Search Icon
Register

PAIEL: Protocol-Aware and Context-Integrated Protocol Explanation Using LLMs for SOCs

Takeshi Kaneko (Panasonic Holdings Corporation), Hiroyuki Okada (Panasonic Holdings Corporation), Rashi Sharma (Panasonic R&D Center Singapore), Tatsumi Oba (Panasonic Holdings Corporation), Naoto Yanai (Panasonic Holdings Corporation)

Security Operations Centers (SOCs) have increasingly adopted Large Language Models (LLMs) to support cyberattack analysis, yet existing LLM usage often lacks knowledge required for accurate protocol-level explanations. In this study, we propose PAIEL, an LLM-based framework that integrates semantic context of protocol-level knowledge and structured context as external knowledge to generate accurate and faithful explanations for each protocol from raw packets, thereby supporting SOC analyst operations. Through extensive experiments, we show that PAIEL outperforms common LLM baselines in terms of both human and automatic evaluations by considering protocol specifications. Our results also indicate that both structured context and semantic context are necessary to generate effective explanations. We also conduct an evaluation of PAIEL as a real-world application by providing it with SOC analysts, and then demonstrate that PAIEL is practical in the real world.

Paper

View More Papers

Why is Space Cybersecurity Unique?

Rajiv Thummala (Cornell University), Eric Race (California Institute of Technology), Gregory Falco (Cornell University)

Read More

A Temporal Paradox in Software Vulnerability Prioritization: Why Do...

Osama Al Haddad (Macquarie University, Sydney, Australia), Muhammad Ikram (Macquarie University, Sydney, Australia), Young Choon Lee (Macquarie University, Sydney, Australia), Muhammad Ejaz Ahmed (Data61 CSIRO, Sydney, Australia)

Read More

Analysis of the Security Design, Engineering, and Implementation of...

Alan T. Sherman (University of Maryland, Baltimore County (UMBC)), Jeremy J. Romanik Romano (University of Maryland, Baltimore County (UMBC)), Edward Zieglar (University of Maryland, Baltimore County (UMBC)), Enis Golaszewski (University of Maryland, Baltimore County (UMBC)), Jonathan D. Fuchs (University of Maryland, Baltimore County (UMBC)), William E. Byrd (University of Alabama at Birmingham)

Read More