Towards Crowd-Sourced Artifact Curation for Cyberattacks through a Learner-Centered AI Co-Pilot

About:

Creating robust and comprehensive cybersecurity solutions has become increasingly costly and time consuming due to the ever-expanding list of vulnerabilities to be considered and new attacks found continuously. On the other hand, security research quite often only focuses on a specific attack or even sub-components of it with a narrow scope. These constraints severely limit the opportunity in creating holistic, cross-disciplinary cybersecurity solutions. This project aims to develop a learner-centered co-pilot tool leveraging advances in artificial intelligence (AI) to produce attack scenarios and capture related data, which includes end-to-end attack interactions between the red team attacker and the cyber systems. The resulting high-quality and structured attack artifact repository will be a highly valuable resource to the cyber security research community, especially for the test and validation of security solutions.

This project adopts large language model (LLM) to help cybersecurity research. Through an LLM adaptation approach, the red-team co-pilot will incorporate techniques such as prompt engineering, reasoning, parameter-efficient fine-tuning, and few-shot learning to guide users to emulate attack scenarios. The project will develop a curator-friendly methodology to enable the crowd-sourced aggregation of high-quality cyberattack artifacts associated with attack behaviors and system settings, when the tool is deployed in the research community. The captured dataset contains both functional and behavioral aspects of attacks such as tactics, techniques, and procedures. A successful research outcome, including the tools generated, can help facilitate security benchmarking, AI-based penetration testing, adversarial modeling, and research reproducibility. In addition, the red-team co-pilot brings a useful tool to cyber security education and workforce development since it offers an accessible, adaptive, reusable, and learner-centric platform for users to emulate attacks and develop cyber defense experiences.

Publications:

Open-Source Tooling:

Thank you to our sponsor!