Related papers: Advancing LLM-Based Security Automation with Customized Group Relative Policy Optimization for Zero-Touch Networks

Advancing LLM-Based Security Automation with Customized Group Relative Policy Optimization for Zero-Touch Networks

URL: http://arxiv.org/abs/2512.09485v1
Date: Wed, 10 Dec 2025 10:04:11 GMT
Title: Advancing LLM-Based Security Automation with Customized Group Relative Policy Optimization for Zero-Touch Networks
Authors: Xinye Cao, Yihan Lin, Guoshun Nan, Qinchuan Zhou, Yuhang Luo, Yurui Gao, Zeliang Zhang, Haolang Lu, Qimei Cui, Yanzhao Hou, Xiaofeng Tao, Tony Q. S. Quek,
Abstract summary: 6G Zero-Touch Networks (ZTNs) represent a transformative paradigm toward fully automated and intelligent network management.<n>Security automation aims to enable intelligent security management across dynamic and complex environments.
Score: 56.2003512635877
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Zero-Touch Networks (ZTNs) represent a transformative paradigm toward fully automated and intelligent network management, providing the scalability and adaptability required for the complexity of sixth-generation (6G) networks. However, the distributed architecture, high openness, and deep heterogeneity of 6G networks expand the attack surface and pose unprecedented security challenges. To address this, security automation aims to enable intelligent security management across dynamic and complex environments, serving as a key capability for securing 6G ZTNs. Despite its promise, implementing security automation in 6G ZTNs presents two primary challenges: 1) automating the lifecycle from security strategy generation to validation and update under real-world, parallel, and adversarial conditions, and 2) adapting security strategies to evolving threats and dynamic environments. This motivates us to propose SecLoop and SA-GRPO. SecLoop constitutes the first fully automated framework that integrates large language models (LLMs) across the entire lifecycle of security strategy generation, orchestration, response, and feedback, enabling intelligent and adaptive defenses in dynamic network environments, thus tackling the first challenge. Furthermore, we propose SA-GRPO, a novel security-aware group relative policy optimization algorithm that iteratively refines security strategies by contrasting group feedback collected from parallel SecLoop executions, thereby addressing the second challenge. Extensive real-world experiments on five benchmarks, including 11 MITRE ATT&CK processes and over 20 types of attacks, demonstrate the superiority of the proposed SecLoop and SA-GRPO. We will release our platform to the community, facilitating the advancement of security automation towards next generation communications.

Related papers

Adversarial Attack-Defense Co-Evolution for LLM Safety Alignment via Tree-Group Dual-Aware Search and Optimization [51.12422886183246]
Large Language Models (LLMs) have developed rapidly in web services, delivering unprecedented capabilities while amplifying societal risks.<n>Existing works tend to focus on either isolated jailbreak attacks or static defenses, neglecting the dynamic interplay between evolving threats and safeguards in real-world web contexts.<n>We propose ACE-Safety, a novel framework that jointly optimize attack and defense models by seamlessly integrating two key innovative procedures.
arXiv Detail & Related papers (2025-11-24T15:23:41Z)
MobiLLM: An Agentic AI Framework for Closed-Loop Threat Mitigation in 6G Open RANs [13.455356391515913]
We present an agentic AI framework for fully automated, end-to-end threat mitigation in 6G O-RAN environments.<n> MobiLLM orchestrates security through a modular multi-agent system powered by Large Language Models.<n>Initial evaluations demonstrate that MobiLLM can effectively identify and orchestrate complex mitigation strategies.
arXiv Detail & Related papers (2025-09-25T21:49:43Z)
CyGATE: Game-Theoretic Cyber Attack-Defense Engine for Patch Strategy Optimization [73.13843039509386]
This paper presents CyGATE, a game-theoretic framework modeling attacker-defender interactions.<n>CyGATE frames cyber conflicts as a partially observable game (POSG) across Cyber Kill Chain stages.<n>The framework's flexible architecture enables extension to multi-agent scenarios.
arXiv Detail & Related papers (2025-08-01T09:53:06Z)
Measuring Security in 5G and Future Networks [0.0]
Mobile networks, such as 5G and future generations such as 6G, play a pivotal role and must be considered as critical infrastructures.<n>We introduce a state machine model designed to capture the security life cycle of network functions.<n>We identify three essential security metrics -- attack surface exposure, impact of system vulnerabilities, and effectiveness of applied security controls.
arXiv Detail & Related papers (2025-05-09T04:24:17Z)
An LLM-based Self-Evolving Security Framework for 6G Space-Air-Ground Integrated Networks [49.605335601285496]
6G space-air-ground integrated networks (SAGINs) offer ubiquitous coverage for various mobile applications.<n>We propose a novel security framework for SAGINs based on Large Language Models (LLMs)<n>Our framework produces highly accurate security strategies that remain robust against a variety of unknown attacks.
arXiv Detail & Related papers (2025-05-06T04:14:13Z)
Towards Zero Touch Networks: Cross-Layer Automated Security Solutions for 6G Wireless Networks [39.08784216413478]
This paper proposes an automated security framework targeting Physical Layer Authentication and Cross-Layer Intrusion Detection Systems.<n>The proposed framework employs drift-adaptive online learning techniques and a novel enhanced Successive Halving (SH)-based Automated ML (AutoML) method to automatically generate optimized ML models for dynamic networking environments.
arXiv Detail & Related papers (2025-02-28T01:16:11Z)
An Approach To Enhance IoT Security In 6G Networks Through Explainable AI [1.9950682531209158]
6G communication has evolved significantly, with 6G offering groundbreaking capabilities, particularly for IoT.<n>The integration of IoT into 6G presents new security challenges, expanding the attack surface due to vulnerabilities introduced by advanced technologies.<n>Our research addresses these challenges by utilizing tree-based machine learning algorithms to manage complex datasets and evaluate feature importance.
arXiv Detail & Related papers (2024-10-04T20:14:25Z)
Penetration Testing of 5G Core Network Web Technologies [53.89039878885825]
We present the first security assessment of the 5G core from a web security perspective. We use the STRIDE threat modeling approach to define a complete list of possible threat vectors and associated attacks. Our analysis shows that all these cores are vulnerable to at least two of our identified attack vectors.
arXiv Detail & Related papers (2024-03-04T09:27:11Z)
Generative AI for Secure Physical Layer Communications: A Survey [80.0638227807621]
Generative Artificial Intelligence (GAI) stands at the forefront of AI innovation, demonstrating rapid advancement and unparalleled proficiency in generating diverse content. In this paper, we offer an extensive survey on the various applications of GAI in enhancing security within the physical layer of communication networks. We delve into the roles of GAI in addressing challenges of physical layer security, focusing on communication confidentiality, authentication, availability, resilience, and integrity.
arXiv Detail & Related papers (2024-02-21T06:22:41Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.