Artificial Intelligence (AI) & Machine Learning (ML) in Security and Penetration Testing

Abstract

This paper investigates the integration of AI and Machine Learning (ML) into security by focusing on automated penetration testing. It explores the reasons for this transition, including the need for increased efficiency, speed, accuracy, and scalability in security assessments. Crucially, the paper also highlights that the rapid adoption of AI introduces a new and diverse attack surface. Attackers are now employing unique AI-specific attacks such as Data Poisoning, Model Poisoning, Data Extraction, Model Extraction, and Model Evasion. Moreover, the availability of AI tools lowers the barrier to entry for cybercrime, a concept referred to as "Vibe Hacking".