Enabling Cyber Security Education through Digital Twins and Generative AI

• URL: http://arxiv.org/abs/2507.17518v1
• Date: Wed, 23 Jul 2025 13:55:35 GMT
• Title: Enabling Cyber Security Education through Digital Twins and Generative AI
• Authors: Vita Santa Barletta, Vito Bavaro, Miriana Calvano, Antonio Curci, Antonio Piccinno, Davide Pio Posa,
• Abstract summary: Digital Twins (DTs) are gaining prominence in cybersecurity for their ability to replicate complex IT infrastructures.<n>This study investigates how integrating DTs with penetration testing tools and Large Language Models (LLMs) can enhance cybersecurity education.
• Score: 1.2619493260255112
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Digital Twins (DTs) are gaining prominence in cybersecurity for their ability to replicate complex IT (Information Technology), OT (Operational Technology), and IoT (Internet of Things) infrastructures, allowing for real time monitoring, threat analysis, and system simulation. This study investigates how integrating DTs with penetration testing tools and Large Language Models (LLMs) can enhance cybersecurity education and operational readiness. By simulating realistic cyber environments, this approach offers a practical, interactive framework for exploring vulnerabilities and defensive strategies. At the core of this research is the Red Team Knife (RTK), a custom penetration testing toolkit aligned with the Cyber Kill Chain model. RTK is designed to guide learners through key phases of cyberattacks, including reconnaissance, exploitation, and response within a DT powered ecosystem. The incorporation of Large Language Models (LLMs) further enriches the experience by providing intelligent, real-time feedback, natural language threat explanations, and adaptive learning support during training exercises. This combined DT LLM framework is currently being piloted in academic settings to develop hands on skills in vulnerability assessment, threat detection, and security operations. Initial findings suggest that the integration significantly improves the effectiveness and relevance of cybersecurity training, bridging the gap between theoretical knowledge and real-world application. Ultimately, the research demonstrates how DTs and LLMs together can transform cybersecurity education to meet evolving industry demands.

Related papers

• Llama-3.1-FoundationAI-SecurityLLM-Base-8B Technical Report [50.268821168513654]
  We present Foundation-Sec-8B, a cybersecurity-focused large language model (LLMs) built on the Llama 3.1 architecture.<n>We evaluate it across both established and new cybersecurity benchmarks, showing that it matches Llama 3.1-70B and GPT-4o-mini in certain cybersecurity-specific tasks.<n>By releasing our model to the public, we aim to accelerate progress and adoption of AI-driven tools in both public and private cybersecurity contexts.
  arXiv  Detail & Related papers  (2025-04-28T08:41:12Z)
• Exploring the Role of Large Language Models in Cybersecurity: A Systematic Survey [25.73174314007904]
  Traditional cybersecurity approaches are struggling to adapt to the rapidly evolving nature of modern cyberattacks.<n>The emergence of Large Language Model (LLM) provides an innovative solution to cope with the increasingly severe cyber threats.<n> exploring how to effectively use LLM to defend against cyberattacks has become a hot topic in the current research field.
  arXiv  Detail & Related papers  (2025-04-22T06:28:08Z)
• CyberBOT: Towards Reliable Cybersecurity Education via Ontology-Grounded Retrieval Augmented Generation [13.352385179504482]
  In cybersecurity education, accuracy and safety are paramount, and systems must go beyond surface-level relevance to provide information that is both trustworthy and domain-appropriate.<n>We introduce CyberBOT, a question-answering robot that incorporates contextual information from course-specific materials and validate responses using a domain-specific cybersecurity ontology.<n>CyberBOT has been deployed in a large graduate-level course at Arizona State University, where more than one hundred students actively engage with the system through a dedicated web-based platform.
  arXiv  Detail & Related papers  (2025-04-01T03:19:22Z)
• Cyber Defense Reinvented: Large Language Models as Threat Intelligence Copilots [36.809323735351825]
  CYLENS is a cyber threat intelligence copilot powered by large language models (LLMs)<n>CYLENS is designed to assist security professionals throughout the entire threat management lifecycle.<n>It supports threat attribution, contextualization, detection, correlation, prioritization, and remediation.
  arXiv  Detail & Related papers  (2025-02-28T07:16:09Z)
• A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments [55.60375624503877]
  Model Extraction Attacks (MEAs) threaten modern machine learning systems by enabling adversaries to steal models, exposing intellectual property and training data.<n>This survey is motivated by the urgent need to understand how the unique characteristics of cloud, edge, and federated deployments shape attack vectors and defense requirements.<n>We systematically examine the evolution of attack methodologies and defense mechanisms across these environments, demonstrating how environmental factors influence security strategies in critical sectors such as autonomous vehicles, healthcare, and financial services.
  arXiv  Detail & Related papers  (2025-02-22T03:46:50Z)
• Countering Autonomous Cyber Threats [40.00865970939829]
  Foundation Models present dual-use concerns broadly and within the cyber domain specifically. Recent research has shown the potential for these advanced models to inform or independently execute offensive cyberspace operations. This work evaluates several state-of-the-art FMs on their ability to compromise machines in an isolated network and investigates defensive mechanisms to defeat such AI-powered attacks.
  arXiv  Detail & Related papers  (2024-10-23T22:46:44Z)
• Redefining DDoS Attack Detection Using A Dual-Space Prototypical Network-Based Approach [38.38311259444761]
  We introduce a new deep learning-based technique for detecting DDoS attacks. We propose a new dual-space prototypical network that leverages a unique dual-space loss function. This approach capitalizes on the strengths of representation learning within the latent space.
  arXiv  Detail & Related papers  (2024-06-04T03:22:52Z)
• SEvenLLM: Benchmarking, Eliciting, and Enhancing Abilities of Large Language Models in Cyber Threat Intelligence [27.550484938124193]
  This paper introduces a framework to benchmark, elicit, and improve cybersecurity incident analysis and response abilities. We create a high-quality bilingual instruction corpus by crawling cybersecurity raw text from cybersecurity websites. The instruction dataset SEvenLLM-Instruct is used to train cybersecurity LLMs with the multi-task learning objective.
  arXiv  Detail & Related papers  (2024-05-06T13:17:43Z)
• Generative AI in Cybersecurity [0.0]
  Generative Artificial Intelligence (GAI) has been pivotal in reshaping the field of data analysis, pattern recognition, and decision-making processes. As GAI rapidly progresses, it outstrips the current pace of cybersecurity protocols and regulatory frameworks. The study highlights the critical need for organizations to proactively identify and develop more complex defensive strategies to counter the sophisticated employment of GAI in malware creation.
  arXiv  Detail & Related papers  (2024-05-02T19:03:11Z)
• Purple Llama CyberSecEval: A Secure Coding Benchmark for Language Models [41.068780235482514]
  This paper presents CyberSecEval, a comprehensive benchmark developed to help bolster the cybersecurity of Large Language Models (LLMs) employed as coding assistants. CyberSecEval provides a thorough evaluation of LLMs in two crucial security domains: their propensity to generate insecure code and their level of compliance when asked to assist in cyberattacks.
  arXiv  Detail & Related papers  (2023-12-07T22:07:54Z)
• Review: Deep Learning Methods for Cybersecurity and Intrusion Detection Systems [6.459380657702644]
  Artificial Intelligence (AI) and Machine Learning (ML) can be leveraged as key enabling technologies for cyber-defense. In this paper, we are concerned with the investigation of the various deep learning techniques employed for network intrusion detection.
  arXiv  Detail & Related papers  (2020-12-04T23:09:35Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.