Federated LLMS for Collaborative Cyber Threat Intelligence without Data Sharing
Abstract
Cyber threat Intelligence (CTI) is one of the main components of early detection and reduction of cyber threats yet it faces the challenge of data sharing due to isolation and non-management issues. This paper presents a Federated Learning-based system that allows the organizations to collectively train Large Language Models (LLMs) to analyze the potential threats without having to disclose the sensitive data. Models can be fine-tuned locally on user-owned data, and only updates to models are transmitted to a central server, therefore, data sovereignty is maintained. The system enhances the visibility of the threats and the ability to collaborate with the intelligence particularly when identifying a zero-day attack. It has an elaborate structure, workflow, and protection options, therefore, addressing the primary challenges of centralized CTI platforms, including seclusion and resistance to hostile invasion.