Go to DBLP homepagePoster: CrystalBall - Attack Graphs Using Large Language Models and RAGs
Abstract: Attack graphs provide a way to model multiple attack vectors and multi-step attacks in a holistic manner that a malicious actor could use to compromise a system. Traditional methods of generating attack graphs involve expert knowledge, manual curation, and computational algorithms that might not cover the entire threat landscape due to the ever-evolving nature of vulnerabilities and exploits. This paper explores the approach of leveraging large language models (LLMs), such as GPT4, to automate the generation of attack graphs by intelligently chaining CVEs based on their preconditions and effects. It also shows how to utilize LLMs to create attack graphs from threat reports.
Loading