An Attacker's Dream? Exploring the Capabilities of ChatGPT for Developing Malware

Yin Minn Pa Pa, Shunsuke Tanizaki, Tetsui Kou, Michel Van Eeten, Katsunari Yoshioka, Tsutomu Matsumoto

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

10 Citations (Scopus)
195 Downloads (Pure)

Abstract

We investigate the potential for abuse of recent AI advances by developing seven malware programs and two attack tools using ChatGPT, OpenAI Playground's "text-davinci-003"model, and Auto-GPT - an open-source AI agent capable of generating automated prompts to accomplish user-defined goals. We confirm that: 1) Under the safety and moderation control of recent AI systems, it is possible to generate the functional malware and attack tools (up to about 400 lines of code) within 90 minutes, including the debugging time. 2) Auto-GPT does not ease the hurdle of generating the right prompts for malware generation, but it evades the safety controls of OpenAI with its automatically generated prompts. When given goals with sufficient details, it writes the code in nine of nine malware and attack tools we tested. 3) There is still room to improve the moderation and safety controls of ChatGPT and text-davinci-003 model, especially for the growing jailbreak prompts. Overall, we find that recent AI advances, including ChatGPT, Auto-GPT, and text-davinci-003, demonstrate the potential for generating malware and attack tools under safety and moderation control, highlighting the need for improved safety measures and enhanced safety controls in AI systems.
Original languageEnglish
Title of host publicationProceedings of CSET 2023 - 16th Cyber Security Experimentation and Test Workshop
PublisherAssociation for Computing Machinery (ACM)
Pages10-18
Number of pages9
ISBN (Electronic)9781450390651
DOIs
Publication statusPublished - 2023
Event16th Cyber Security Experimentation and Test Workshop, CSET 2023 - Hybrid, Marina Del Rey, United States
Duration: 7 Aug 2023 → …

Publication series

NameACM International Conference Proceeding Series

Conference

Conference16th Cyber Security Experimentation and Test Workshop, CSET 2023
Country/TerritoryUnited States
CityHybrid, Marina Del Rey
Period7/08/23 → …

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Keywords

  • AI generated malware
  • Auto-GPT abuses
  • ChatGPT abuses

Fingerprint

Dive into the research topics of 'An Attacker's Dream? Exploring the Capabilities of ChatGPT for Developing Malware'. Together they form a unique fingerprint.

Cite this