ChatGPT: The Curious Case of Attack Vectors' Supply Chain Management Improvement

Minhaz Chowdhury, Nafiz Rifat, Shadman Latif, Mostofa Ahsan, Md Saifur Rahman, Rahul Gomes

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

The field of Natural Language Processing has observed significant advancements in the development of sophisticated conversational Artificial Intelligence systems. ChatGPT is one such state-of-the-art conversational system that has attracted considerable interest and adoption. It enables developers to create highly interactive and engaging conversational applications using deep neural networks to produce human-like responses to user inputs. Such capabilities have made it popular in the threat actors' world. However, threat actors can abuse this chatbot to generate attack vectors as part of an operation. ChatGPT can be abused to produce practical and realistic communications that can be used in phishing attacks. These communications help the attack vectors distribution, i.e., prompt users to download and set up malware or disclose confidential information. ChatGPT has security measures to prevent malicious queries from generating attack vectors. However, the threat actors can circumvent such security controls through deception. This abusive use of ChatGPT makes the supply chain management of attack vectors effective and efficient. In this study, we presented evidence from various sources, showing how ChatGPT is abused to help the threat actors to improve each step of the attack vectors' supply chain management.

Original languageEnglish (US)
Title of host publication2023 IEEE International Conference on Electro Information Technology, eIT 2023
PublisherIEEE Computer Society
Pages499-504
Number of pages6
ISBN (Electronic)9781665493765
DOIs
StatePublished - 2023
Event2023 IEEE International Conference on Electro Information Technology, eIT 2023 - Romeoville, United States
Duration: May 18 2023May 20 2023

Publication series

Name2023 IEEE International Conference on Electro Information Technology (eIT)

Conference

Conference2023 IEEE International Conference on Electro Information Technology, eIT 2023
Country/TerritoryUnited States
CityRomeoville
Period5/18/235/20/23

Bibliographical note

Publisher Copyright:
© 2023 IEEE.

Keywords

  • Artificial Intelligence
  • ChatGPT
  • Chatbot
  • Machine Learning
  • Malware
  • Malware as a Service
  • Natural Language Processing
  • OpenAI
  • Phishing Attack
  • Social Engineering Attack
  • Supply Chain Management

Fingerprint

Dive into the research topics of 'ChatGPT: The Curious Case of Attack Vectors' Supply Chain Management Improvement'. Together they form a unique fingerprint.

Cite this