A study by researchers at Charles Darwin University (CDU) has revealed the potential for generative artificial intelligence or GenAI tools to become a crucial asset in the fight against cybercrime.
The study, conducted by researchers at the CDU Institute of Energy and Resources and the Christ Academy Institute for Advanced Studies in India, examined GenAI’s potential for penetration testing, a security test that identifies weak points in a cybersecurity system’s defenses.
Great tool for cybersecurity testing
“In the reconnaissance phase, ChatGPT can be used to collect information about the target system, network or organization with the aim of identifying potential vulnerabilities and attack vectors,” said Dr Shanmugam, Master of conferences at the CDU in information technologies.
“In the analysis phase, ChatGPT can be used to facilitate performing detailed analyzes of the target, particularly its network, systems and applications, in order to identify open ports, services and potential vulnerabilities.
“While ChatGPT has proven to be an excellent GenAI tool for penetration testing for earlier phases, it is most effective in exploiting remote machine vulnerabilities.”
Researchers were able to run a series of penetration tests including reconnaissance, scanning, vulnerability assessment, exploitation and reporting activities with ChatGPT, as well as attempt to anonymously connect to a server and download files, inspect web page source codes, and find data embedded in a file. archive.
Dr Shanmugam added that while the technology could revolutionize penetration testing, the use of AI to improve cybersecurity needs to be strictly monitored.
“Organizations must adopt best practices and guidelines, focusing on the responsible deployment of AI, data security and privacy, and fostering collaboration and information sharing,” he said. declared.
“In doing so, organizations can leverage the power of GenAI to better protect against an ever-changing threat landscape and maintain a secure digital environment for everyone.” »
