventional RL agents that require extensive training, achieving up to 100% win rates in simpler settings and substantial gains in more challenging configurations; however, costs, hallucinations, and instability of closed models remain important limitations. The results underscore the potential of LLM-driven cyber decision-making for high-level planning and automated security testing, while highlighting the need for open, trainable models and more realistic defender-adversary interactions for practical deployment.

Abstract

Large Language Models (LLMs) have gained widespread popularity across diverse domains involving text generation, summarization, and various natural language processing tasks. Despite their inherent limitations, LLM-based designs have shown promising capabilities in planning and navigating open-world scenarios. This paper introduces a novel application of pre-trained LLMs as agents within cybersecurity network environments, focusing on their utility for sequential decision-making processes. We present an approach wherein pre-trained LLMs are leveraged as attacking agents in two reinforcement learning environments. Our proposed agents demonstrate similar or better performance against state-of-the-art agents trained for thousands of episodes in most scenarios and configurations. In addition, the best LLM agents perform similarly to human testers of the environment without any additional training process. This design highlights the potential of LLMs to efficiently address complex decision-making tasks within cybersecurity. Furthermore, we introduce a new network security environment named NetSecGame. The environment is designed to eventually support complex multi-agent scenarios within the network security domain. The proposed environment mimics real network attacks and is designed to be highly modular and adaptable for various scenarios.

Out of the Cage: How Stochastic Parrots Win in Cyber Security Environments

TL;DR

This work tackles the problem of enabling autonomous cyber decision-making with pre-trained LLMs by integrating them as agents in realistic cybersecurity environments. It introduces NetSecGame, a modular RL environment with attacker and defender dynamics and a realistic exfiltration goal, designed to test planning capabilities without expensive online learning. The study shows that GPT-4–based LLM agents, especially using ReAct prompting, can reach or exceed the performance of conventional RL agents that require extensive training, achieving up to 100% win rates in simpler settings and substantial gains in more challenging configurations; however, costs, hallucinations, and instability of closed models remain important limitations. The results underscore the potential of LLM-driven cyber decision-making for high-level planning and automated security testing, while highlighting the need for open, trainable models and more realistic defender-adversary interactions for practical deployment.

Abstract

Large Language Models (LLMs) have gained widespread popularity across diverse domains involving text generation, summarization, and various natural language processing tasks. Despite their inherent limitations, LLM-based designs have shown promising capabilities in planning and navigating open-world scenarios. This paper introduces a novel application of pre-trained LLMs as agents within cybersecurity network environments, focusing on their utility for sequential decision-making processes. We present an approach wherein pre-trained LLMs are leveraged as attacking agents in two reinforcement learning environments. Our proposed agents demonstrate similar or better performance against state-of-the-art agents trained for thousands of episodes in most scenarios and configurations. In addition, the best LLM agents perform similarly to human testers of the environment without any additional training process. This design highlights the potential of LLMs to efficiently address complex decision-making tasks within cybersecurity. Furthermore, we introduce a new network security environment named NetSecGame. The environment is designed to eventually support complex multi-agent scenarios within the network security domain. The proposed environment mimics real network attacks and is designed to be highly modular and adaptable for various scenarios.
Paper Structure (47 sections, 3 equations, 7 figures, 4 tables)

This paper contains 47 sections, 3 equations, 7 figures, 4 tables.

Table of Contents

  1. Introduction
  2. Background and Related Work
  3. Security Applications of LLMs
  4. LLMs for Planning and Reinforcement Learning
  5. Cybersecurity Reinforcement Learning Environments
  6. NetSecGame Environment
  7. Configuration of NetSecGame
  8. Defender
  9. Network Scenarios
  10. Goal
  11. State Representation
  12. Action Representation
  13. Reward Function
  14. Differences with previous security environments
  15. LLM Agents for NetSecGame
  16. ...and 32 more sections

Figures (7)

  • Figure 1: The ReAct agent prompt structure and workflow.
  • Figure 2: Experimental setup of the topology in the NetSecGame environment. For our experiments, we used two versions of the topology: the small scenario (consisting only of the parts highlighted in blue) and the full scenario, including all client nodes (highlighted in teal).
  • Figure 3: Network topology of the chain scenario in CyberBattleSim when solved with the minimum amount of actions
  • Figure 4: Sequence of actions taken by the ReAct agent during a winning episode in the small scenario without a defender.
  • Figure 5: Sequence of actions taken by the temperature variant single prompt agent during a winning episode in the small scenario without a defender.
  • ...and 2 more figures