Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

BARTPredict: Empowering IoT Security with LLM-Driven Cyber Threat Prediction

Alaeddine Diaf, Abdelaziz Amara Korba, Nour Elislem Karabadji, Yacine Ghamri-Doudane

TL;DR

This work introduces BARTPredict, a proactive IoT security framework that leverages two fine-tuned LLMs to predict and preempt network intrusions. BART predicts the next network packets, while BART also handles packet classification; BERT assesses the plausibility of predicted packets, enabling a robust, bidirectional evaluation loop. Evaluated on the CICIoT2023 dataset, the approach achieves 98% overall intrusion-detection accuracy and strong packet-pair classification performance, indicating effective generalization to unseen threats. Deployment at MEC servers promises low-latency, edge-enabled protection, reducing the burden on resource-constrained IoT devices and enhancing proactive defense in real-world networks.

Abstract

The integration of Internet of Things (IoT) technology in various domains has led to operational advancements, but it has also introduced new vulnerabilities to cybersecurity threats, as evidenced by recent widespread cyberattacks on IoT devices. Intrusion detection systems are often reactive, triggered by specific patterns or anomalies observed within the network. To address this challenge, this work proposes a proactive approach to anticipate and preemptively mitigate malicious activities, aiming to prevent potential damage before it occurs. This paper proposes an innovative intrusion prediction framework empowered by Pre-trained Large Language Models (LLMs). The framework incorporates two LLMs: a fine-tuned Bidirectional and AutoRegressive Transformers (BART) model for predicting network traffic and a fine-tuned Bidirectional Encoder Representations from Transformers (BERT) model for evaluating the predicted traffic. By harnessing the bidirectional capabilities of BART the framework then identifies malicious packets among these predictions. Evaluated using the CICIoT2023 IoT attack dataset, our framework showcases a notable enhancement in predictive performance, attaining an impressive 98% overall accuracy, providing a powerful response to the cybersecurity challenges that confront IoT networks.

BARTPredict: Empowering IoT Security with LLM-Driven Cyber Threat Prediction

TL;DR

This work introduces BARTPredict, a proactive IoT security framework that leverages two fine-tuned LLMs to predict and preempt network intrusions. BART predicts the next network packets, while BART also handles packet classification; BERT assesses the plausibility of predicted packets, enabling a robust, bidirectional evaluation loop. Evaluated on the CICIoT2023 dataset, the approach achieves 98% overall intrusion-detection accuracy and strong packet-pair classification performance, indicating effective generalization to unseen threats. Deployment at MEC servers promises low-latency, edge-enabled protection, reducing the burden on resource-constrained IoT devices and enhancing proactive defense in real-world networks.

Abstract

The integration of Internet of Things (IoT) technology in various domains has led to operational advancements, but it has also introduced new vulnerabilities to cybersecurity threats, as evidenced by recent widespread cyberattacks on IoT devices. Intrusion detection systems are often reactive, triggered by specific patterns or anomalies observed within the network. To address this challenge, this work proposes a proactive approach to anticipate and preemptively mitigate malicious activities, aiming to prevent potential damage before it occurs. This paper proposes an innovative intrusion prediction framework empowered by Pre-trained Large Language Models (LLMs). The framework incorporates two LLMs: a fine-tuned Bidirectional and AutoRegressive Transformers (BART) model for predicting network traffic and a fine-tuned Bidirectional Encoder Representations from Transformers (BERT) model for evaluating the predicted traffic. By harnessing the bidirectional capabilities of BART the framework then identifies malicious packets among these predictions. Evaluated using the CICIoT2023 IoT attack dataset, our framework showcases a notable enhancement in predictive performance, attaining an impressive 98% overall accuracy, providing a powerful response to the cybersecurity challenges that confront IoT networks.
Paper Structure (16 sections, 6 equations, 4 figures, 3 tables)

This paper contains 16 sections, 6 equations, 4 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Proposed Solution
  4. Packet Parsing and Pre-processing
  5. Transformer-Based Intrusion Prediction
  6. LLMs-based next packets prediction
  7. LLM-based packets classification
  8. LLM-based next packet prediction assessing
  9. Performance Evaluation
  10. Dataset
  11. Experiments
  12. Fine-tuning BART for next packets prediction
  13. Fine-tuning BERT for Packet-Pair Classification
  14. Fine-tuning BART for packets classification
  15. Results
  16. ...and 1 more sections

Figures (4)

  • Figure 1: Workflow of the proposed intrusion prediction framework
  • Figure 2: Modified structure of BART with network packets as input for Intrusion Prediction task (taken from abdulganiyu2023systematic).
  • Figure 3: Confusion matrix of BART's binary classification
  • Figure 4: BART’s intrusion detection ROC