Advances in artificial intelligence are creating possibilities to use these methods in red team activities, such as cyberattacks. These AI attacks can automate the process of penetrating a target or collecting sensitive data while accelerating the pace of carrying out the attacks. This survey explores how AI is employed in cybersecurity attacks and what kind of targets are typical. We used scoping review methodology to sift through articles to find out AI methods, targets, and models that red teams can use to emulate cybercrime. Out of the 470 records screened, 11 were included in the review. Multiple cyberattack methods can be found to exploit sensitive data, systems, social media user profiles, passwords, and URLs. The use of AI in cybercrime to build versatile attack models poses a growing threat. Additionally, cybersecurity can use AI-based techniques to offer better protection tools to deal with those problems.
Authors
Mays Al-Azzawi, Dung Doan, Tuomo Sipola, Jari Hautamäki, Tero Kokkonen
Cite as
Al-Azzawi, M., Doan, D., Sipola, T., Hautamäki, J., Kokkonen, T. (2024). Artificial Intelligence Cyberattacks in Red Teaming: A Scoping Review. In: Rocha, Á., Adeli, H., Dzemyda, G., Moreira, F., Poniszewska-Marańda, A. (eds) Good Practices and New Perspectives in Information Systems and Technologies. WorldCIST 2024. Lecture Notes in Networks and Systems, vol 985. Springer, Cham. https://doi.org/10.1007/978-3-031-60215-3_13