Inteligencia artificial generativa en el ámbito de la ciberseguridad: una revisión sistemática de literatura

Autores/as

DOI:

https://doi.org/10.56048/MQR20225.8.3.2024.556-578

Palabras clave:

inteligencia artificial generativa; gen IA; ciberseguridad; detección de amenazas; privacidad

Resumen

La presente Revisión Sistemática de Literatura (RSL) tiene por objetivo identificar el estado actual de la Inteligencia Artificial Generativa (Gen IA) en el ámbito de la Ciberseguridad, investigando también sus aplicaciones, técnicas, desafíos éticos, riesgos y limitaciones . Se utilizó la metodología propuesta por Barbara Kitchenham, dejando como resultado 31 trabajos de investigación distribuidas en seis bases de datos de prestigio investigativo en el área, que permitieron identificar información relevante y ayudaron a responder las preguntas de investigación planteadas. La tecnología de Inteligencia Artificial Generativa ofrece diversas aplicaciones prometedoras en el ámbito de la ciberseguridad, dentro de los principales descubrimientos de la Gen IA, facilita la identificación de vulnerabilidades y la prevención de amenazas, analiza código malicioso, mejora la seguridad de la red, simula escenarios de ciberseguridad, genera datos sintéticos para entrenar modelos de IA y fomenta la educación. Sin embargo, a los ciberdelincuentes les ayuda a perfeccionar algunas habilidades como la generación de phishing, ransomware, creación de deepfakes, generación de código malicioso y facilita la desinformación. Como conclusión para el presente trabajo de investigación, podemos decir que la Gen IA, se está utilizando tanto para los equipos de defensa o personal se seguridad informática, como también los ciberdelincuentes para llevar a cabo sus ataques en ciberseguridad, esto presenta algunas limitaciones, riesgos y desafíos éticos.

 

Descargas

Los datos de descargas todavía no están disponibles.

Métricas

Cargando métricas ...

    Cited

    DOI: 10.56048DOI

Biografía del autor/a

Robin Lenin Cordova-Alvarado, UNIVERSIDAD CATÓLICA DE CUENCA - UCACUE

Miguel Santiago Andrade-López, UNIVERSIDAD CATÓLICA DE CUENCA - UCACUE

Manuel Salvador Álvarez-Vera, UNIVERSIDAD CATÓLICA DE CUENCA - UCACUE

Citas

Bengesi, S., El-Sayed, H., Sarker, K., Houkpati, Y., Irungu, J., & Oladunni, T. (n.d.). Advancements in Generative AI: A Comprehensive Review of GANs, GPT, Autoencoders, Diffusion Model, and Transformers. https://towardsdatascience.com/applied-deep-learning-part-3-

Cambiaso, E., & Caviglione, L. (2023). Scamming the Scammers: Using ChatGPT to Reply Mails for Wasting Time and Resources. http://ceur-ws.org

Campbell, M., & Jovanovic, M. (2024). Disinfecting AI: Mitigating Generative AI’s Top Risks. In Computer (Vol. 57, Issue 5, pp. 111–116). IEEE Computer Society. https://doi.org/10.1109/MC.2024.3374433

Cao, Y., Li, S., Liu, Y., Yan, Z., Dai, Y., Yu, P. S., & Sun, L. (2023). A Comprehensive Survey of AI-Generated Content (AIGC): A History of Generative AI from GAN to ChatGPT. http://arxiv.org/abs/2303.04226

Capodieci, N., Sanchez-Adames, C., Harris, J., & Tatar, U. (2024). The Impact of Generative AI and LLMs on the Cybersecurity Profession. 2024 Systems and Information Engineering Design Symposium (SIEDS), 448–453. https://doi.org/10.1109/SIEDS61124.2024.10534674

Charfeddine, M., Kammoun, H. M., Hamdaoui, B., & Guizani, M. (2024). ChatGPT’s Security Risks and Benefits: Offensive and Defensive Use-Cases, Mitigation Measures, and Future Implications. IEEE Access, 12, 30263–30310. https://doi.org/10.1109/ACCESS.2024.3367792

Chui, K. T. (2023). A Lightweight Generative Adversarial Network for Imbalanced Malware Image Classification. 1–4. https://doi.org/10.1145/3647444.3652455

Das, N., Kotal, A., Roseberry, D., & Joshi, A. (2023). Change Management using Generative Modeling on Digital Twins. http://arxiv.org/abs/2309.12421

Deshpande, A. S., & Gupta, S. (2023). GenAI in the Cyber Kill Chain: A Comprehensive Review of Risks, Threat Operative Strategies and Adaptive Defense Approaches. 3rd IEEE International Conference on ICT in Business Industry and Government, ICTBIG 2023. https://doi.org/10.1109/ICTBIG59752.2023.10456106

Dwivedi, Y. K., Kshetri, N., Hughes, L., Slade, E. L., Jeyaraj, A., Kar, A. K., Baabdullah, A. M., Koohang, A., Raghavan, V., Ahuja, M., Albanna, H., Albashrawi, M. A., Al-Busaidi, A. S., Balakrishnan, J., Barlette, Y., Basu, S., Bose, I., Brooks, L., Buhalis, D., … Wright, R. (2023). “So what if ChatGPT wrote it?” Multidisciplinary perspectives on opportunities, challenges and implications of generative conversational AI for research, practice and policy. International Journal of Information Management, 71. https://doi.org/10.1016/j.ijinfomgt.2023.102642

Esmradi, A., Yip, D. W., & Chan, C. F. (n.d.). A Comprehensive Survey of Attack Techniques, Imple-mentation, and Mitigation Strategies in Large Language Models.

Ferrag, M. A., Debbah, M., & Al-Hawawreh, M. (2023). Generative AI for Cyber Threat-Hunting in 6G-enabled IoT Networks. http://arxiv.org/abs/2303.11751

Ferrara, E. (2023). GenAI Against Humanity: Nefarious Applications of Generative Artificial Intelligence and Large Language Models. https://doi.org/10.1007/s42001-024-00250-1

Ferrara, E. (2024). GenAI against humanity: nefarious applications of generative artificial intelligence and large language models. Journal of Computational Social Science. https://doi.org/10.1007/s42001-024-00250-1

Gill, S. S., & Kaur, R. (n.d.). ChatGPT: Vision and Challenges.

Golda, A., Mekonen, K., Pandey, A., Singh, A., Hassija, V., Chamola, V., & Sikdar, B. (2024). Privacy and Security Concerns in Generative AI: A Comprehensive Survey. IEEE Access, 12, 48126–48144. https://doi.org/10.1109/ACCESS.2024.3381611

Guo, D., Chen, H., Wu, R., & Wang, Y. (2023). AIGC challenges and opportunities related to public safety: A case study of ChatGPT. In Journal of Safety Science and Resilience (Vol. 4, Issue 4, pp. 329–339). KeAi Communications Co. https://doi.org/10.1016/j.jnlssr.2023.08.001

Gupta, M., Akiri, C., Aryal, K., Parker, E., & Praharaj, L. (2023). From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy. In IEEE Access (Vol. 11, pp. 80218–80245). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ACCESS.2023.3300381

Hilario, E., Azam, S., Sundaram, J., Imran Mohammed, K., & Shanmugam, B. (2024). Generative AI for pentesting: the good, the bad, the ugly. International Journal of Information Security. https://doi.org/10.1007/s10207-024-00835-x

Hu, C., & Chen, J. (2023). A Dimensional Perspective Analysis on the Cybersecurity Risks and Opportunities of ChatGPT-Like Information Systems. Proceedings - 2023 International Conference on Networking and Network Applications, NaNA 2023, 324–331. https://doi.org/10.1109/NaNA60121.2023.00061

Katsadouros, E., Patrikakis, C. Z., & Hurlburt, G. (2023). Can Large Language Models Better Predict Software Vulnerability? In IT Professional (Vol. 25, Issue 3, pp. 4–8). IEEE Computer Society. https://doi.org/10.1109/MITP.2023.3284628

Kitchenham, B. (2007). Guidelines for performing Systematic Literature Reviews in Software Engineering.

Manterola, C., Astudillo, P., Arias, E., & Claros, N. (2013). Revisiones sistemáticas de la literatura. Qué se debe saber acerca de ellas. Cirugia Espanola, 91(3), 149–155. https://doi.org/10.1016/j.ciresp.2011.07.009

Migliorini, S. (2024). China’s Interim Measures on generative AI: Origin, content and significance. Computer Law and Security Review, 53. https://doi.org/10.1016/j.clsr.2024.105985

Moscara, E. (2019). 2019 IEEE Thesaurus Version 1.0 Created by The Institute of Electrical and Electronics Engineers (IEEE). http://www.niso.org/kst/reports/standards

Mozo, A., Karamchandani, A., de la Cal, L., Gómez-Canaval, S., Pastor, A., & Gifre, L. (2023). A Machine-Learning-Based Cyberattack Detector for a Cloud-Based SDN Controller. Applied Sciences (Switzerland), 13(8). https://doi.org/10.3390/app13084914

Okey, O. D., Udo, E. U., Rosa, R. L., Rodríguez, D. Z., & Kleinschmidt, J. H. (2023). Investigating ChatGPT and cybersecurity: A perspective on topic modeling and sentiment analysis. Computers and Security, 135. https://doi.org/10.1016/j.cose.2023.103476

Ong, J. C. L., Chang, S. Y. H., William, W., Butte, A. J., Shah, N. H., Chew, L. S. T., Liu, N., Doshi-Velez, F., Lu, W., Savulescu, J., & Ting, D. S. W. (2024). Ethical and regulatory challenges of large language models in medicine. In The Lancet Digital Health. Elsevier Ltd. https://doi.org/10.1016/S2589-7500(24)00061-X

Pasupuleti, R., Vadapalli, R., & Mader, C. (2023). Cyber Security Issues and Challenges Related to Generative AI and ChatGPT. Proceedings - 2023 10th International Conference on Social Networks Analysis, Management and Security, SNAMS 2023. https://doi.org/10.1109/SNAMS60348.2023.10375472

Saddi, V. R., Gopal, S. K., Mohammed, A. S., Dhanasekaran, S., & Naruka, M. S. (2024). Examine the Role of Generative AI in Enhancing Threat Intelligence and Cyber Security Measures. 2024 2nd International Conference on Disruptive Technologies, ICDT 2024, 537–542. https://doi.org/10.1109/ICDT61202.2024.10489766

Sai, S., Sai, R., & Chamola, V. (n.d.). Received XX Month, XXXX; revised XX Month, XXXX; accepted XX Month, XXXX; Date of publication XX Month Generative AI for Industry 5.0: Analyzing the impact of ChatGPT, DALLE, and Other Models. https://doi.org/10.1109/OJCOMS.2024.011100

Sai, S., Yashvardhan, U., Chamola, V., & Sikdar, B. (2024). Generative AI for Cyber Security: Analyzing the Potential of ChatGPT, DALL-E, and Other Models for Enhancing the Security Space. IEEE Access, 12, 53497–53516. https://doi.org/10.1109/ACCESS.2024.3385107

Scanlon, M., Breitinger, F., Hargreaves, C., Hilgert, J. N., & Sheppard, J. (2023). ChatGPT for digital forensic investigation: The good, the bad, and the unknown. Forensic Science International: Digital Investigation, 46. https://doi.org/10.1016/j.fsidi.2023.301609

Teichmann, F. (2023). Ransomware attacks in the context of generative artificial intelligence—an experimental study. International Cybersecurity Law Review, 4(4), 399–414. https://doi.org/10.1365/s43439-023-00094-x

Truong, T. C., Zelinka, I., Plucar, J., Čandík, M., & Šulc, V. (2020). Artificial Intelligence and Cybersecurity: Past, Presence, and Future. Advances in Intelligent Systems and Computing, 1056, 351–363. https://doi.org/10.1007/978-981-15-0199-9_30

Van Huynh, N., Wang, J., Du, H., Hoang, D. T., Niyato, D., Nguyen, D. N., Kim, D. I., & Letaief, K. B. (2023). Generative AI for Physical Layer Communications: A Survey. http://arxiv.org/abs/2312.05594

Wiafe, I., Koranteng, F. N., Obeng, E. N., Assyne, N., Wiafe, A., & Gulliver, S. R. (2020). Artificial Intelligence for Cybersecurity: A Systematic Mapping of Literature. IEEE Access, 8, 146598–146612. https://doi.org/10.1109/ACCESS.2020.3013145

Xu, H., Li, Y., Balogun, O., Wu, S., Wang, Y., & Cai, Z. (n.d.). Security Risks Concerns of Generative AI in the IoT.

Zheng, S. Y., & Becker, I. (2023). Phishing to improve detection. ACM International Conference Proceeding Series, 334–343. https://doi.org/10.1145/3617072.3617121

Descargas

Publicado

2024-07-03

Cómo citar

Cordova-Alvarado, R. L., Andrade-López, M. S., & Álvarez-Vera, M. S. (2024). Inteligencia artificial generativa en el ámbito de la ciberseguridad: una revisión sistemática de literatura. MQRInvestigar, 8(3), 556–578. https://doi.org/10.56048/MQR20225.8.3.2024.556-578