信息网络安全 ›› 2024, Vol. 24 ›› Issue (5): 778-793.doi: 10.3969/j.issn.1671-1122.2024.05.011

• 理论研究 • 上一篇    下一篇

面向网络安全领域的大语言模型技术综述

张长琳1, 仝鑫2(), 佟晖3, 杨莹4   

  1. 1.河南警察学院,郑州 450046
    2.中国人民公安大学信息网络安全学院,北京 100038
    3.北京警察学院,北京 102202
    4.公安部第三研究所,上海 201204
  • 收稿日期:2024-02-26 出版日期:2024-05-10 发布日期:2024-06-24
  • 通讯作者: 仝鑫 E-mail:tongxindotnet@outlook.com
  • 作者简介:张长琳(1970—),女,河南,副教授,主要研究方向为网络安全和信息分析|仝鑫(1995—),男,河南,博士研究生,CCF会员,主要研究方向为网络空间安全和自然语言处理|佟晖(1969—),女,北京,教授,硕士,主要研究方向为网络空间安全|杨莹(1981—),女,上海,副研究员,博士,主要研究方向为网络空间安全
  • 基金资助:
    2024年度河南省高校人文社会科学研究一般项目(2024-ZZJH-290);河南警察学院校级教育教学改革研究与实践项目(JY2022042);河南警察学院院级课题资助项目(HNJY-2023-42)

A Survey of Large Language Models in the Domain of Cybersecurity

ZHANG Changlin1, TONG Xin2(), TONG Hui3, YANG Ying4   

  1. 1. Henan Police College, Zhengzhou 450046, China
    2. School of Information and Network Security, People’s Public Security University of China, Beijing 100038, China
    3. Beijing Police College, Beijing 102202, China
    4. Third Research Institute of the Ministry of Public Security, Shanghai 201204, China
  • Received:2024-02-26 Online:2024-05-10 Published:2024-06-24
  • Contact: TONG Xin E-mail:tongxindotnet@outlook.com

摘要:

近年来,随着大语言模型技术的迅速发展,其在医疗、法律等众多领域已经显现出应用潜力,同时为网络安全领域的发展提供了新的方向。文章首先综述了大语言模型的设计原理、训练机制及核心特性等基础理论,为读者提供了必要的背景知识。然后,深入探讨了大语言模型在识别和处置日益增长的网络威胁方面的作用,详细阐述了其在渗透测试、代码安全审查、社会工程学攻击以及网络安全专业知识评估方面的研究进展。最后,分析了该技术在安全性、成本和可解释性等方面的挑战并展望了未来的发展方向。

关键词: 大语言模型, ChatGPT, 网络安全

Abstract:

In recent years, with the rapid advancement of large language model technology, its application potential in various fields such as healthcare and law has become evident, simultaneously pointing to new directions for progress in the field of cybersecurity. This paper began by providing an overview of the foundational theories behind the design principles, training mechanisms, and core characteristics of large language models, offering the necessary background knowledge to readers. It then delved into the role of large language models in enhancing the capabilities to identify and respond to the growing threats online, detailing research progress in areas such as penetration testing, code security audit, social engineering attacks, and the assessment of professional cybersecurity knowledge. Finally, it analyzed the challenges related to security, cost, and interpretability of this technology, and looked forward to the future development direction.

Key words: LLMs, ChatGPT, cybersecurity

中图分类号: