Using llms to simplify cyber security information

Datta, Prerit; Wojciechowski, Ryan

View/Open

Poster (428.2Kb)

Date

2025

Author

Datta, Prerit

Wojciechowski, Ryan

Metadata

Show full item record

Abstract

In this project, we explore the feasibility of large language models (LLMs) to generate simplified, human-readable explanations of cybersecurity vulnerabilities, specifically Common Vulnerabilities and Exposures (CVEs). CVE descriptions often contain dense terminology that makes them inaccessible to non-expert users. We also used Common Weakness Enumerations (CWEs) which oftentimes have overly technical jargon making it difficult for individuals to digest. The CWE reports help identify hardware and software weakness that are the root cause of security vulnerabilities. Our goal was to evaluate how well current LLMs can bridge this gap by translating technical content into user-friendly summaries under various instructional contexts. We experimented with multiple state-of-the-art open-source and API-based models, including DeepSeek R1, LLaMA 3.3B, Mistral, Gemini, Falcon, and Phi-4. A range of prompt templates were developed and tested.

Description

Department of Computer Science

Rights

File access restricted due to FERPA regulations

URI

http://dr.tcnj.edu/handle/2900/4421

Collections

MUSE (Mentored Undergraduate Summer Experience)