Integrating Large Language Models for Automated Vulnerability Scanning and Reporting in Network Hosts

Abstract

This research explores integrating Large Language Models (LLMs) like GPT-4 and Claude 3.5 into cybersecurity vulnerability scanning to enhance automation and effectiveness. Current tools' reliance on manual updates and human expertise is highlighted. A literature review identified effective modular architectures and Retrieval-Augmented Generation (RAG) systems for grounding LLMs with cybersecurity knowledge. A Proof of Concept (PoC) tool, developed in Python and tested on the Metasploitable system, evaluated three LLM implementations: GPT-4 Omni, GPT-4 Omni with RAG, and Claude 3.5 Sonnet. The results showed GPT-4 Omni outperformed Claude 3.5, with RAG significantly improving performance. The tool achieved 80% accuracy in identifying and resolving vulnerabilities. The study underscores the potential of LLMs to revolutionize vulnerability scanning, making advanced cybersecurity more accessible and effective. Future work should address limitations, enable interactive sessions, create new exploits, and tackle more complex challenges.