Sophos has published a report exploring how GPT-3 (and by extension GPT-4) can help defeat cyberattackers.
The report, GPT for You and Me: Applying AI Language Processing to Cyber Defenses, shows projects developed by Sophos X-OPS using GPT-3’s large language model. Cybersecurity professionals can use the platform to simplify searches for malicious activity in datasets, and speed up analysis of the “living off the land” binary (LOLB). It can also be used to filter spam more accurately.
“Since OpenAI unveiled ChatGPT back in November, the security community has largely focused on the potential risks this new technology could bring,” said Sean Gallagher, principal threat researcher at Sophos. “At Sophos, we’ve long seen AI as an ally rather than an enemy for defenders.”
GPT security projects
Sophos has been working on three prototype projects that use GPT-3 as an added cybersecurity barrier.
It tested using a natural language query interface for sifting through malicious activity in security software telemetry with the few-shot learning method. Sophos also tested the model against its endpoint detection and response product.
It found that defenders can filter through the telemetry with basic English commands. This removes the need for defenders to understand SQL or the underlying structure of a database.
The GPT-3 filter has proved to be significantly more accurate when compared to other machine-learning models for spam filtering.
Researchers also simplified the process for reverse-engineering the command lines of LOLBins using GPT-3. Reverse engineering is difficult but is imperative for understanding the behaviour of LOLBins and preventing future attacks.
Proof of copilot concept
Many companies operate on limited resources, meaning notifications and detections can take much work to sort through thoroughly.
“We’ve proved that, with something like GPT-3, we can simplify certain labour-intensive processes and give back valuable time to defenders,” Gallagher said.
Sophos is already working on incorporating prototypes into its products. The results of its work are available on GitHub for those interested in testing GPT-3 in their analysis environments.
“In the future, we believe that GPT-3 may very well become a standard copilot for security experts,” Gallagher added.
Generative AI is about more than just automating sales and marketing. It’s about making it more personal, too.
Amazon and Microsoft trade blows over cloud competition
Chetna Gogia, Chief Human Resources Officer at GoKwik: “Go deep in acquiring the right knowledge before you advise on HR practices to management”
In this Coffee with HR interview, we speak to Chetna Gogia, Chief Human Resources Officer at GoKwik. She has over 20+ years of experience leading HR functions across various sectors