Skip to content
Information Technology, Research Development

Study tests if AI can help fight cybercrime

Charles Darwin University 2 mins read
Charles Darwin University academics led a study to see if Artificial Intelligence can help improve cybersecurity testing.

Artificial Intelligence (AI) could become a crucial asset to fight the growing global risk of cybercrime, a new study with Charles Darwin University (CDU) has found.

The study, led by researchers from CDU’s Energy and Resources Institute alongside Christ Academy Institute for Advanced Studies in India, examined if generative AI (GenAI) could be used in penetration testing, known as pentesting, which is a cybersecurity exercise aimed at identifying weak spots in a system’s defences.

Researchers used ChatGPT to run a series of pentesting activities in reconnaissance, scanning, vulnerability assessments, exploitation, and reporting activities.

Prompts included trying to anonymously log into a server and download files, inspect source codes of webpages, and find data embedded within an archive.

Co-author and CDU Senior Lecturer in Information Technology Dr Bharanidharan Shanmugam said the purpose of the study was to explore whether AI could be used to automate some pentesting activities, with the results showing ChatGPT had enormous potential.

“In the reconnaissance phase, ChatGPT can be used for gathering information about the target system, network, or organisation for the purpose of identifying potential vulnerabilities and attack vectors,” Dr Shanmugam said.

“In the scanning phase, ChatGPT can be used to aid in performing detailed scans of the target particularly their network, systems and applications to identify open ports, services, and potential vulnerabilities.

“While ChatGPT proved to be an excellent GenAI tool for pentesting for the previous phases, it shown the greatest in exploiting the vulnerabilities of the remote machine.”

Dr Shanmugam added while the technology could revolutionise pentesting, use of AI to improve cybersecurity must be strictly monitored.

“Organisations must adopt best practices and guidelines, focusing on responsible AI deployment, data security and privacy, and fostering collaboration and information sharing,” he said.

“By doing so, organisations can leverage the power of GenAI to better protect themselves against the ever-evolving threat landscape and maintain a secure digital environment for all.”

Generative AI for pentesting: the good, the bad, the ugly was published in the International Journal of Information Security.


Contact details:

Emily Bostock
Acting Research Communications Officer

T: +61 8 8946 6529
M: 0432 417 518
E: 
media@cdu.edu.au

Media

More from this category

  • Information Technology
  • 18/04/2024
  • 19:07
Egress Software Technologies Ltd

New Egress Report Reveals Millennials are the Key Target, as AI, Quishing, and Multi-channel Attacks Top Phishing Trends

Brisbane, Australia.– April 18th, 2024 – Leading cybersecurity company Egress has today launched its third Phishing Threat Trends Report 2024 (April 2024), detailing key trends, new data, and threat intelligence insights surrounding phishing attacks. The report explores evolving payloads, AI’s rise in cybercrime, the success of multi-channel attacks, and how secure email gateways (SEGs) are trailing behind in an advancing threat landscape. Key stats from the Phishing Threat Trends Report (April 2024): Quishing has risen from 0.8% in 2021 to 10.8% in 2024, whereas attachment-based payloads halved from 72.7% to 35.7% in the same timeframe. 77% of impersonation attacks imitated well-known brands. DocuSign…

  • Community, Research Development
  • 18/04/2024
  • 17:35
La Trobe University

New research examines the impact of sexual abuse in regional and rural Victoria

La Trobe University, in partnership with Centre Against Sexual Violence Central Victoria (CASA-CV), has released the findings of an important study highlighting the struggles of rural and regional victim survivors in the pursuit of justice. This research, conducted in a collaboration between the two organisations, highlights the unique experiences and obstacles that survivors in regional and rural areas face. Recent La Trobe PhD student Dr Emily Corbett conducted the comprehensive industry-based study to examine the sexual revictimisation of rural and regional women, and her findings will inform future research, practice and policy recommendations.Dr Corbett said that while research shows women…

  • Agriculture Farming Rural, Information Technology
  • 18/04/2024
  • 15:39
TP-Link Australia / New Zealand

Introducing TP-Link’s Omada EAP215 Bridge KIT with an Impressive 5km Range!

Sydney, AUSTRALIA, 18 April 2024 – Network innovator TP-Link continues to deliverpractical solutions designed to revolutionalise wireless connectivity with the announcement of a new…

  • Contains:

Media Outreach made fast, easy, simple.

Feature your press release on Medianet's News Hub every time you distribute with Medianet. Pay per release or save with a subscription.