2025-01-27: LLM Driven Behavioral Analysis for Adaptive Intrusion Detection in IoT Networks - Funded by CCI

I am delighted to receive the Commonwealth Cyber Initiative Grant for $100,000 to support our collaborative proposal, “Adaptive Intrusion Detection in IoT Networks Using LLM-Driven Behavioral Analysis and Deep Reinforcement Learning” beginning in January 2025. This is a collaborative work with Dr. Neda Moghim and Virginia Tech.

 Figure 1: Project Plan and Tasks

This research project explores the integration of Deep Reinforcement Learning (DRL), Large Language Models (LLMs), neuro-symbolic AI, and wireless networking to create adaptive intrusion detection systems for Internet of Things (IoT) networks. The central research question focuses on developing resilient IoT systems capable of recovering swiftly from cyberattacks without degrading the user experience. To address this, the project introduces several key innovations.

First, an adaptive prompt-generation system is proposed using DRL to optimize LLM queries in real-time by tracking the evolving nature of cyberattacks. This system incorporates an evolving Retrieval-Augmented Generation (RAG) mechanism that retrieves relevant knowledge from scholarly sources, enabling LLMs to effectively formulate mitigation strategies against dynamic threats.

Second, the project seeks to improve LLM detection capabilities for complex attack scenarios, including Advanced Persistent Threats (APTs), zero-day exploits, and multi-stage attacks. A novel DRL-LLM framework is developed using neuro-symbolic AI to enhance generalizability and improve sample efficiency, evaluated against data-driven state-of-the-art systems.

Lastly, resilience metrics are formulated to measure IoT network disruption times during various cyberattacks, with the aim of minimizing downtime. The system’s effectiveness will be demonstrated across different IoT domains—e.g. healthcare, smart homes, and industrial control systems—validating its ability to detect and mitigate attacks using the proposed resilience framework.

--Faryaneh Poursardar (@Faryane)