AutoBnB: Multi-Agent Incident Response with Large Language Models

Abstract

Incident response (IR) is a critical aspect of cyberse-curity, requiring rapid decision-making and coordinated efforts to address cyberattacks effectively. Leveraging large language models (LLMs) as intelligent agents offers a novel approach to enhancing collaboration and efficiency in IR scenarios. This paper explores the application of LLM-based multi-agent col-laboration using the Backdoors & Breaches (B&B) framework, a tabletop game designed for cybersecurity training. We simulate realistic IR dynamics through various team structures, including centralized, decentralized, and hybrid configurations. By ana-lyzing agent interactions and performance across these setups, we provide insights into optimizing multi-agent collaboration for incident response. Our findings highlight the potential of LLMs to enhance decision-making, improve adaptability, and streamline IR processes, paving the way for more effective and coordinated responses to cyber threats.

Recommended citation: Liu, Zefang. "AutoBnB: Multi-Agent Incident Response with Large Language Models." 2025 13th International Symposium on Digital Forensics and Security (ISDFS). IEEE, 2025
[Download Paper] [Download Slides] [Download Code] [Visit Conference]