pith. sign in

arxiv: 2411.17058 · v2 · pith:Y27YLUYQnew · submitted 2024-11-26 · 💻 cs.CR · cs.AI

ThreatModeling-LLM: Automating Threat Modeling using Large Language Models for Banking System

classification 💻 cs.CR cs.AI
keywords threatmodelingbankingllmsdatasetmodelspromptthreatmodeling-llm
0
0 comments X
read the original abstract

Threat modeling is a crucial component of cybersecurity, particularly for industries such as banking, where the security of financial data is paramount. Traditional threat modeling approaches require expert intervention and manual effort, often leading to inefficiencies and human error. The advent of Large Language Models (LLMs) offers a promising avenue for automating these processes, enhancing both efficiency and efficacy. However, this transition is not straightforward due to three main challenges: (1) the lack of publicly available, domain-specific datasets, (2) the need for tailored models to handle complex banking system architectures, and (3) the requirement for real-time, adaptive mitigation strategies that align with compliance standards like NIST 800-53. In this paper, we introduce ThreatModeling-LLM, a novel and adaptable framework that automates threat modeling for banking systems using LLMs. ThreatModeling-LLM operates in three stages: 1) dataset creation, 2) prompt engineering and 3) model fine-tuning. We first generate a benchmark dataset using Microsoft Threat Modeling Tool (TMT). Then, we apply Chain of Thought (CoT) and Optimization by PROmpting (OPRO) on the pre-trained LLMs to optimize the initial prompt. Lastly, we fine-tune the LLM using Low-Rank Adaptation (LoRA) based on the benchmark dataset and the optimized prompt to improve the threat identification and mitigation generation capabilities of pre-trained LLMs.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 3 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. From Incomplete Architecture to Quantified Risk: Multimodal LLM-Driven Security Assessment for Cyber-Physical Systems

    cs.CR 2026-04 unverdicted novelty 5.0

    ASTRAL applies multimodal LLMs with prompt chaining and few-shot learning to synthesize CPS architectures from disparate sources, enabling adaptive threat identification and quantitative risk estimation, as supported ...

  2. An Organization-Scoped LLM Agent Runtime Architecture for Regulated Cybersecurity Operations

    cs.CR 2026-05 unverdicted novelty 4.0

    Proposes a typed Security Context enforced across LLM agent components, Runtime Core, Tool Adapter Layer, and HITL gates for auditable, scoped cybersecurity workflows.

  3. CyberAId: AI-Driven Cybersecurity for Financial Service Providers

    cs.AI 2026-05 unverdicted novelty 4.0

    CyberAId is a proposed on-premise multi-agent system that coordinates LLM subagents with classical security tools to improve threat response and regulatory alignment in financial services.