协作自主AI Agent系统及工业系统网络安全应用研究  被引量：2

作　　者：刘尚麟 陈怡多 黎珂 Liu Shanglin;Chen Yiduo;Li Ke(Industrial Information Security(Sichuan)Innovation Center Co.,Ltd,Chengdu Sichuan,610041)

机构地区：[1]工业信息安全(四川)创新中心有限公司,四川成都610041

出　　处：《工业信息安全》2023年第3期61-67,共7页Industry Information Security

摘　　要：ChatGPT系列大规模语言模型已可应用于安全审计、侦察、攻击、检测、防护、逆向工程、应急响应与漏洞修复等多个方面,但直接使用这类模型存在违反监管政策和泄露企业敏感信息等问题。本文在自主AI技术基础上,研究了应用于企业局域网的协作AI Agent安全应用系统,基于5种中等大规模语言模型和Langchain等工具开发了原型系统。经安全应用测试,原型系统的网络扫描、威胁处置方法、安全工具推荐、下载链接等指标可达到ChatGPT性能的70%以上,仅在一致性、稳定性、可重复性方面有所差距。研究成果可以继续通过中等规模模型能力提升和制定自然语言输入句型规范,以及中等规模LLM协作系统,将能力逐步提升到ChatGPT大规模语言模型能力水平,并保留不泄露企业敏感信息优势,这将是革命性智能化地改变工业系统网络安全的一种途径。The ChatGPT series of large-scale language models can be applied to various aspects of security auditing,reconnaissance,attack,detection,protection,reverse engineering,emergency response,and vulnerability repair.However,direct use of such models poses problems such as violating regulatory policies and leaking sensitive enterprise information.This paper presents a collaboration AI Agent security application system for enterprise LAN based on autonomous AI technology.A prototype system was developed based on five medium-scale language models and tools such as Langchain.Through security application testing,the prototype system’s network scanning,threat disposal methods,security tool recommendations,download links,and other indicators can achieve more than 70%of ChatGPT’s performance,with only differences in consistency,stability,and reproducibility.The research results can continue to improve the system’s ability through the medium-scale model’s ability to upgrade,the formulation of natural language input sentence pattern specifications,and the medium-scale LLM collaboration system’s performance improvement.This will be a revolutionary intelligent way to change the industrial system’s network security while retaining the advantage of not leaking sensitive enterprise information.

关 键 词：协作 自主AI AGENT 网络安全 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]