The rapid evolution of cloud computing technologies and the increasing number of cloud applications have provided numerous benefits in our daily lives. However, the diversity and complexity of different components pose a significant challenge to cloud security, especially when dealing with sophisticated and advanced cyberattacks such as Denial of Service (DoS). Recent advancements in the large language models (LLMs) offer promising solutions for security intelligence. By exploiting the powerful capabilities in language understanding, data analysis, task inference, action planning, and code generation, we present LLM-PD, a novel defense architecture that proactively mitigates various DoS threats in cloud networks. LLM-PD can efficiently make decisions through comprehensive data analysis and sequential reasoning, as well as dynamically create and deploy actionable defense mechanisms. Furthermore, it can flexibly self-evolve based on experience learned from previous interactions and adapt to new attack scenarios without additional training. Our case study on three distinct DoS attacks demonstrates its remarkable ability in terms of defense effectiveness and efficiency when compared with other existing methods.

翻译：云计算技术的快速演进与云应用数量的日益增长，为我们的日常生活带来了诸多便利。然而，不同组件的多样性和复杂性对云安全构成了重大挑战，尤其是在应对诸如拒绝服务（DoS）等复杂高级网络攻击时。大语言模型（LLMs）的最新进展为安全智能提供了有前景的解决方案。通过利用其在语言理解、数据分析、任务推理、行动规划和代码生成方面的强大能力，我们提出了LLM-PD，一种新颖的防御架构，能够主动缓解云网络中的各类DoS威胁。LLM-PD能够通过全面的数据分析和序列推理高效做出决策，并动态创建和部署可操作的防御机制。此外，它能够基于从先前交互中学习的经验灵活自我演进，并适应新的攻击场景而无需额外训练。我们对三种不同DoS攻击的案例研究表明，与其他现有方法相比，LLM-PD在防御效能和效率方面展现出卓越的能力。