Red Teaming with Artificial Intelligence-Driven Cyberattacks: A Scoping Review

TL;DR

This scoping review investigates how artificial intelligence facilitates cyberattacks and red-teaming activities, mapping AI attack methods and target categories across 11 studies screened from 470 records. It categorizes AI techniques into Classification, Regression, Clustering, and Other, with LSTM, GANs, and SVM emerging as prominent methods, and identifies targets such as general data, URLs, social media profiles, passwords, and systems. The study synthesizes offensive and defensive perspectives, highlighting AI-driven phishing, password-guessing, and data-targeted attacks, while proposing AI-based defense approaches like anomaly detection and automated threat response. The work underscores the growing threat of AI-enabled cyberattacks and the value of AI-assisted red-teaming to reveal vulnerabilities, calling for broader taxonomies and continued research into both robust defenses and attacker modeling.

Abstract

The progress of artificial intelligence (AI) has made sophisticated methods available for cyberattacks and red team activities. These AI attacks can automate the process of penetrating a target or collecting sensitive data. The new methods can also accelerate the execution of the attacks. This review article examines the use of AI technologies in cybersecurity attacks. It also tries to describe typical targets for such attacks. We employed a scoping review methodology to analyze articles and identify AI methods, targets, and models that red teams can utilize to simulate cybercrime. From the 470 records screened, 11 were included in the review. Various cyberattack methods were identified, targeting sensitive data, systems, social media profiles, passwords, and URLs. The application of AI in cybercrime to develop versatile attack models presents an increasing threat. Furthermore, AI-based techniques in red team use can provide new ways to address these issues.

Figures (1)

• Figure 1: Review process.