←Back to feed
🧠 AI🟢 BullishImportance 6/10
Towards Small Language Models for Security Query Generation in SOC Workflows
arXiv – CS AI|Saleha Muzammil, Rahul Reddy, Vishal Kamalakrishnan, Hadi Ahmadi, Wajih Ul Hassan||6 views
🤖AI Summary
Researchers developed a three-stage framework using Small Language Models (SLMs) to automatically translate natural language queries into Kusto Query Language (KQL) for cybersecurity operations. The approach achieves high accuracy (98.7% syntax, 90.6% semantic) while reducing costs by up to 10x compared to GPT-4, potentially solving bottlenecks in Security Operations Centers.
Key Takeaways
- →Small Language Models can effectively translate natural language to KQL queries with 98.7% syntax accuracy and 90.6% semantic accuracy.
- →The three-stage framework combines error-aware prompting, LoRA fine-tuning with rationale distillation, and a two-stage architecture with SLM generation plus LLM refinement.
- →The solution achieves up to 10x lower token costs compared to GPT-4 while maintaining high performance.
- →Results demonstrate generalizability across Microsoft's NL2KQL Defender dataset and Microsoft Sentinel data.
- →This advancement could significantly reduce the specialized expertise bottleneck in scaling security operations centers.
#small-language-models#cybersecurity#kql#natural-language-processing#security-operations#cost-efficiency#microsoft#query-generation#enterprise-ai
Read Original →via arXiv – CS AI
Act on this with AI
Stay ahead of the market.
Connect your wallet to an AI agent. It reads balances, proposes swaps and bridges across 15 chains — you keep full control of your keys.
Related Articles