{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,16]],"date-time":"2026-05-16T02:14:39Z","timestamp":1778897679464,"version":"3.51.4"},"reference-count":25,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-017"},{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"},{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-012"},{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,7,1]],"date-time":"2026-07-01T00:00:00Z","timestamp":1782864000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-004"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computer Networks"],"published-print":{"date-parts":[[2026,7]]},"DOI":"10.1016\/j.comnet.2026.112349","type":"journal-article","created":{"date-parts":[[2026,5,9]],"date-time":"2026-05-09T23:12:37Z","timestamp":1778368357000},"page":"112349","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["Towards generic defensive cyber agents: Leveraging large language models and RAG-based few-shot learning"],"prefix":"10.1016","volume":"285","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8045-8745","authenticated-orcid":false,"given":"Muhammad Omer","family":"Farooq","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"issue":"8","key":"10.1016\/j.comnet.2026.112349_b1","doi-asserted-by":"crossref","first-page":"3779","DOI":"10.1109\/TNNLS.2021.3121870","article-title":"Deep reinforcement learning for cyber security","volume":"34","author":"Nguyen","year":"2023","journal-title":"IEEE Trans. Neural Netw. Learn. Syst."},{"key":"10.1016\/j.comnet.2026.112349_b2","unstructured":"T.B. Brown, B. Mann, N. Ryder, M. Subbiah, J. Kaplan, P. Dhariwal, A. Neelakantan, P. Shyam, G. Sastry, A. Askell, S. Agarwal, A. Herbert-Voss, G. Krueger, T. Henighan, R. Child, A. Ramesh, D.M. Ziegler, J. Wu, C. Winter, C. Hesse, M. Chen, E. Sigler, M. Litwin, S. Gray, B. Chess, J. Clark, C. Berner, S. McCandlish, A. Radford, I. Sutskever, D. Amodei, Language models are few-shot learners, in: Proceedings of the 34th International Conference on Neural Information Processing Systems, 2020."},{"key":"10.1016\/j.comnet.2026.112349_b3","series-title":"LLaMA: Open and efficient foundation language models","author":"Touvron","year":"2023"},{"key":"10.1016\/j.comnet.2026.112349_b4","unstructured":"P. Lewis, E. Perez, A. Piktus, F. Petroni, V. Karpukhin, N. Goyal, H. K\u00fcttler, M. Lewis, W.-t. Yih, T. Rockt\u00e4schel, S. Riedel, D. Kiela, Retrieval-augmented generation for knowledge-intensive NLP tasks, in: Proceedings of the 34th International Conference on Neural Information Processing Systems, 2020."},{"key":"10.1016\/j.comnet.2026.112349_b5","first-page":"1252","article-title":"Autonomous network defence using reinforcement learning","author":"Foley","year":"2022"},{"key":"10.1016\/j.comnet.2026.112349_b6","series-title":"Hierarchical multi-agent reinforcement learning for cyber network defense","author":"Singh","year":"2025"},{"issue":"2","key":"10.1016\/j.comnet.2026.112349_b7","article-title":"Combining supervised and reinforcement learning to build a generic defensive cyber agent","volume":"5","author":"Farooq","year":"2025","journal-title":"J. Cybersecur. Priv."},{"key":"10.1016\/j.comnet.2026.112349_b8","doi-asserted-by":"crossref","first-page":"209320","DOI":"10.1109\/ACCESS.2020.3038605","article-title":"A gentle introduction to reinforcement learning and its application in different fields","volume":"8","author":"Naeem","year":"2020","journal-title":"IEEE Access"},{"key":"10.1016\/j.comnet.2026.112349_b9","series-title":"Cage challenge 2","year":"2024"},{"key":"10.1016\/j.comnet.2026.112349_b10","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1186\/s42400-025-00361-w","article-title":"When LLMs meet cybersecurity: a systematic literature review","volume":"8","author":"Zhang","year":"2025","journal-title":"Cybersecurity"},{"key":"10.1016\/j.comnet.2026.112349_b11","series-title":"Mistral 7B","author":"Jiang","year":"2023"},{"key":"10.1016\/j.comnet.2026.112349_b12","series-title":"Google\/Gemma-7b","author":"Face","year":"2024"},{"key":"10.1016\/j.comnet.2026.112349_b13","series-title":"Llama 2: Open foundation and fine-tuned chat models","author":"Touvron","year":"2023"},{"key":"10.1016\/j.comnet.2026.112349_b14","series-title":"Phi-3 technical report: A highly capable language model","author":"Abdin","year":"2024"},{"key":"10.1016\/j.comnet.2026.112349_b15","series-title":"DeepSeek-R1-Distill-Qwen-1.5B: The best small-sized LLM?","author":"Medium","year":"2025"},{"issue":"1","key":"10.1016\/j.comnet.2026.112349_b16","article-title":"Cyberattack event and arguments extraction based on few-shot learning","volume":"15","author":"Han","year":"2025","journal-title":"Sci. Rep."},{"key":"10.1016\/j.comnet.2026.112349_b17","series-title":"Network environment design for autonomous cyberdefense","author":"Molina-Markham","year":"2021"},{"key":"10.1016\/j.comnet.2026.112349_b18","series-title":"Unified emulation-simulation training environment for autonomous cyber agents","author":"Li","year":"2023"},{"key":"10.1016\/j.comnet.2026.112349_b19","series-title":"Cyber battle sim","year":"2025"},{"key":"10.1016\/j.comnet.2026.112349_b20","series-title":"CybORG: An autonomous cyber operations research gym","author":"Baillie","year":"2020"},{"key":"10.1016\/j.comnet.2026.112349_b21","series-title":"OpenAI gym","year":"2025"},{"key":"10.1016\/j.comnet.2026.112349_b22","series-title":"On autonomous agents in a cyber defence environment","author":"Kiely","year":"2023"},{"key":"10.1016\/j.comnet.2026.112349_b23","series-title":"A multiagent cyberbattlesim for RL cyber operation agents","author":"Kunz","year":"2023"},{"key":"10.1016\/j.comnet.2026.112349_b24","series-title":"2024 IFIP Networking Conference","first-page":"515","article-title":"A generic blue agent training framework for autonomous cyber operations","author":"Farooq","year":"2024"},{"key":"10.1016\/j.comnet.2026.112349_b25","series-title":"Optuna: A hyperparameter optimization framework","year":"2025"}],"container-title":["Computer Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1389128626003610?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1389128626003610?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,5,16]],"date-time":"2026-05-16T01:48:59Z","timestamp":1778896139000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S1389128626003610"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,7]]},"references-count":25,"alternative-id":["S1389128626003610"],"URL":"https:\/\/doi.org\/10.1016\/j.comnet.2026.112349","relation":{},"ISSN":["1389-1286"],"issn-type":[{"value":"1389-1286","type":"print"}],"subject":[],"published":{"date-parts":[[2026,7]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Towards generic defensive cyber agents: Leveraging large language models and RAG-based few-shot learning","name":"articletitle","label":"Article Title"},{"value":"Computer Networks","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.comnet.2026.112349","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 Elsevier B.V. All rights are reserved, including those for text and data mining, AI training, and similar technologies.","name":"copyright","label":"Copyright"}],"article-number":"112349"}}