{"id":22290,"date":"2023-06-22T05:21:07","date_gmt":"2023-06-22T13:21:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/06\/22\/news-16020\/"},"modified":"2023-06-22T05:21:07","modified_gmt":"2023-06-22T13:21:07","slug":"news-16020","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2023\/06\/22\/news-16020\/","title":{"rendered":"And I Shall Call It Mini-Me GPT: Using Large Language Models to Classify the Uncharted Web"},"content":{"rendered":"

Credit to Author: gallagherseanm| Date: Thu, 22 Jun 2023 11:30:10 +0000<\/strong><\/p>\n

\n

While it may not seem as central to security as malware protection and breach detection, web content filtering plays an important role in ensuring regulatory compliance and the safety of workplaces as well as network security. Unlike security classification of URLs, which screens for malicious content such as malware or phishing, web filtering has to label content based not on attack mechanisms but the nature of its content, a much more generalized problem than checking for malicious patterns in the content behind the URL.<\/p>\n

Website category labels generally describe what the content or purpose of the site is. \u00a0Some categories are broad classifications such as \u201cbusiness,\u201d \u201ccomputers and internet\u201d, \u201cfood and dining\u201d and \u201centertainment\u201d. Others focus on intent, such as \u201cbanking,\u201d \u201cshopping,\u201d \u201csearch engines,\u201d \u201csocial media,\u201d \u201cjob search\u201d and \u201ceducation\u201d. And then there are categories that may include content of concern\u2014\u201dsexually explicit,\u201d \u201calcohol,\u201d \u201cmarijuana\u201d and \u201cweapons,\u201d for example. Organizations may want to set various policies for filtering or measuring the types of websites accessed from their networks.<\/p>\n

Sophos X-Ops has been researching ways to apply large language model (LLM) machine learning to web filtering to help catch the \u201clong tail\u201d of websites\u2014those millions of domains that have relatively few visitors and little or no visibility to human analysts. \u00a0LLMs themselves are not practical for this application because of their size and computational resource cost. But they can be used in turn as \u201cteacher\u201d models to train smaller models on categorization\u2014reducing the computational resources required to generate labels on the fly for newly encountered domains.<\/p>\n

Using LLMs such as OpenAI\u2019s GPT-3 and Google\u2019s T5 Large , the SophosAI team were able to train much smaller models to classify never-before-screened URLs on the fly. Most importantly, the methodology used here could be used to create small, economically deployable models based on the output of LLMs for other security tasks.<\/p>\n

The team\u2019s research, detailed in a recently published paper entitled \u201cWeb Content Filtering Through Knowledge Distillation of Large Language Models,\u201d<\/a>\u00a0 explores ways in which LLMs can be used to bolster existing human-driven site classification, and to build systems that can be deployed to perform real-time labeling of never-before-seen URLs.<\/p>\n

The \u201clong tail\u201d problem<\/h3>\n

Categorization of sites has relied largely on rule-based domain-to-category mapping, where analyst-crafted signatures are used to look for tell-tales in URLs to quickly assign labels to new domains. This sort of mapping is vital in speedy labeling of URLs on well-known sites and preventing false positives that block important content. The hands-on human identification of site classification patterns gets folded back into the domain mapping tools\u2019 feature sets.<\/p>\n

The problem comes with the \u201clong tail\u201d of websites\u2014those less-visited domains that typically don\u2019t get signatures assigned to them. With the daily emergence of thousands of new websites, and with over a billion existing websites, maintaining and scaling signature-based approaches manually for the long tail has become increasingly challenging. \u00a0That\u2019s evident in the steep drop-off of labeling for less-visited domains–while well-known, high-traffic sites get nearly 100 percent coverage in most labeling schemes, as shown in the diagram below, the proportion of analyst-labeled domains begins to fall off quickly beyond the top hundred visited domains. Sites ranked below the top 5000 are less than 50 percent likely to have been labeled for content.<\/p>\n

\"Figure<\/a><\/p>\n

Figure 1. Labeling of content relative to popularity of domains, derived from telemetry. One way to fix this is through application of machine learning for processing previously unlabeled domains. But up until now, most machine learning efforts (such as Microsoft\u2019s URLTran<\/a>) have used deep learning models to focus on the task of detecting security threats, rather than categorizing sites by content. These models could be retrained to perform multi-category classification, but they would require extremely large training sets of data. URLTran used over 1 million samples just for training on detection of malicious URLS.<\/p>\n

Automating with AI<\/h3>\n

That\u2019s where LLMs come in. Because they are pre-trained on massive amounts of unlabeled text, the SophosAI team believed that LLMs could be used to perform URL labeling more accurately and with much less initial data. When fine-tuned on data labeled with domain-propagation signatures, the SophosAI team found that LLMs have a 9% accuracy advantage over the state of the art model architecture from Microsoft when tackling the \u201clong tail\u201d categorization problem\u2014and only required a training set of thousands of URLs, rather than millions.<\/p>\n

The LLMs, using semantic relationships between the site classes and keywords within URLs in a smaller data set, were then used to create labels for an unlabeled set of data from long tail sites that were in turn used to train smaller models (the BERTiny and BERT-based URLTran transformer models and the 1D convolutional model eXpose). This \u201cknowledge distillation\u201d approach allowed the team to reach performance levels similar to that of the LLM with models 175 times smaller, reducing the number of parameters from 770 million to just 4 million.<\/p>\n

\"A<\/a>
Figure 2. \u00a0How knowledge distillation was used to create deployable models.<\/figcaption><\/figure>\n

While the most accurate sets of models created performed far better than models trained via \u201cdeep learning\u201d alone, their accuracy fell short of perfection\u2014even the best models scored under 50 percent accuracy. Many URLs failed to be properly labeled simply because they didn\u2019t have sufficient \u201csignals\u201d embedded in them, while others had keywords that could be associated with multiple classifications\u2014creating uncertainty that could only be clarified by deeper examination of the content behind the URL.<\/p>\n

\"Figures<\/a><\/p>\n

\"Smaller<\/a>
Figures 3 and 4. An accuracy plot of trained models. LLMs outperformed smaller models trained with deep learning, but the smaller models approached the same level of accuracy when the LLMs were used as teaching models. (Y axis in both charts are from 0 to 0.5 accuracy.)<\/figcaption><\/figure>\n

However, the T5 Large model performed reasonably well on categories that would potentially be filtered out, as shown in the confusion matrix below\u2014with gambling and peer-to-peer sharing sites having near-perfect labeling on test data. Alcohol, weapons, and pornography sites also had better than 60% true positive detection rates.<\/p>\n

\"Figure<\/a>
Figure 5. A confusion matrix showing the relationship between the labels the T5 Large model assigned to test URLs, and their true manually-assigned labels,<\/figcaption><\/figure>\n

There are several ways to improve this accuracy going forward that the SophosAI team has suggested. First, allowing for the assignment of multiple categories to a site would eliminate problems with category overlap. Augmenting the URL samples with retrieved HTML and images from them could also provide better \u00a0recognition of their categorization, And newer LLMs, such as GPT-4, could be used as a teacher.<\/p>\n

When combined with existing processes, this form of AI-based classification can greatly improve the handling of long tail websites. And there are other security-related tasks that the \u201cknowledge distillation\u201d methodology tested in this experiment could be applied to.<\/p>\n

For more details, see the paper authored by Tamas Voros, Sean Bergeron and Head of SophosAI Konstantin Berlin here on arxiv.org<\/a>.<\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n<\/p><\/div>\n

http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: gallagherseanm| Date: Thu, 22 Jun 2023 11:30:10 +0000<\/strong><\/p>\n

Sophos AI team employs GPT and other large language models as teachers to train smaller models to label websites.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[27031,29631,129,26474,28950,27030,29632,17384,29633],"class_list":["post-22290","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-ai-research","tag-bert","tag-featured","tag-gpt-3","tag-large-language-models","tag-sophos-x-ops","tag-t5-large-llm","tag-web-filtering","tag-website-categorization"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22290","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=22290"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22290\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=22290"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=22290"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=22290"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}