A GPT-Based Approach for Cyber Threat Assessment
Background: The increasing prevalence of cyber threats in industrial cyber–physical systems (ICPSs) necessitates advanced solutions for threat detection and analysis. This research proposes a novel GPT-based framework for assessing cyber threats, leveraging artificial intelligence to process and ana...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-05-01
|
| Series: | AI |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2673-2688/6/5/99 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Background: The increasing prevalence of cyber threats in industrial cyber–physical systems (ICPSs) necessitates advanced solutions for threat detection and analysis. This research proposes a novel GPT-based framework for assessing cyber threats, leveraging artificial intelligence to process and analyze large-scale cyber event data. Methods: The framework integrates multiple components, including data ingestion, preprocessing, feature extraction, and analysis modules such as knowledge graph construction, clustering, and anomaly detection. It utilizes a hybrid methodology combining spectral residual transformation and Convolutional Neural Networks (CNNs) to identify anomalies in time-series cyber event data, alongside regression models for evaluating the significant factors associated with cyber events. Results: The system was evaluated using 9018 cyber-related events sourced from 44 global news portals. Performance metrics, including precision (0.999), recall (0.998), and F1-score (0.998), demonstrate the framework’s efficacy in accurately classifying and categorizing cyber events. Notably, anomaly detection identified six significant deviations during the monitored timeframe, starting from 25 September 2023 to 25 November 2024, with a sensitivity of 75%, revealing critical insights into unusual activity patterns. The fully deployed automated model also identified 11 correlated factors and five unique clusters associated with high-rated cyber incidents. Conclusions: This approach provides actionable intelligence for stakeholders by offering real-time monitoring, anomaly detection, and knowledge graph-based insights into cyber threats. The outcomes highlight the system’s potential to enhance ICPS security, supporting proactive threat management and resilience in increasingly complex industrial environments. |
|---|---|
| ISSN: | 2673-2688 |