Large language models for cyber resilience: A comprehensive review, challenges, and future perspectives

Interconnect cyber system is used by various users and organizations worldwide to perform different activities. These activities are combined with digital information and systems around the organizations to obtain higher accuracy and performance. However, these combinations of activities have faced cyber threats and attacks by single or multiple attackers. So, protecting and saving users' and organizations' sensitive data is a big challenge. So, the cyber resilience concept refers to the ability to prepare, absorb, recover, and adapt against cyberattacks and threats. It is used to mitigate cyberattacks and risks by the ability of the system to recover from threats. Artificial intelligence models enhance cyber resilience using machine learning and deep learning models. One of the most common components of artificial intelligence is large language models (LLM). It is used to understand language from text data and extract features to predict future words or missing in text datasets. LLM can enhance cyber resilience by providing various benefits for users and organizations. We divide the cyber resilience strategies into five parts. We review the LLM in each part, including security posture, data privacy and protection, security awareness, network security, and security automation. The fundamentals of LLMs are introduced as pretrained models, transformers, encoders, and decoders. Then, we review the challenges of LLM in cyber resilience and cyber defense methods to overcome these challenges. We applied the LLM into three case studies including two for email spam text classifications and one for cyber threat detection. We obtained higher accuracy including 96.67 %, 90.70 %, and 89.94 % from three case studies respectively. Then we compared our LLM with other traditional machine learning models. The results show the LLM has higher accuracy, precision, recall, and f1 score compared with other models. Finally, the future directions of LLM in cyber resilience are provided.