• Synelixis
• | October 23, 2024
• | In general, Research Projects

LLMs at the Service of Critical Infrastructure Proactive Security

PRESS RELEASE

SYNELIXIS participates in Horizon 2020 Cyber Securing Energy dAta Services – CyberSEAS project. CyberSEAS’ objectives focus on the protection of Electrical Power and Energy Systems (EPES) against cyber-attacks in an increasingly complex and decentralised environment involving extended energy supply chains, operators and consumers. CyberSEAS has been recently successfully completed, offering 30 solutions and services, of which 20 achieve TRL8+ and 10 TRL7, deployed as customisable security measures.

In this context, SYNELIXIS announces the successful employment, configuration and fine-tuning of NLP (Natural Language Processing) tools including LLMs (Large Language Models) for the provision of proactive security and monitoring. This achieved through understanding and categorization of textual material (e.g. hackers’ posts) related to planned cyber-security attacks.

CyberSEAS has elaborated a rich pool of vulnerabilities has been identified from standards (such as NESCOR, NIST and ISO 270001) as well as pilot experiences and penetration testing. While vulnerabilities can be confronted based on internal insight (i.e. from the perspective of the operator), it is equally important to consider the external context and triggers. Posts retrieved from the dark web and deep nets indirectly provide information in this context.

The key challenge has been the reasonable and effective association of the textual material (e.g. hackers’ posts) with vulnerabilities relevant to EPES operators so that security risks are identified and reasonably quantified. A series of NLP tools have been employed, including RAKE (Rapid Automatic Keyword Extraction) keyword extractor, the USE (Universal Sentence Encoding) encoder and the cosine similarity matcher. As an extension, SYNELIXIS has also employed LLMs due to their capabilities and applications.

As a result, state of the art LLMs have been selected, configured and fine-tuned, including Mistral-7B, Meta-Lamma3-8b, Google-Gemma-1.1-7b and Meta-Lamma2-7b, achieving high-accuracy categorization of the hackers irc (Internet Relay Chats) log, which contains 478905 (sentences)[1].

The modules developed are already being integrated in the Cybersecurity portfolio of SYNELIXIS.

[1] Available at: http://azsecure-data.org/get data/forums/alsayra.txt.

CyberSEAS is a 36-month project that started on 1 Oct. 2021. It has received funding from the EU Horizon Europe research and innovation Programme

(Secure societies – Protecting freedom and security of Europe and its citizens)

under Grant Agreement No. 101020560.