Large Language Models (LLMs) have gained widespread popularity across diverse domains involving text generation, summarization, and various natural language processing tasks. Despite their inherent limitations, LLM-based designs have shown promising capabilities in planning and navigating open-world scenarios. This paper introduces a novel application of pre-trained LLMs as agents within cybersecurity network environments, focusing on their utility for sequential decision-making processes. We present an approach wherein pre-trained LLMs are leveraged as attacking agents in two reinforcement learning environments. Our proposed agents demonstrate similar or better performance against state-of-the-art agents trained for thousands of episodes in most scenarios and configurations. In addition, the best LLM agents perform similarly to human testers of the environment without any additional training process. This design highlights the potential of LLMs to efficiently address complex decision-making tasks within cybersecurity. Furthermore, we introduce a new network security environment named NetSecGame. The environment is designed to eventually support complex multi-agent scenarios within the network security domain. The proposed environment mimics real network attacks and is designed to be highly modular and adaptable for various scenarios.

翻译：大语言模型（LLMs）在涉及文本生成、摘要及各类自然语言处理任务的多个领域中获得广泛应用。尽管存在固有局限性，基于大语言模型的设计在开放世界场景的规划与导航中展现出有前景的能力。本文提出一种将预训练大语言模型作为智能体应用于网络安全网络环境的新颖方案，重点关注其在序贯决策过程中的实用性。我们提出一种方法，在两种强化学习环境中利用预训练大语言模型作为攻击智能体。在大多数场景和配置下，我们提出的智能体与经过数千回合训练的最先进智能体相比，表现相当或更优。此外，最佳的大语言模型智能体无需额外训练过程即可达到与人工环境测试者相似的表现。该设计凸显了大语言模型高效处理网络安全领域复杂决策任务的潜力。最后，我们引入名为NetSecGame的新型网络安全环境。该环境设计旨在最终支持网络安全领域内的复杂多智能体场景。所提出的环境模拟真实网络攻击，并具有高度模块化和可适配性以适应各类场景。