Sophos reveals how GPT can help defeat cyberattackers
Sophos has published a report exploring how GPT-3 (and by extension GPT-4) can help defeat cyberattackers.
The report, GPT for You and Me: Applying AI Language Processing to Cyber Defenses, shows projects developed by Sophos X-OPS using GPT-3’s large language model. Cybersecurity professionals can use the platform to simplify searches for malicious activity in datasets, and speed up analysis of the “living off the land” binary (LOLB). It can also be used to filter spam more accurately.
“Since OpenAI unveiled ChatGPT back in November, the security community has largely focused on the potential risks this new technology could bring,” said Sean Gallagher, principal threat researcher at Sophos. “At Sophos, we’ve long seen AI as an ally rather than an enemy for defenders.”
GPT security projects
Sophos has been working on three prototype projects that use GPT-3 as an added cybersecurity barrier.
It tested using a natural language query interface for sifting through malicious activity in security software telemetry with the few-shot learning method. Sophos also tested the model against its endpoint detection and response product.
It found that defenders can filter through the telemetry with basic English commands. This removes the need for defenders to understand SQL or the underlying structure of a database.
The GPT-3 filter has proved to be significantly more accurate when compared to other machine-learning models for spam filtering.
Researchers also simplified the process for reverse-engineering the command lines of LOLBins using GPT-3. Reverse engineering is difficult but is imperative for understanding the behaviour of LOLBins and preventing future attacks.
Want to use GPT-3 in your business? We explain how to take advantage today.
Proof of copilot concept
Many companies operate on limited resources, meaning notifications and detections can take much work to sort through thoroughly.
“We’ve proved that, with something like GPT-3, we can simplify certain labour-intensive processes and give back valuable time to defenders,” Gallagher said.
Sophos is already working on incorporating prototypes into its products. The results of its work are available on GitHub for those interested in testing GPT-3 in their analysis environments.
“In the future, we believe that GPT-3 may very well become a standard copilot for security experts,” Gallagher added.
NEXT UP
ByteDance says it has no plans to sell TikTok and refuses to bow to US pressure
ByteDance, the Chinese company that owns TikTok, stated that it “doesn’t have any plans to sell TikTok” on Toutiao, a social media platform that it also happens to own.
Solace Kidisil, Group COO of Nsano: “The difference between traditional finance and fintech is the questions we ask”
We interview Solace Kidisil, Group COO of Nsano, a fintech company from Ghana, offering digital payment solutions across Africa
Dell, Hyundai AutoEver and Intel team up for AI edge ecosystem expansion
Dell has teamed up with Hyundai AutoEver and Intel to make it easier for factories to integrate AI into their workflows