{"id":"https://openalex.org/W4391094158","doi":"https://doi.org/10.1109/bigdata59044.2023.10386976","title":"Transformer-based LLMs in Cybersecurity: An in-depth Study on Log Anomaly Detection and Conversational Defense Mechanisms","display_name":"Transformer-based LLMs in Cybersecurity: An in-depth Study on Log Anomaly Detection and Conversational Defense Mechanisms","publication_year":2023,"publication_date":"2023-12-15","ids":{"openalex":"https://openalex.org/W4391094158","doi":"https://doi.org/10.1109/bigdata59044.2023.10386976"},"language":"en","primary_location":{"id":"doi:10.1109/bigdata59044.2023.10386976","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata59044.2023.10386976","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Big Data (BigData)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5109741387","display_name":"Prasasthy Balasubramanian","orcid":"https://orcid.org/0009-0002-4098-0333"},"institutions":[{"id":"https://openalex.org/I4210102840","display_name":"Ubiquitous Energy (United States)","ror":"https://ror.org/01b06j989","country_code":"US","type":"company","lineage":["https://openalex.org/I4210102840"]},{"id":"https://openalex.org/I98381234","display_name":"University of Oulu","ror":"https://ror.org/03yj89h83","country_code":"FI","type":"education","lineage":["https://openalex.org/I98381234"]}],"countries":["FI","US"],"is_corresponding":true,"raw_author_name":"Prasasthy Balasubramanian","raw_affiliation_strings":["University of Oulu,Center for Ubiquitous Computing","Center for Ubiquitous Computing, University of Oulu"],"affiliations":[{"raw_affiliation_string":"University of Oulu,Center for Ubiquitous Computing","institution_ids":["https://openalex.org/I4210102840","https://openalex.org/I98381234"]},{"raw_affiliation_string":"Center for Ubiquitous Computing, University of Oulu","institution_ids":["https://openalex.org/I98381234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093760282","display_name":"Justin Seby","orcid":"https://orcid.org/0009-0002-5847-5917"},"institutions":[{"id":"https://openalex.org/I98381234","display_name":"University of Oulu","ror":"https://ror.org/03yj89h83","country_code":"FI","type":"education","lineage":["https://openalex.org/I98381234"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Justin Seby","raw_affiliation_strings":["University of Oulu,Biomimetics and Intelligent Systems Group","Biomimetics and Intelligent Systems Group, University of Oulu"],"affiliations":[{"raw_affiliation_string":"University of Oulu,Biomimetics and Intelligent Systems Group","institution_ids":["https://openalex.org/I98381234"]},{"raw_affiliation_string":"Biomimetics and Intelligent Systems Group, University of Oulu","institution_ids":["https://openalex.org/I98381234"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5051336752","display_name":"Panos Kostakos","orcid":"https://orcid.org/0000-0002-8545-599X"},"institutions":[{"id":"https://openalex.org/I4210102840","display_name":"Ubiquitous Energy (United States)","ror":"https://ror.org/01b06j989","country_code":"US","type":"company","lineage":["https://openalex.org/I4210102840"]},{"id":"https://openalex.org/I98381234","display_name":"University of Oulu","ror":"https://ror.org/03yj89h83","country_code":"FI","type":"education","lineage":["https://openalex.org/I98381234"]}],"countries":["FI","US"],"is_corresponding":false,"raw_author_name":"Panos Kostakos","raw_affiliation_strings":["University of Oulu,Center for Ubiquitous Computing","Center for Ubiquitous Computing, University of Oulu"],"affiliations":[{"raw_affiliation_string":"University of Oulu,Center for Ubiquitous Computing","institution_ids":["https://openalex.org/I4210102840","https://openalex.org/I98381234"]},{"raw_affiliation_string":"Center for Ubiquitous Computing, University of Oulu","institution_ids":["https://openalex.org/I98381234"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5109741387"],"corresponding_institution_ids":["https://openalex.org/I4210102840","https://openalex.org/I98381234"],"apc_list":null,"apc_paid":null,"fwci":3.0707,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.92199759,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"3590","last_page":"3599"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9853000044822693,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.828216016292572},{"id":"https://openalex.org/keywords/chatbot","display_name":"Chatbot","score":0.793366551399231},{"id":"https://openalex.org/keywords/flagging","display_name":"Flagging","score":0.791678786277771},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6838010549545288},{"id":"https://openalex.org/keywords/outlier","display_name":"Outlier","score":0.6327589750289917},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.5244327187538147},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4329102635383606},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.41756415367126465},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.38599422574043274},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3631363809108734},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.34214404225349426}],"concepts":[{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.828216016292572},{"id":"https://openalex.org/C2779041454","wikidata":"https://www.wikidata.org/wiki/Q870780","display_name":"Chatbot","level":2,"score":0.793366551399231},{"id":"https://openalex.org/C2777548347","wikidata":"https://www.wikidata.org/wiki/Q5456937","display_name":"Flagging","level":2,"score":0.791678786277771},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6838010549545288},{"id":"https://openalex.org/C79337645","wikidata":"https://www.wikidata.org/wiki/Q779824","display_name":"Outlier","level":2,"score":0.6327589750289917},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.5244327187538147},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4329102635383606},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.41756415367126465},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38599422574043274},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3631363809108734},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.34214404225349426},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/bigdata59044.2023.10386976","is_oa":false,"landing_page_url":"https://doi.org/10.1109/bigdata59044.2023.10386976","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Big Data (BigData)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320321108","display_name":"Academy of Finland","ror":"https://ror.org/05k73zm37"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W2005245397","https://openalex.org/W2560021099","https://openalex.org/W2567345417","https://openalex.org/W2745980806","https://openalex.org/W2794671739","https://openalex.org/W2890792016","https://openalex.org/W2896457183","https://openalex.org/W2978017171","https://openalex.org/W2996428491","https://openalex.org/W3043486047","https://openalex.org/W3089157269","https://openalex.org/W4213074563","https://openalex.org/W4303859075","https://openalex.org/W4388212317","https://openalex.org/W6755207826","https://openalex.org/W6768021236","https://openalex.org/W6768851824","https://openalex.org/W7014595873"],"related_works":["https://openalex.org/W2946613364","https://openalex.org/W2499612753","https://openalex.org/W3111802945","https://openalex.org/W2125309548","https://openalex.org/W2946096271","https://openalex.org/W2295423552","https://openalex.org/W1598471830","https://openalex.org/W3107369729","https://openalex.org/W4323520232","https://openalex.org/W4318818647"],"abstract_inverted_index":{"With":[0],"the":[1,34,83,149,170],"advancement":[2],"of":[3,126,151],"conversational":[4,113],"AI":[5],"and":[6,28,61,66,70,85,101,136,159,174],"Large":[7],"Language":[8],"Models":[9],"(LLMs),":[10],"interactive":[11],"chatbots":[12],"are":[13],"emerging":[14],"as":[15],"pivotal":[16],"assets":[17],"for":[18],"connecting":[19],"with":[20,154],"users":[21],"across":[22],"various":[23,26],"sectors,":[24],"enabling":[25],"capabilities":[27],"functions.":[29],"However,":[30],"their":[31],"potential":[32],"in":[33,78,95,110,133,142],"cybersecurity":[35],"domain":[36,102],"remains":[37],"largely":[38],"untapped.":[39],"This":[40],"article":[41],"introduces":[42],"a":[43,107],"novel":[44],"method":[45],"to":[46,64,121],"enhance":[47],"chatbot":[48,56,105],"performance":[49,132,150],"by":[50,128],"incorporating":[51],"anomaly":[52,89,116],"detection":[53,90,117],"features.":[54],"Our":[55,115,161],"uses":[57],"advanced":[58],"GPT-3":[59,152,165],"models":[60,153,166,173],"rule-based":[62],"logic":[63],"identify":[65],"extract":[67],"unusual":[68,140],"patterns":[69,141],"deviations":[71],"within":[72],"logs,":[73],"making":[74],"it":[75],"more":[76,123],"proficient":[77],"detecting":[79],"anomalies.":[80],"We":[81,146],"present":[82],"architecture":[84],"methodology":[86],"behind":[87],"our":[88,104],"system,":[91],"showcasing":[92],"its":[93,130],"effectiveness":[94],"real-world":[96],"scenarios.":[97],"Combining":[98],"machine":[99],"learning":[100],"expertise,":[103],"sets":[106],"new":[108],"standard":[109],"interactive,":[111],"anomaly-aware":[112],"agents.":[114],"classifier":[118],"was":[119],"able":[120],"achieve":[122],"than":[124],"99%":[125],"accuracy":[127],"illustrating":[129],"robust":[131],"accurately":[134],"identifying":[135],"flagging":[137],"outliers":[138],"or":[139],"log":[143],"file":[144],"data.":[145],"also":[147],"compared":[148],"other":[155,171],"LLMs:":[156],"BERT,":[157],"DistilBERT,":[158],"ALBERT.":[160],"findings":[162],"concluded":[163],"that":[164],"consistently":[167],"outperform":[168],"all":[169],"LLM":[172],"exhibit":[175],"significantly":[176],"higher":[177],"performance.":[178]},"counts_by_year":[{"year":2025,"cited_by_count":10},{"year":2024,"cited_by_count":5}],"updated_date":"2026-03-06T13:50:29.536080","created_date":"2025-10-10T00:00:00"}