The AI-Based Cyber Threat Landscape:

A Survey

Hamza
Tayyaba
Group Qayoom Fadia Zulfiqar Moiz Ali Jafri Talha Sohail
Ghazi
Members Khan B-21349 B-21... B-21400
B-21388
b-21390
 Introduction
 Machine Learning Platform
 Emotion Recognition
 Speech Recognition
 Image Recognition
 Virtual Agent
 Biometrics Artificial intelligence applications have been
AI used in a wide range of fields including
Artificial intelligence (AI) is Technologies from smart governance, smart buildings,
the ability of a computer smart transportation, and smart grids
program or a machine to think to smart “anything.
and learn. It is also a field of AI Progress
study which tries to make
computers "smart“
Artificial
Intelligence
(AI)
 Dangers of AI
AI technologies are useful for the cyber security field by collecting large amounts of data
and then quickly filtering them to detect malicious patterns and anomalous behaviors

A lot has been published with a focus on the advancements of AI, but less attention has
been given to the dangers of AI.

The malicious use of AI is altering the landscape of potential threats against a wide range
of beneficial applications.

Particularly, the threat of malicious use of AI could threaten more complex systems such
as smart cyber-physical systems (SCPS)
 Main Findings
• The main findings produced from our study are as follows:
1. AI-based cyber attacks: We found 11 case studies and classified them into
AI-based cyber five categories: nextgeneration malware, voice synthesis, password-
attacks
basedattacks, social bots, and adversarial training.
2. AI-based cyber threat framework: We used a well-established model for
AI-based cyber cyber threat representation to develop a threat framework to classify the
threat studied attacks.
framework
3. Scenario: We applied the framework to a hypothetical AI attack scenario on
a smart grid infrastructure with the goal of demonstrating how the
Scenario malicious use of AI can have a large-scale catastrophic impact.
4. The article is organized as follows. In Section 2, we provide the background
that frames our research question to set the context of our study. Then, in
Section 3, we analyze existing classifications related to malicious AI, and
Outline. existing models on cyber threat representation. Section 4 explains the
methodology used for this study. In Section 5, we review the state-of-the-art
research of AI-based cyber attacks, and demonstrate how it can be used in
the real-world case of a smart grid. Finally, in Section 6, we conclude by
discussing our contribution. The conclusions are presented in Section 7.
 Malicious AI

CPCS Attacks.

CYBER COMPUTE
RBT and ML
Cybercriminal AI CRIME
Aim?
CRIME R CRIME
 SCPs (smart cyber-physical systems )

SCPs (smart
cyber-physical
systems )
• What are CPS?
• What are SCPs?
Motivation • Why are they so
important ?
Security of CPS

“The Internet of Things would

have been a security
nightmare” –EFF
 The Need for a Survey on AI-Based Cyber
Attacks
Lack of systematic understanding.
Vaccine ?
The “dark side” of automation?
Develop appropriate defenses.
5.1 Existing Case Studies of AI-Based Cyber Attacks
• New technologies are rapidly expanding the cyber threat landscape
• It is more dangerous and negative impact on our generation.
• Brundage et al. warned about the malicious uses of AI using some hypothetical scenarios within three
security domains: physical, digital, and political security.
• Criminals can use fuzzing techniques to create a next-generation malware that continuously updates
itself with new exploitsand affects millions of vulnerable devices.
• Several existing examples to understand AI as a weapon to launch attacks
 Next-Generation Malware:
• Global attention has been paid to the hypothetical scenario of small
• remotely piloted droneswith the ability to recognize potential targets and attack them with explosives .
 Deeplocker
What:
• highly targeted
• evasive malware
 When: • helps us how to understand a black-box AI model reaches
• The first goal can be achieved in the Delivery phase its decisions.
• The second goal can be achieved in the C2 phase • The goal of this malware is :
 Where: • (i) concealing its malicious intent
• (ii) activating it only for specific targets.
• video conferencing application
How:
• benign carrier applications.
• Kirat et al.utilized(use) the deep neural network (DNN) to
 Defense: achieve the two aforementioned(previous) goals:
• Defenses have not been implemented yet • 1:The first goal is DNN for concealment
• The attacker attempts to send the trigger condition hidden
in the DNN model and convert the concealed trigger
condition itself into a key that is needed to unlock the
attack payload.
• Then, the victim can download the affected application
without it being detected by antivirus.
• 2:The second goal is DNN for unlocking
 Smart malware
 What:
• Availability Attacks on Computing Systems Through Alteration of
Environmental Control
When:
• Taking advantage of the knowledge from the CPS, the attacker can collect • Although researchers have extensively considered the security of
useful information about the target. CPS.
Where: • The goal of the malware is:
• The indirect attack targets the CI as the final target system through targeted
intrusion of environmental control systems. • (i) learning attack strategies from the CPS measurement data to
Defense:
corrupt(dishonesty) the cooling capacity.
• Chung et al. • (ii) propagating stealthily to the target CI causing a system-wide
• (i) an intrusion detection system (IDS) in the control network outage
• (ii) stricter security policies of control CPS with multi-factor authentication.  How:
• (iii) system-level security monitoring to validate the physical aspects of
measurements. • Chung et al. presented a self-learning malware with learning
aspects by exploiting the dependency of the CI on surrounding
systems that manage the environment in which the CI operates
How: Voice Synthesis
• Zhang et al. created an attack by disguising the spyware as a • AI-supported voice synthesis technologies can raise new types of
microphone- controlled game. frauds by imitating someone’s voice for malicious purposes such as
gathering sensitive data.
When: • A recent example is the voice imitation algorithm called Lyrebird.
• In the Weaponization phase, the attacker can synthesize Stealthy Spyware
attacking voice commands by imitating the legitimate user’s • spyware is a software that converts the info from one computer to
voice. another and stealthy spyware is convert the info in a hidden way
Defense • Attackers to hack into smartphones and gain access to system
• Password-Based Attacks resources and private information.
• The authors proposed an attack framework using AI technologies to
• An attack in which repititive attempts are made to duplicate a
record activation voices stealthily and determine the right time to
valid logon or password sequence. launch the attack.
• The goal of this spyware is:
• (i) synthesizing activation keywords in a stealthy way.
• (ii) sending malicious voice commands to VA on smartphones and
asking them to perform tasks at an optimal attacking time.
 Next-generation password brute-force
attack
Pass GAN What:
What: • A brute force attack is an illegal, attempt by a hacker to
obtain a password or a PIN.
• Pass GAN is a novel approach to generating high-
quality password guesses with no user intervention. How:
• Trieu and Yang. used an open source ML algorithm, called
How:
Torch
• Hitaj et al When:
When: • This action can happen in the Weaponization phase.
• This action can happen in the Weaponization phase Where:
• Defense: • Computer authentication system.
Defense:
• Some defensive strategies can include combining multi-
factor and choosing passwords by using random
combinations of characters.