This study presents HuntGPT, a tool that integrates machine learning-based anomaly detection and Explainable AI (XAI) with Large Language Models (LLMs) for efficient threat hunting. Despite the effectiveness of machine learning in threat detection, its acceptance is hindered by challenges in training, maintaining models, and frequent false positives. XAI techniques are used to enhance the trustworthiness of AI systems. LLMs, through tuning, can discern patterns across a large amount of information. HuntGPT incorporates XAI frameworks like SHAP and Lime, and a GPT-3.5 Turbo conversational agent to deliver detected threats in an easily explainable format. The study investigates the system’s architecture, assesses its technical accuracy, and analyzes the quality of response readability.

 

Publication date: 29 Sep 2023
Project Page: Not provided
Paper: https://arxiv.org/pdf/2309.16021