Large Language Models (LLMs) have gained widespread popularity across diverse domains involving text generation, summarization, and various natural language processing tasks. Despite their inherent limitations, LLM-based designs have shown promising capabilities in planning and navigating open-world scenarios. This paper introduces a novel application of pre-trained LLMs as agents within cybersecurity network environments, focusing on their utility for sequential decision-making processes. We present an approach wherein pre-trained LLMs are leveraged as attacking agents in two reinforcement learning environments. Our proposed agents demonstrate similar or better performance against state-of-the-art agents trained for thousands of episodes in most scenarios and configurations. In addition, the best LLM agents perform similarly to human testers of the environment without any additional training process. This design highlights the potential of LLMs to efficiently address complex decision-making tasks within cybersecurity. Furthermore, we introduce a new network security environment named NetSecGame. The environment is designed to eventually support complex multi-agent scenarios within the network security domain. The proposed environment mimics real network attacks and is designed to be highly modular and adaptable for various scenarios.

翻译：大型语言模型（LLM）在涉及文本生成、摘要及各类自然语言处理任务的多个领域已获得广泛普及。尽管存在固有局限性，基于LLM的设计在规划和探索开放世界场景方面展现出有前景的能力。本文创新性地将预训练LLM作为智能体应用于网络安全网络环境中，重点关注其在序列决策过程中的实用价值。我们提出了一种方法，在两个强化学习环境中将预训练LLM用作攻击智能体。在多数场景和配置下，我们提出的智能体在性能上达到或超越了经过数千回合训练的最先进智能体。此外，最优LLM智能体在无需额外训练的情况下，其表现与环境的人类测试员相当。该设计凸显了LLM在网络安全领域高效处理复杂决策任务的潜力。同时，我们引入了一个名为NetSecGame的新型网络安全环境。该环境旨在最终支持网络安全领域内的复杂多智能体场景。所提出的环境模拟了真实的网络攻击，并设计为高度模块化且能适配各种场景。