CTIBench: A Benchmark for Evaluating LLMs in Cyber Threat Intelligence
This addresses the problem of assessing LLM reliability and accuracy in CTI for cybersecurity practitioners, but it is incremental as it builds on existing benchmark approaches.
The authors tackled the lack of benchmarks for evaluating large language models (LLMs) in cyber threat intelligence (CTI) by introducing CTIBench, a benchmark with multiple datasets, and evaluated several state-of-the-art models to provide insights into their strengths and weaknesses in CTI contexts.
Cyber threat intelligence (CTI) is crucial in today's cybersecurity landscape, providing essential insights to understand and mitigate the ever-evolving cyber threats. The recent rise of Large Language Models (LLMs) have shown potential in this domain, but concerns about their reliability, accuracy, and hallucinations persist. While existing benchmarks provide general evaluations of LLMs, there are no benchmarks that address the practical and applied aspects of CTI-specific tasks. To bridge this gap, we introduce CTIBench, a benchmark designed to assess LLMs' performance in CTI applications. CTIBench includes multiple datasets focused on evaluating knowledge acquired by LLMs in the cyber-threat landscape. Our evaluation of several state-of-the-art models on these tasks provides insights into their strengths and weaknesses in CTI contexts, contributing to a better understanding of LLM capabilities in CTI.