Takeshi Kaneko (Panasonic Holdings Corporation), Hiroyuki Okada (Panasonic Holdings Corporation), Rashi Sharma (Panasonic R&D Center Singapore), Tatsumi Oba (Panasonic Holdings Corporation), Naoto Yanai (Panasonic Holdings Corporation)

Security Operations Centers (SOCs) have increasingly adopted Large Language Models (LLMs) to support cyberattack analysis, yet existing LLM usage often lacks knowledge required for accurate protocol-level explanations. In this study, we propose PAIEL, an LLM-based framework that integrates semantic context of protocol-level knowledge and structured context as external knowledge to generate accurate and faithful explanations for each protocol from raw packets, thereby supporting SOC analyst operations. Through extensive experiments, we show that PAIEL outperforms common LLM baselines in terms of both human and automatic evaluations by considering protocol specifications. Our results also indicate that both structured context and semantic context are necessary to generate effective explanations. We also conduct an evaluation of PAIEL as a real-world application by providing it with SOC analysts, and then demonstrate that PAIEL is practical in the real world.

View More Papers

CTng: Secure Certificate and Revocation Transparency

Jie Kong (Dept. of Computer Science and Engineering, University of Connecticut, Storrs, CT), Damon James (Dept. of Computer Science and Engineering, University of Connecticut, Storrs, CT), Hemi Leibowitz (Faculty of Computer Science, The College of Management Academic Studies, Rishon LeZion, Israel), Ewa Syta (Dept. of Computer Science, Trinity College, Hartford, CT), Amir Herzberg (Dept. of…

Read More

Limitless Scalability: A High-Throughput and Replica-Agnostic BFT Consensus

Chenyu Zhang (Tianjin University), Xiulong Liu (Tianjin University), Hao Xu (Tianjin University), Haochen Ren (Tianjin University), Muhammad Shahzad (North Carolina State University), Guyue Liu (Peking University), Keqiu Li (Tianjin University)

Read More

Cyber Threat Intelligence for SOC Analysts

Nidhi Rastogi, Md Tanvirul Alam (Rochester Institute of Technology)

Read More