βBack to feed
π§ AIπ’ BullishImportance 6/10
Towards Small Language Models for Security Query Generation in SOC Workflows
arXiv β CS AI|Saleha Muzammil, Rahul Reddy, Vishal Kamalakrishnan, Hadi Ahmadi, Wajih Ul Hassan||6 views
π€AI Summary
Researchers developed a three-stage framework using Small Language Models (SLMs) to automatically translate natural language queries into Kusto Query Language (KQL) for cybersecurity operations. The approach achieves high accuracy (98.7% syntax, 90.6% semantic) while reducing costs by up to 10x compared to GPT-4, potentially solving bottlenecks in Security Operations Centers.
Key Takeaways
- βSmall Language Models can effectively translate natural language to KQL queries with 98.7% syntax accuracy and 90.6% semantic accuracy.
- βThe three-stage framework combines error-aware prompting, LoRA fine-tuning with rationale distillation, and a two-stage architecture with SLM generation plus LLM refinement.
- βThe solution achieves up to 10x lower token costs compared to GPT-4 while maintaining high performance.
- βResults demonstrate generalizability across Microsoft's NL2KQL Defender dataset and Microsoft Sentinel data.
- βThis advancement could significantly reduce the specialized expertise bottleneck in scaling security operations centers.
#small-language-models#cybersecurity#kql#natural-language-processing#security-operations#cost-efficiency#microsoft#query-generation#enterprise-ai
Read Original βvia arXiv β CS AI
Act on this with AI
Stay ahead of the market.
Connect your wallet to an AI agent. It reads balances, proposes swaps and bridges across 15 chains β you keep full control of your keys.
Related Articles