Abstract
Advances in artificial intelligence are creating possibilities to use these methods in red team activities, such as cyberattacks. These AI attacks can automate the process of penetrating a target or collecting sensitive data while accelerating the pace of carrying out the attacks. This survey explores how AI is employed in cybersecurity attacks and what kind of targets are typical. We used scoping review methodology to sift through articles to find out AI methods, targets, and models that red teams can use to emulate cybercrime. Out of the 470 records screened, 11 were included in the review. Multiple cyberattack methods can be found to exploit sensitive data, systems, social media user profiles, passwords, and URLs. The use of AI in cybercrime to build versatile attack models poses a growing threat. Additionally, cybersecurity can use AI-based techniques to offer better protection tools to deal with those problems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Department of Defence Interface Standard, Common Warfighting Symbology. Standard MIL-STD-2525C, United States of America, Department of Defence (2008)
Brundage, M., et al.: The malicious use of artificial intelligence: forecasting, prevention, and mitigation. arXiv preprint arXiv:1802.07228 (2018)
Brynielsson, J., Franke, U., Tariq, M.A., Varga, S.: Using cyber defense exercises to obtain additional data for attacker profiling. In: 2016 IEEE Conference on Intelligence and Security Informatics (ISI), pp. 37–42 (2016). https://doi.org/10.1109/ISI.2016.7745440
Clinton, L. (ed.): Cybersecurity for Business. Kogan Page, London (2022)
Computer Security Resource Center (CSRC) of National Institute of Standards and Technology (NIST). The Glossary of Terms and Definitions Extracted Verbatim from NIST’s Cybersecurity- and Privacy-Related Publications. https://csrc.nist.gov/glossary/term/red_team. Accessed 15 Sept 2023
Ghafir, I., Prenosil, V.: Advanced persistent threat and spear phishing emails. In: Hrubý, M. (ed.) Proceedings of the International Conference Distance Learning, Simulation and Communication ‘DLSC 2015’, pp. 34–41. University of Defence, Brno (2015)
Guembe, B., Azeta, A., Misra, S., Osamor, V.C., Fernandez-Sanz, L., Pospelova, V.: The emerging threat of AI-driven cyber attacks: a review. Appl. Artif. Intell. 36(1), 2037254 (2022)
Kaloudi, N., Li, J.: The AI-based cyber threat landscape: a survey. ACM Comput. Surv. 53(1), 1–34 (2020)
Kick, J.: Cyber exercise playbook (2014). https://www.mitre.org/news-insights/publication/cyber-exercise-playbook. Accessed 15 Sept 2023
King, T.C., Aggarwal, N., Taddeo, M., Floridi, L.: Artificial intelligence crime: an interdisciplinary analysis of foreseeable threats and solutions. Sci. Eng. Ethics 26, 89–120 (2020)
Kokkonen, T., Puuska, S.: Blue team communication and reporting for enhancing situational awareness from white team perspective in cyber security exercises. In: Galinina, O., Andreev, S., Balandin, S., Koucheryavy, Y. (eds.) Internet of Things, Smart Spaces, and Next Generation Networks and Systems. LNCS, vol. 11118, pp. 277–288. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01168-0_26
Longbine, D.F.: Red Teaming: Past and Present. School of Advanced Military Studies, Fort Leavenworth (2008)
McGowan, J., et al.: Reporting scoping reviews—PRISMA ScR extension. J. Clin. Epidemiol. 123, 177–179 (2020). https://doi.org/10.1016/j.jclinepi.2020.03.016
Munn, Z., Peters, M.D., Stern, C., Tufanaru, C., McArthur, A., Aromataris, E.: Systematic review or scoping review? guidance for authors when choosing between a systematic or scoping review approach. BMC Med. Res. Methodol. 18, 1–7 (2018)
NATO Standardization Office (NSO). NATO standard app-6, NATO joint military symbology. Standard Edition D, Version 1, North Atlantic Treaty Organization (NATO) (2017)
Pistono, F., Yampolskiy, R.V.: Unethical research: how to create a malevolent artificial intelligence. In: Proceedings of Ethics for Artificial Intelligence Workshop (AI-Ethics-2016), pp. 1–7 (2016)
Renaud, K., Warkentin, M., Westerman, G.: From ChatGPT to HackGPT: meeting the cybersecurity threat of generative AI. MIT Sloan Management Review (2023). Reprint #64428
Smith, J., Theisen, C., Barik, T.: A case study of software security red teams at Microsoft. In: 2020 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC), pp. 1–10. IEEE (2020). https://doi.org/10.1109/VL/HCC50065.2020.9127203
Sommestad, T., Hallberg, J.: Cyber security exercises and competitions as a platform for cyber security experiments. In: Jøsang, A., Carlsson, B. (eds.) Secure IT Systems. LNCS, vol. 7617, pp. 47–60. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34210-3_4
Truong, T.C., Diep, Q.B., Zelinka, I.: Artificial intelligence in the cyber domain: offense and defense. Symmetry 12(3), 410 (2020)
Wang, C., Chen, J., Yang, Y., Ma, X., Liu, J.: Poisoning attacks and countermeasures in intelligent networks: status quo and prospects. Digit. Commun. Netw. 8(2), 225–234 (2022)
Wang, W., Siau, K.: Artificial intelligence, machine learning, automation, robotics, future of work and future of humanity: a review and research agenda. J. Datab. Manag. 30(1), 61–79 (2019). https://doi.org/10.4018/JDM.2019010104
Ward, D., Wooderson, P.: Automotive Cybersecurity: An Introduction to ISO/SAE 21434, p. 106. SAE International (2021)
Wilhelmson, N., Svensson, T.: Handbook for planning, running and evaluating information technology and cyber security exercises. In: The Swedish National Defence College, Center for Asymmetric Threats Studies (CATS) (2014)
Yamin, M.M., Ullah, M., Ullah, H., Katt, B.: Weaponized AI for cyber attacks. J. Inf. Secur. Appl. 57, 102722 (2021)
Yuen, J.: Automated Cyber Red Teaming. DSTO Defence Science and Technology Organisation, Edinburgh (2015)
Zhou, W.C., Sun, S.L.: Red Teaming Strategy: Huawei’s Organizational Learning and Resilience, pp. 299–317. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-47579-6_13
Zouave, E., Bruce, M., Colde, K., Jaitner, M., Rodhe, I., Gustafsson, T.: Artificially intelligent cyberattacks. Tech. Rep. FOI, Swedish Defence Research Agency, FOI (2020)
Acknowledgements
This research was partially funded by the Resilience of Modern Value Chains in a Sustainable Energy System project, co-funded by the European Union and the Regional Council of Central Finland (grant number J10052). The authors would like to thank Ms. Tuula Kotikoski for proofreading the manuscript.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Al-Azzawi, M., Doan, D., Sipola, T., Hautamäki, J., Kokkonen, T. (2024). Artificial Intelligence Cyberattacks in Red Teaming: A Scoping Review. In: Rocha, Á., Adeli, H., Dzemyda, G., Moreira, F., Poniszewska-Marańda, A. (eds) Good Practices and New Perspectives in Information Systems and Technologies. WorldCIST 2024. Lecture Notes in Networks and Systems, vol 985. Springer, Cham. https://doi.org/10.1007/978-3-031-60215-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-031-60215-3_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-60214-6
Online ISBN: 978-3-031-60215-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)