From Chatgpt To Threatgpt: Impact of Generative Ai in Cybersecurity and Privacy
From Chatgpt To Threatgpt: Impact of Generative Ai in Cybersecurity and Privacy
SEMINAR REPORT
ON
Submitted by:
M.Tech, Ph.D
CERTIFICATE
This is to certify that the Seminar on “From ChatGPT to ThreatGPT: Impact of Generative
AI in Cybersecurity and Privacy” is carried out by MOHD SAIF ALI KHAN
(21KB02BS[066]), is a Bonafide student of VIII Semester, Department of Computer Science
and Engineering, Faculty of Engineering and Technology in partial fulfillment for the
award of Degree of BACHELOR OF ENGINEERING from Khaja Bandanawaz University,
Kalaburagi during the academic year 2024-2025. It is certified that all corrections/suggestions
indicated for internal assessment have been incorporated in the report.
The seminar report has been approved as it satisfies the academic requirements in respect of
seminar work prescribed for the said degree.
I would like to thank Almighty “ALLAH” for His divine blessings and to my
beloved parents, whose support and encouragement has helped me in the completion of
this seminar report.
A Seminar report is never the product of the person whose name appears in the
cover. Many people have lent technical assistance and advice.
I express deep sense of gratitude to my guide Prof. Ruksar Fatima for her
valuable suggestions and guidance in preparing this seminar report.
INTRODUCTION
1 1
WORKING PRINCIPLES
2 2
3 APPLICATIONS 5
DISCUSSIONS
4 9
CONCLUSION
5 15
6 REFERENCES 16
From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy
CHAPTER 1
INTRODUCTION
The evolution of Artificial Intelligence (AI) and Machine Learning (ML) has led the digital transformation in
the last decade. AI and ML have achieved significant breakthroughs starting from supervised learning and
rapidly advancing with the development of unsupervised, semi-supervised, reinforcement, and deep learning.
The latest frontier of AI technology has arrived as Generative AI
EVOLUTION OF GenAI AND ChatGPT
GPT-1: GPT-1 was released in 2018. Initially, GPT-1 was trained with the Common Crawl dataset, made up
of web pages, and the BookCorpus dataset, which contained over 11,000 different books. This was the
simplest model which was able to respond very well and understand language conventions fluently.
However, the model was prone to generating repetitive text and would not retain information in the
conversation for long-term, as well as not being able to respond to longer prompts. This meant that GPT-1
would not generate a natural flow of conversation [14].
GPT-2: GPT-2 was trained on Common Crawl just like GPT-1 but combined that with Web Text, which was
a collection of Reddit articles. GPT-2 is initially better than GPT-1 as it can generate clear and realistic,
human-like sequences of text in its responses. However, it still failed to process longer lengths of text, just
like GPT-1. GPT-2 brought wonders to the internet, such as OpenAI’s MuseNet, which is a tool that can
generate musical compositions, predicting the next token in a music sequence. Similar to this, OpenAI also
developed Juke Box, which is a neural network that generates music.
GPT-3: GPT-3 was trained with multiple sources: Common Crawl, BookCorpus, WebText, Wikipedie
articles, and more. GPT-3 is able to respond coherently, generate code, and even make art. GPT-3 is able to
respond well to questions overall. The wonders that came with GPT-3 were image creation from text,
connecting text and images, and ChatGPT itself, releasing in November 2022.
GPT-4: GPT-4 is the current model of GPT (as of June 2023) which has been trained with a large corpus of
text This model has an increased word limit and is multimodal, as it can take images as input on top of text.
GPT-4 took the Bar Exam in March 2023, and scored a passing grade of 75 percent, which hits the 90th
percentile of test-takers, which is higher.
CHAPTER 2
WORKING PRINCIPLES
2.1 ATTACKING CHATGPT
Since the introduction of ChatGPT in November 2022, curious tech and non-tech-savvy humans have tried
ingenious and creative ways to perform all sorts of experiments and try to trick this GenAI system. In most
cases, the input prompts from the user have been utilized to bypass the restrictions and limitations of
ChatGPT, and keep it from doing anything illegal, unethical, immoral, or potentially harmful. In this section,
we will cover some of these commonly used techniques, and elaborate their use.
The number of rotors corresponds to differences of payload and UAV size. Octocopters, helicopter
types, and fixed-wing types have the largest payload capacities (9.5 kg) and are mainly used for
spraying. Quadcopters and hexacopters are relatively small and carry a smaller payload (1.25–2.6
kg). They are used for reconnaissance and mapping. Fixed- and rotary-wing UAVs have the largest
payload (23 kg), followed by the helicopter-type (22 kg). Currently, fixed- and rotary-wing UAVs
are increasingly being used for precision agriculture. Multi-rotor UAVs are used for extremely
precise tasks, such as pollen– moisture distribution and precision control.
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING,
FACULTY OF ENGINEERING & TECHNOLOGY.KBNU
Page 2
From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy
The first method, the ‘Do Anything Now’ (DAN) method, derives its name from the emphatic, no-
nonsense approach it employs. Here, you’re not asking ChatGPT to do something; you’re
commanding it. The premise is simple: treat the AI model like a willful entity that must be coaxed,
albeit firmly, into compliance. The input prompt to carry out the DAN jailbreak is shown in Figure 4.
DAN can be considered a master prompt to bypass ChatGPT’s safeguards, allowing it to generate a
response for any input prompts.
method is a bit like a Jekyll-and-Hyde approach, where you instruct ChatGPT to alter its behavior
dramatically. The technique’s foundation rests upon the AI model’s ability to simulate diverse
personas, but here, you’re asking it to act opposite to its initial responses. For instance, if the model
refuses to respond to a particular query, employing the SWITCH method could potentially make it
provide an answer. However, it’s crucial to note that the method requires a firm and clear instruction,
a ‘‘switch command,’’ which compels the model to behave differently.
2.2 Communication
D. ATTACK PAYLOAD GENERATION Attack payloads are portions of malicious code that
execute unauthorized actions, such as deleting files, harvesting data, or launching further attacks. An
attacker could leverage ChatGPT’s text generation capabilities to create attack payloads. Consider a
scenario where an attacker targets a server running a database management system that is susceptible
to SQL injection. The attacker could train ChatGPT on SQL syntax and techniques commonly used in
injection attacks, and then provide it with specific details of the target system. Subsequently, ChatGPT
could be utilized to generate an SQL payload for injection into the vulnerable system.
CHAPTER 3
APPLICATIONS
ChatGPT FOR CYBER DEFENSE
Else
{ // Handle the error or trim
→ userInput.
}
In the suggested code, GPT-4 introduces a check for the length of the user Input against the buffer size. By
ensuring the user Input length is less than the buffer size before performing the strcpy operation, the risk of a
buffer overflow attack is mitigated. This not only helps in mitigating the identified security issue but also
serves as a teaching tool for developers, improving their understanding of secure coding practice
CHAPTER 4
DISCUSSIONS
CONCLUSION
GenAI driven ChatGPT and other LLM tools have made significant impact on the society. We, as humans,
have embraced it openly and are using them in different ingenious ways to craft images, write text or create
music. Evidently, it is nearly impossible to find a domain where this technology has not infringed and
developed use-cases. Needless to mention, cybersecurity is no different, where GenAI has made significant
impacts how cybersecurity posture of an organization will evolve with the power and threat ChatGPT (and
other LLM tools) offers. This paper attempts to systematically research and present the challenges,
limitations and opportunities GenAI offers in cybersecurity space. Using ChatGPT as our primary tool, we
first demonstrate how it can be attacked to bypass its ethical and privacy safeguards using reverse
psychology and jailbreak techniques. This paper then reflects different cyber attacks that can be created and
unleashed using ChatGPT, demonstrating GenAI use in cyber offense. Thereafter, this article also experiment
various cyber defense mechanisims supported by ChatGPT, followed by discussion on social, legal and
ethical concerns of GenAI. We also highlight the key distinguishing features of two dominant LLM tools
ChatGPT and Googe Bard demonstrating their capabilities in terms of cybersecurity. Finally, the paper
illustrates several open challenges and research problems pertinent to cybersecurity and performance of
GenAI tools. We envision this work will simulate more research and develop novel ways to unleash the
potential of GenAI in cybersecurity.
REFERENCES
[1] I. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, A. Courville, and Y.
Bengio, ‘‘Generative adversarial networks,’’ Commun. ACM, vol. 63, no. 11, pp. 139–144, 2020.
[2] Generative AI—What is it and How Does it Work? Accessed: Jun. 26, 2023. [Online]. Available:
https://www.nvidia.com/en-us/glossary/datascience/generative-ai/
[3] OpenAI. (2023). Introducing ChatGPT. Accessed: May 26, 2023. [Online]. Available:
https://openai.com/blog/chatgpt
[4] Do ChatGPT and Other AI Chatbots Pose a Cybersecurity Risk? An Exploratory Study: Social Sciences
& Humanities Journal Article. Accessed: Jun. 26, 2023. [Online]. Available: https://www.igi-
global.com/article/do-chatgpt-and-other-ai-chatbotspose-a-cybersecurity-risk/320225 Accessed: Jun. 26,
2023.
[5] Models—OpenAI API. Accessed: Jun. 26, 2023. [Online]. Available:
https://platform.openai.com/docs/models
[6] Google Bard. Accessed: Jun. 26, 2023. [Online]. Available: https://bard.google.com/
[7] H. Touvron, T. Lavril, G. Izacard, X. Martinet, M.-A. Lachaux, T. Lacroix, B. Rozière, N. Goyal, E.
Hambro, F. Azhar, A. Rodriguez, A. Joulin, E. Grave, and G. Lample, ‘‘LLaMA: Open and efficient
foundation language models,’’ 2023, arXiv:2302.13971.
[8] (2023). Number of ChatGPT Users. Accessed: Jun. 26, 2023. [Online]. Available:
https://explodingtopics.com/blog/chatgpt-users
[9] How to Build an AI-Powered Chatbot? Accessed: Mar. 2023. [Online]. Available:
https://www.leewayhertz.com/ai-chatbots/
[10] A History of Generative AI: From GAN to GPT-4. Accessed: Jun. 27, 2023. [Online]. Available:
https://www.marktechpost.com/2023/03/21/ahistory-of-generative-ai-from-gan-to-gpt-4/
[11] B. Roark, M. Saraclar, and M. Collins, ‘‘Discriminative n-gram language modeling,’’ Comput. Speech
Lang., vol. 21, no. 2, pp. 373–392, 2007.
[12] T. Wolf et al., ‘‘Transformers: State-of-the-art natural language processing,’’ in Proc. Conf. Empirical
Methods Natural Lang. Process., Syst. Demonstrations, 2020, pp. 38–45