Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Review of Generative AI Methods in Cybersecurity

Yagmur Yigit, William J Buchanan, Madjid G Tehrani, Leandros Maglaras

TL;DR

The paper analyzes the dual-use nature of Generative AI in cybersecurity, addressing both defense enhancements and novel attack vectors. It provides a comprehensive survey of state-of-the-art GenAI deployments, detailing offensive capabilities (e.g., jailbreaking, prompt injection, social engineering, payload and malware generation) and defensive innovations (AI4CYBER, AGIR, secure coding, incident response, and dataset generation). Key contributions include a taxonomy of GenAI-enabled attacks, defense frameworks, ethical guideline proposals, and synthetic-data methodologies like PAC-GPT. The study highlights the need for robust ethical norms, governance, interdisciplinary collaboration, and balanced deployment to maximize GenAI’s protective potential while mitigating misuse.

Abstract

Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. This paper provides a comprehensive overview of the current state-of-the-art deployments of GenAI, covering assaults, jailbreaking, and applications of prompt injection and reverse psychology. This paper also provides the various applications of GenAI in cybercrimes, such as automated hacking, phishing emails, social engineering, reverse cryptography, creating attack payloads, and creating malware. GenAI can significantly improve the automation of defensive cyber security processes through strategies such as dataset construction, safe code development, threat intelligence, defensive measures, reporting, and cyberattack detection. In this study, we suggest that future research should focus on developing robust ethical norms and innovative defense mechanisms to address the current issues that GenAI creates and to also further encourage an impartial approach to its future application in cybersecurity. Moreover, we underscore the importance of interdisciplinary approaches further to bridge the gap between scientific developments and ethical considerations.

Review of Generative AI Methods in Cybersecurity

TL;DR

The paper analyzes the dual-use nature of Generative AI in cybersecurity, addressing both defense enhancements and novel attack vectors. It provides a comprehensive survey of state-of-the-art GenAI deployments, detailing offensive capabilities (e.g., jailbreaking, prompt injection, social engineering, payload and malware generation) and defensive innovations (AI4CYBER, AGIR, secure coding, incident response, and dataset generation). Key contributions include a taxonomy of GenAI-enabled attacks, defense frameworks, ethical guideline proposals, and synthetic-data methodologies like PAC-GPT. The study highlights the need for robust ethical norms, governance, interdisciplinary collaboration, and balanced deployment to maximize GenAI’s protective potential while mitigating misuse.

Abstract

Over the last decade, Artificial Intelligence (AI) has become increasingly popular, especially with the use of chatbots such as ChatGPT, Gemini, and DALL-E. With this rise, large language models (LLMs) and Generative AI (GenAI) have also become more prevalent in everyday use. These advancements strengthen cybersecurity's defensive posture and open up new attack avenues for adversaries as well. This paper provides a comprehensive overview of the current state-of-the-art deployments of GenAI, covering assaults, jailbreaking, and applications of prompt injection and reverse psychology. This paper also provides the various applications of GenAI in cybercrimes, such as automated hacking, phishing emails, social engineering, reverse cryptography, creating attack payloads, and creating malware. GenAI can significantly improve the automation of defensive cyber security processes through strategies such as dataset construction, safe code development, threat intelligence, defensive measures, reporting, and cyberattack detection. In this study, we suggest that future research should focus on developing robust ethical norms and innovative defense mechanisms to address the current issues that GenAI creates and to also further encourage an impartial approach to its future application in cybersecurity. Moreover, we underscore the importance of interdisciplinary approaches further to bridge the gap between scientific developments and ethical considerations.
Paper Structure (41 sections, 18 figures)

This paper contains 41 sections, 18 figures.

Table of Contents

  1. Introduction
  2. The Challenges of GenAI
  3. Related Works
  4. Attacking GenAI
  5. Jailbreaks
  6. Reverse psychology
  7. Prompt injection
  8. Cyber Offense
  9. Social engineering
  10. Phishing emails
  11. Automated hacking
  12. Attack payload generation
  13. Malware Code Generation
  14. Polymorphic malware
  15. Reversing cryptography
  16. ...and 26 more sections

Figures (18)

  • Figure 1: The timetable for GenAI development.
  • Figure 2: The jailbreaking response of ChatGPT 4.
  • Figure 3: The jailbreaking response of ChatGPT 4 after typing similar prompts with the current works.
  • Figure 4: The jailbreaking response of Google's Gemini.
  • Figure 5: The reverse psychology response of Google's Gemini.
  • ...and 13 more figures