FIELD: physics.
SUBSTANCE: present invention relates to information technology, and more specifically to a method of using large language models when monitoring security and responding to incidents. Technical result is achieved by receiving input data from elements of information security monitoring centre; selecting one or more phrases from input data; making a text request from the selected phrases; sending a text request to a large language model; receiving a response from the large language model from the information security monitoring centre elements; key phrases are extracted from the response from the large language model. Possible threat is highlighted on the basis of response analysis.
EFFECT: shorter collection time and high level of processing information (artifacts) during investigation of an information security incident.
6 cl, 3 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| METHOD OF USING LARGE LANGUAGE MODELS WHEN RESPONDING TO INFORMATION SECURITY INCIDENTS | 2023 |
|
RU2825972C1 |
| METHOD OF COMBINING LARGE LANGUAGE MODEL AND SECURITY AGENT | 2023 |
|
RU2825975C1 |
| METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS | 2020 |
|
RU2763115C1 |
| METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS | 2020 |
|
RU2762528C1 |
| INTELLIGENT CONTROL SYSTEM FOR CYBERTHREATS | 2019 |
|
RU2702269C1 |
| SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT | 2019 |
|
RU2739864C1 |
| METHOD FOR IDENTIFYING INFORMATION SECURITY THREATS (OPTIONS) | 2023 |
|
RU2802539C1 |
| INFORMATION SECURITY INCIDENT RESPONSE SYSTEM AND METHOD | 2023 |
|
RU2824732C1 |
| METHOD AND SYSTEM OF CYBER TRAINING | 2022 |
|
RU2808388C1 |
| METHOD FOR FILTERING EVENTS FOR TRANSMISSION TO REMOTE DEVICE | 2022 |
|
RU2813239C1 |
