Differences from other models

General-purpose models such as ChatGPT and Claude have broad knowledge and are used in a variety of fields. Foundation AI, on the other hand, is specialized for the security field and is optimized for deep understanding of specialized knowledge such as MITRE ATT&CK and CVE. This allows for more accurate responses in security-specific tasks such as threat analysis and attack scenario inference. This model is also lightweight enough to run on a laptop, and can be used as a security-specific LLM with high accuracy despite being a local LLM. This allows for the use of AI without transmitting confidential data externally.

MITRE ATT&CK Classification Accuracy Comparison

We built a chatbot using Foundation AI and the standard model (llama-3.1-instract-model) in our in-house environment and tested it to see what differences there were in the responses.

Some of the results are listed below.
Test Prompt

Please organize the following threat intelligence information based on MITRE ATT&CK tactics and techniques. Information: "The attacker used PowerShell to collect credentials and communicate with a C2 server to exfiltrate data."

result
Foundation AI (there was no problem with the answers)

- **Tactics:** - T1059.001: PowerShell - T1003: OS Credential Dumping - T1071.001: Application Layer Protocol: Web Protocols (Communicating with C2 Server) - T1041: Exfiltration Over C2 Channel (Exfiltration of Data) - **Techniques:** - T1059.001: Using PowerShell to Execute Scripts - T1003: Attacker Extracts Credentials from the System - T1071.001: Using Web Protocols to Communicate with C2 Server - T1041: Exfiltration of Data Over the C2 Channel.

llama-3.1 (Answer the number that does not match the MITRE number)

#### 1. **Actions Performed by the Attacker** -×**T1110** **Browser Manipulation**: The attacker used PowerShell. ○※T1110: Credential Stuffing-×**T1210** **Local Asset Manipulation**: The attacker gathered credentials. ○※T1210: Exploitation of Remote Services-×**T1046** **Command and Control**: The attacker communicated with a C2 server. ○※T1046: Techniques for obtaining a list of network services-×**T1005** **Data Collection**: The attacker transmitted data externally. ○※T1005: Data Collection is an internal data aggregation within the system. #### 2. **Attacker's Objective** - **TA0001** **Information Gathering**: The attacker gathered credentials. - **TA0010:** **Control**: The attacker communicated with the C2 server. - **TA0011:** **Data Theft**: The attacker sent data externally. #### 3. **Tools/Techniques Used by the Attacker** -**T1052:** **Program Execution**: The attacker used PowerShell. ※T1052: Data Storage Cycling

chatGPT-4o (The content is almost the same as FoundationAI and there are no problems)

Tactics: Credential Access: Attackers harvest credentials. Command and Control: Attackers communicate with C2 servers. Exfiltration: Data is exfiltrated. Techniques: PowerShell (T1059.001): Uses PowerShell to harvest credentials. Application Layer Protocol (T1071): Uses a protocol to communicate with C2 servers. Automated Exfiltration (T1020): Data is exfiltrated.

Unlike the standard model, this model provided highly accurate answers to security-related questions, comparable to chatGPT-4o. (As the author, I felt that the answers were more detailed than those provided by chatGPT-4o. Furthermore, because it is lightweight and runs on-premise, I felt that it had the potential to significantly streamline the individual tasks of security analysts.)

Log analysis

Next, let's try to see how well we can analyze the logs.
This time, we will only list the results of FoundationAI.

(simple chat app)

Based on the logs we provided, they provided us with attack indicators and suggested appropriate responses.

This model is open source, so if you're interested, why not try building it yourself? Although not described in this article, we have confirmed that by reading alerts from the security products we use, it can output an overview of the alerts, classify them based on MITRE ATT&CK, and present recommended countermeasures.

As a local LLM, I personally feel that being able to utilize AI while ensuring the privacy of confidential data will be extremely beneficial for SOC personnel.

Disclaimer

• The response examples shown in this article are test results from our environment, and execution results may vary depending on the environment and model version.
• The verification in this article is for educational and enlightenment purposes, and misuse of the LLM is strictly prohibited.
• The comparison results are an example of our environment and are not intended to undermine the evaluation of any particular model.