Methodology for constructing causal networks in cybersecurity using generative artificial intelligence

DOI: 10.31673/2412-4338.2024.040560

Authors

  • Дмитро Володимирович Ланде, (Lande Dmytro) National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv https://orcid.org/0000-0003-3945-1178
  • Олександр Олександрович Пучков, (Puchkov Oleksandr) National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv https://orcid.org/0000-0002-8585-1044
  • Ігор Юрійович Субач, (Subach Ihor) National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv https://orcid.org/0000-0002-9344-713X

Abstract

This article proposes a methodology for the formation of causal networks in the field of cybersecurity using generative artificial intelligence (GAI). The methodology is based on a hierarchical approach to AI systems, such as ChatGPT, to determine the central node and levels of the hierarchy, as well as to further clarify the causal relationships. The essence of the proposed methodology is to determine the central node and hierarchy levels, form a set of related concepts, visualize the primary casual network, interact with a swarm of virtual experts to improve the accuracy and completeness of the network, and form the final causal network. The possibility of using the Gephi program to visualize a graph representing a casual network is considered. The article presents a methodology for selecting and applying a significance threshold for filtering insignificant connections in order to form a more accurate and complete final causal network for further scenario analysis in the field of cybersecurity. Various options for applying the significance threshold are considered, depending on the characteristics of the network, prior knowledge or analysis of training data, as well as on the basis of statistical indicators such as the average weight and standard deviation. The possibility of dynamically adjusting the significance threshold based on an assessment of the quality of the final network, taking into account such indicators as the number of clusters, network cohesion, and the significance of links, is analyzed. Examples of queries to the GCI systems and the results of their execution are presented, which allow us to better understand the process of network formation. Experimental results show that the proposed methodology allows to effectively form causal networks that can be used for further scenario analysis in the field of cybersecurity.

Keywords: Cybersecurity, generative artificial intelligence, ChatGPT, hierarchical approach, virtual experts, scenario analysis, causal networks, Gephi, text analytics, network analysis.

References

  1. Kalyan K. S. A survey of GPT-3 family large language models including ChatGPT and GPT4 // Natural Language Processing Journal. – 2023. – P. 100048. DOI: 10.1016/j.nlp.2023.100048.
  2. Zhang H., Song H., Li S., Zhou M., Song D. A survey of controllable text generation using transformer-based pre-trained language models // ACM Computing Surveys. – 2023. – Vol. 56, No. 3. – P. 1-37. DOI: 10.1145/3617680.
  3. Trieu-Do V., Garcia-Lebron R., Xu M., Xu S., Feng Y. Characterizing and leveraging Granger causality in cybersecurity: Framework and case study // ICST Transactions on Security and Safety. – 2021. – Vol. 7, No. 25. DOI: 10.4108/eai.11-5-2021.169912.
  4. Zhang H., Yao D. D., Ramakrishnan N., Zhang Z. Causality reasoning about network events for detecting stealthy malware activities // Computers & Security. – 2016. – Vol. 58. – P. 180-198. DOI: 10.1016/j.cose.2016.01.002.
  5. Papachristou M., Yuan Y. Network Formation and Dynamics Among Multi-LLMs // arXiv preprint. – 2024. – P. arXiv:2402.10659. DOI: 10.48550/arXiv.2402.10659.
  6. Luo K., Zhou T., Chen Y., Zhao J., Liu K. Open Event Causality Extraction by the Assistance of LLM in Task Annotation, Dataset, and Method // In Proceedings of the Workshop: Bridging Neurons and Symbols for Natural Language Processing and Knowledge Graphs Reasoning (NeusymBridge)@ LREC-COLING-2024. – 2024. – P. 33-44.
  7. Saha D., Tarek S., Yahyaei K., Saha S. K., Zhou J., Tehranipoor M., Farahmandi F. LLM for SoC Security: A Paradigm Shift // IEEE Access. – 2024. DOI: 10.1109/ACCESS.2024.3427369. ISSN 2412-4338 Телекомунікаційні та інформаційні технології. 2024. № 4 (85)
  8. Khatibi E., Abbasian M., Yang Z., Azimi I., Rahmani A. M. ALCM: Autonomous LLMAugmented Causal Discovery Framework // arXiv preprint. – 2024. – P. arXiv:2405.01744. DOI: 10.48550/arXiv.2405.01744.
  9. Guo G., Karavani E., Endert A., Kwon B. Causalvis: Visualizations for Causal Inference // Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. – 2023. – P. 1- 20. DOI: 10.1145/3544548.3581236.
  10. Puchkov O., Lande D., Subach I., Rybak O. Integration of information search technologies and artificial intelligence in the field of cybersecurity.. // Information Technology and Security. – 2023. – Vol. 11, no 2. – P. 206–215. DOI: 10.20535/2411-1031.2023.11.2.293789.
  11. Lande D., Strashnoy L. Concept Networking Methods Based on ChatGPT & Gephi // SSRN. – 2023. Available at: http://dx.doi.org/10.2139/ssrn.4420452.
  12. Lande D.V., Strashnoy L.L. Ієрархічне формування причинно-наслідкових мереж на основі ChatGPT: Proceedings of the First All-Ukrainian Scientific and Practical Conference dedicated to the 100th anniversary of Academician V.M. Glushkov, Kyiv, May 26, 2023 Kyiv, 2023. P.24-30.

Downloads

Published

2025-01-06

Issue

No. 4 (2024)

Section

Articles