returnreturn
Artificial intelligence in Cybersecurity

BY:
Mauro Börner
SECURITY AUTOMATION ENGINEER

SHARE

Twitter Facebook Linkedin

Artificial intelligence in Cybersecurity

Since its prototype start in late November 2022, the AI-powered natural language processing tool has quickly amassed more than 1 million users, ChatGPT generated an incredibly large repercussion and value that we will discuss throughout this article, the general topics where this powerful tool will help us in the field of cybersecurity and also, why not, harm us.

illustrative image
Next we'll ask "our brilliant friend" about the tool and let ChatGPT "Tell us more about the subject in detail."

ChatGPT:
illustrative image
Continuation:

ChatGPT can be applied in cybersecurity for the awareness and analysis in the field of Phishing, you can ask questions about a specific activity to the tool and thus obtain answers by giving us practical examples with a Checklist of good practices to carry out and thus obtain great help. In addition to all of the above, we can use it to create automation scripts to perform specific tasks, analyze malicious activity extracted from logs and malware, consult on the creation of certain rules, programs, checklists and solutions that are applied in cybersecurity as well as on the use of cyber tools.

ChatGPT:

The fine-tuning process can be done by providing the model with a specific data set relevant to the task at hand. This allows the model to learn from the examples and improve its performance.
illustrative image
This is a brief summary of how much can be done with ChatGPT, as you will see, it has incredible power that would greatly benefit all areas of both cybersecurity and IT in general to solve, develop and investigate particular topics. Previously we summarized how it can help us in the broad fields of cybersecurity by seeing the good side, but now let's see a little more what it tells us, but this time referring to the Red Team or offensive security that in this case with unethical use could do great damage.

ChatGPT:

One way that ChatGPT can be used in offensive security is by generating plausible and convincing phishing emails, text messages, and other forms of communication. By training ChatGPT on examples of social engineering tactics, you can generate new tactics that can be used to test your organization's security awareness training and incident response capabilities. These can be used to test the organization's ability to detect and respond to phishing attempts, as well as to train employees on how to identify and report phishing. It can also be used to generate payloads, which are malicious code or scripts used to exploit vulnerabilities in systems and networks. By training ChatGPT on sample payloads, you can generate new payloads that are difficult for security systems to detect. This can be used to test the effectiveness of the organization's intrusion detection and prevention systems.

Next, we will show some examples of uses for defensive and offensive cybersecurity.

ChatGPT:

How to protect a small business network:
illustrative image
How to analyze a malicious email:
illustrative image
Example of a phishing email:
illustrative image
Python libraries to encrypt files on Windows (example in spanish):
illustrative image
Main limitations:

ChatGPT's reward model, designed around human oversight, can be over-optimized and therefore hinder performance, also known as Goodhart's law. In addition, ChatGPT has limited knowledge of the events that occurred after 2021 and cannot provide information about some celebrities. In training, reviewers preferred longer answers, regardless of actual understanding or factual content.

illustrative image
Main applications in cybersecurity:

   Creation of scripts.
   Analysis of malware.
   Consultations on the use of cybersecurity tools.
   Generation of Payloads.
   Creation of Playbooks.
   Write YARA rules.
   Develop Regex.
   Develop Regex.
   CTI (Cyber Threat Intelligence).
And much more.

Conclusions:

We summarized the ChatGPT (OpenAI) in the field of cybersecurity, with some simple examples of what it can give us, with some creativity something great could be done and this is just the beginning of what is to come, therefore junior cybersecurity professionals from the blue and red teams could greatly benefit with this new tool that can be used for good as well as for evil where script kiddies and black hat hackers with little knowledge could benefit by using the tool for malicious activities, so far many questions for illicit activity are being blocked and this is a big step since, therefore, more regulations will be seen in the future.

ChatGPT (OpenAI) a revolutionary tool.
illustrative image