Inteligencia artificial generativa en el ámbito de la ciberseguridad: una revisión sistemática de literatura
DOI:
https://doi.org/10.56048/MQR20225.8.3.2024.556-578Palabras clave:
inteligencia artificial generativa; gen IA; ciberseguridad; detección de amenazas; privacidadResumen
La presente Revisión Sistemática de Literatura (RSL) tiene por objetivo identificar el estado actual de la Inteligencia Artificial Generativa (Gen IA) en el ámbito de la Ciberseguridad, investigando también sus aplicaciones, técnicas, desafíos éticos, riesgos y limitaciones . Se utilizó la metodología propuesta por Barbara Kitchenham, dejando como resultado 31 trabajos de investigación distribuidas en seis bases de datos de prestigio investigativo en el área, que permitieron identificar información relevante y ayudaron a responder las preguntas de investigación planteadas. La tecnología de Inteligencia Artificial Generativa ofrece diversas aplicaciones prometedoras en el ámbito de la ciberseguridad, dentro de los principales descubrimientos de la Gen IA, facilita la identificación de vulnerabilidades y la prevención de amenazas, analiza código malicioso, mejora la seguridad de la red, simula escenarios de ciberseguridad, genera datos sintéticos para entrenar modelos de IA y fomenta la educación. Sin embargo, a los ciberdelincuentes les ayuda a perfeccionar algunas habilidades como la generación de phishing, ransomware, creación de deepfakes, generación de código malicioso y facilita la desinformación. Como conclusión para el presente trabajo de investigación, podemos decir que la Gen IA, se está utilizando tanto para los equipos de defensa o personal se seguridad informática, como también los ciberdelincuentes para llevar a cabo sus ataques en ciberseguridad, esto presenta algunas limitaciones, riesgos y desafíos éticos.
Descargas
Métricas
Cited
DOI: 10.56048
Citas
Bengesi, S., El-Sayed, H., Sarker, K., Houkpati, Y., Irungu, J., & Oladunni, T. (n.d.). Advancements in Generative AI: A Comprehensive Review of GANs, GPT, Autoencoders, Diffusion Model, and Transformers. https://towardsdatascience.com/applied-deep-learning-part-3-
Cambiaso, E., & Caviglione, L. (2023). Scamming the Scammers: Using ChatGPT to Reply Mails for Wasting Time and Resources. http://ceur-ws.org
Campbell, M., & Jovanovic, M. (2024). Disinfecting AI: Mitigating Generative AI’s Top Risks. In Computer (Vol. 57, Issue 5, pp. 111–116). IEEE Computer Society. https://doi.org/10.1109/MC.2024.3374433
Cao, Y., Li, S., Liu, Y., Yan, Z., Dai, Y., Yu, P. S., & Sun, L. (2023). A Comprehensive Survey of AI-Generated Content (AIGC): A History of Generative AI from GAN to ChatGPT. http://arxiv.org/abs/2303.04226
Capodieci, N., Sanchez-Adames, C., Harris, J., & Tatar, U. (2024). The Impact of Generative AI and LLMs on the Cybersecurity Profession. 2024 Systems and Information Engineering Design Symposium (SIEDS), 448–453. https://doi.org/10.1109/SIEDS61124.2024.10534674
Charfeddine, M., Kammoun, H. M., Hamdaoui, B., & Guizani, M. (2024). ChatGPT’s Security Risks and Benefits: Offensive and Defensive Use-Cases, Mitigation Measures, and Future Implications. IEEE Access, 12, 30263–30310. https://doi.org/10.1109/ACCESS.2024.3367792
Chui, K. T. (2023). A Lightweight Generative Adversarial Network for Imbalanced Malware Image Classification. 1–4. https://doi.org/10.1145/3647444.3652455
Das, N., Kotal, A., Roseberry, D., & Joshi, A. (2023). Change Management using Generative Modeling on Digital Twins. http://arxiv.org/abs/2309.12421
Deshpande, A. S., & Gupta, S. (2023). GenAI in the Cyber Kill Chain: A Comprehensive Review of Risks, Threat Operative Strategies and Adaptive Defense Approaches. 3rd IEEE International Conference on ICT in Business Industry and Government, ICTBIG 2023. https://doi.org/10.1109/ICTBIG59752.2023.10456106
Dwivedi, Y. K., Kshetri, N., Hughes, L., Slade, E. L., Jeyaraj, A., Kar, A. K., Baabdullah, A. M., Koohang, A., Raghavan, V., Ahuja, M., Albanna, H., Albashrawi, M. A., Al-Busaidi, A. S., Balakrishnan, J., Barlette, Y., Basu, S., Bose, I., Brooks, L., Buhalis, D., … Wright, R. (2023). “So what if ChatGPT wrote it?” Multidisciplinary perspectives on opportunities, challenges and implications of generative conversational AI for research, practice and policy. International Journal of Information Management, 71. https://doi.org/10.1016/j.ijinfomgt.2023.102642
Esmradi, A., Yip, D. W., & Chan, C. F. (n.d.). A Comprehensive Survey of Attack Techniques, Imple-mentation, and Mitigation Strategies in Large Language Models.
Ferrag, M. A., Debbah, M., & Al-Hawawreh, M. (2023). Generative AI for Cyber Threat-Hunting in 6G-enabled IoT Networks. http://arxiv.org/abs/2303.11751
Ferrara, E. (2023). GenAI Against Humanity: Nefarious Applications of Generative Artificial Intelligence and Large Language Models. https://doi.org/10.1007/s42001-024-00250-1
Ferrara, E. (2024). GenAI against humanity: nefarious applications of generative artificial intelligence and large language models. Journal of Computational Social Science. https://doi.org/10.1007/s42001-024-00250-1
Gill, S. S., & Kaur, R. (n.d.). ChatGPT: Vision and Challenges.
Golda, A., Mekonen, K., Pandey, A., Singh, A., Hassija, V., Chamola, V., & Sikdar, B. (2024). Privacy and Security Concerns in Generative AI: A Comprehensive Survey. IEEE Access, 12, 48126–48144. https://doi.org/10.1109/ACCESS.2024.3381611
Guo, D., Chen, H., Wu, R., & Wang, Y. (2023). AIGC challenges and opportunities related to public safety: A case study of ChatGPT. In Journal of Safety Science and Resilience (Vol. 4, Issue 4, pp. 329–339). KeAi Communications Co. https://doi.org/10.1016/j.jnlssr.2023.08.001
Gupta, M., Akiri, C., Aryal, K., Parker, E., & Praharaj, L. (2023). From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy. In IEEE Access (Vol. 11, pp. 80218–80245). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ACCESS.2023.3300381
Hilario, E., Azam, S., Sundaram, J., Imran Mohammed, K., & Shanmugam, B. (2024). Generative AI for pentesting: the good, the bad, the ugly. International Journal of Information Security. https://doi.org/10.1007/s10207-024-00835-x
Hu, C., & Chen, J. (2023). A Dimensional Perspective Analysis on the Cybersecurity Risks and Opportunities of ChatGPT-Like Information Systems. Proceedings - 2023 International Conference on Networking and Network Applications, NaNA 2023, 324–331. https://doi.org/10.1109/NaNA60121.2023.00061
Katsadouros, E., Patrikakis, C. Z., & Hurlburt, G. (2023). Can Large Language Models Better Predict Software Vulnerability? In IT Professional (Vol. 25, Issue 3, pp. 4–8). IEEE Computer Society. https://doi.org/10.1109/MITP.2023.3284628
Kitchenham, B. (2007). Guidelines for performing Systematic Literature Reviews in Software Engineering.
Manterola, C., Astudillo, P., Arias, E., & Claros, N. (2013). Revisiones sistemáticas de la literatura. Qué se debe saber acerca de ellas. Cirugia Espanola, 91(3), 149–155. https://doi.org/10.1016/j.ciresp.2011.07.009
Migliorini, S. (2024). China’s Interim Measures on generative AI: Origin, content and significance. Computer Law and Security Review, 53. https://doi.org/10.1016/j.clsr.2024.105985
Moscara, E. (2019). 2019 IEEE Thesaurus Version 1.0 Created by The Institute of Electrical and Electronics Engineers (IEEE). http://www.niso.org/kst/reports/standards
Mozo, A., Karamchandani, A., de la Cal, L., Gómez-Canaval, S., Pastor, A., & Gifre, L. (2023). A Machine-Learning-Based Cyberattack Detector for a Cloud-Based SDN Controller. Applied Sciences (Switzerland), 13(8). https://doi.org/10.3390/app13084914
Okey, O. D., Udo, E. U., Rosa, R. L., Rodríguez, D. Z., & Kleinschmidt, J. H. (2023). Investigating ChatGPT and cybersecurity: A perspective on topic modeling and sentiment analysis. Computers and Security, 135. https://doi.org/10.1016/j.cose.2023.103476
Ong, J. C. L., Chang, S. Y. H., William, W., Butte, A. J., Shah, N. H., Chew, L. S. T., Liu, N., Doshi-Velez, F., Lu, W., Savulescu, J., & Ting, D. S. W. (2024). Ethical and regulatory challenges of large language models in medicine. In The Lancet Digital Health. Elsevier Ltd. https://doi.org/10.1016/S2589-7500(24)00061-X
Pasupuleti, R., Vadapalli, R., & Mader, C. (2023). Cyber Security Issues and Challenges Related to Generative AI and ChatGPT. Proceedings - 2023 10th International Conference on Social Networks Analysis, Management and Security, SNAMS 2023. https://doi.org/10.1109/SNAMS60348.2023.10375472
Saddi, V. R., Gopal, S. K., Mohammed, A. S., Dhanasekaran, S., & Naruka, M. S. (2024). Examine the Role of Generative AI in Enhancing Threat Intelligence and Cyber Security Measures. 2024 2nd International Conference on Disruptive Technologies, ICDT 2024, 537–542. https://doi.org/10.1109/ICDT61202.2024.10489766
Sai, S., Sai, R., & Chamola, V. (n.d.). Received XX Month, XXXX; revised XX Month, XXXX; accepted XX Month, XXXX; Date of publication XX Month Generative AI for Industry 5.0: Analyzing the impact of ChatGPT, DALLE, and Other Models. https://doi.org/10.1109/OJCOMS.2024.011100
Sai, S., Yashvardhan, U., Chamola, V., & Sikdar, B. (2024). Generative AI for Cyber Security: Analyzing the Potential of ChatGPT, DALL-E, and Other Models for Enhancing the Security Space. IEEE Access, 12, 53497–53516. https://doi.org/10.1109/ACCESS.2024.3385107
Scanlon, M., Breitinger, F., Hargreaves, C., Hilgert, J. N., & Sheppard, J. (2023). ChatGPT for digital forensic investigation: The good, the bad, and the unknown. Forensic Science International: Digital Investigation, 46. https://doi.org/10.1016/j.fsidi.2023.301609
Teichmann, F. (2023). Ransomware attacks in the context of generative artificial intelligence—an experimental study. International Cybersecurity Law Review, 4(4), 399–414. https://doi.org/10.1365/s43439-023-00094-x
Truong, T. C., Zelinka, I., Plucar, J., Čandík, M., & Šulc, V. (2020). Artificial Intelligence and Cybersecurity: Past, Presence, and Future. Advances in Intelligent Systems and Computing, 1056, 351–363. https://doi.org/10.1007/978-981-15-0199-9_30
Van Huynh, N., Wang, J., Du, H., Hoang, D. T., Niyato, D., Nguyen, D. N., Kim, D. I., & Letaief, K. B. (2023). Generative AI for Physical Layer Communications: A Survey. http://arxiv.org/abs/2312.05594
Wiafe, I., Koranteng, F. N., Obeng, E. N., Assyne, N., Wiafe, A., & Gulliver, S. R. (2020). Artificial Intelligence for Cybersecurity: A Systematic Mapping of Literature. IEEE Access, 8, 146598–146612. https://doi.org/10.1109/ACCESS.2020.3013145
Xu, H., Li, Y., Balogun, O., Wu, S., Wang, Y., & Cai, Z. (n.d.). Security Risks Concerns of Generative AI in the IoT.
Zheng, S. Y., & Becker, I. (2023). Phishing to improve detection. ACM International Conference Proceeding Series, 334–343. https://doi.org/10.1145/3617072.3617121
Publicado
Cómo citar
Número
Sección
Categorías
Licencia
Esta obra está bajo una licencia internacional Creative Commons Atribución 4.0.
®
Los autores se comprometen a respetar la información académica de otros autores, y a ceder los derechos de autor a la Revista MQRInvestigar, para que el artículo pueda ser editado, publicado y distribuido. El contenido de los artículos científicos y de las publicaciones que aparecen en la revista es responsabilidad exclusiva de sus autores. La distribución de los artículos publicados se realiza bajo una licencia 
