AI for Cybersecurity

Houbing Herbert Song is Professor at the Department of Information Systems, University of Maryland, Baltimore County (UMBC). Elisa Bertino is Samuel D. Conte Distinguished Professor at the Department of Computer Science, Purdue University. Alvaro Velasquez is a program manager in the Innovation Information Office (I2O) of the Defense Advanced Research Projects Agency (DARPA) and an assistant professor at the University of Colorado Boulder. Huihui Helen Wang is a teaching professor and director of computing programs in the Khoury College of Computer Sciences at Northeastern University, based in Arlington. Yan Shoshitaishvili is an Associate Professor at Arizona State University. Sumit Kumar Jha is Eminent Scholar Chaired Professor of Computer Science at Florida International University (FIU).

• List of Contributors xixForeword xxviiAbout the Editors xxxiPreface xxxvAcknowledgments xxxvii1 LLMs Are Not Few-shot Threat Hunters 1Glenn A. Fink, Luiz M. Pereira, and Christian W. Stauffer1.1 Overview 11.1.1 AI Is Not Magic 11.1.2 Inherent Difficulty of Human Tasks in Cybersecurity and Threat Hunting 31.2 Large Language Models 41.2.1 Background 41.2.2 Transformers 41.2.3 Pretraining and Fine-tuning 91.2.4 General Limitations 91.3 Threat Hunters 121.3.1 Introduction to Threat Hunting 121.3.2 The Dimensions of Threat Hunting 131.3.3 The Approaches to Threat Hunting 151.3.4 The Process of Threat Hunting 161.3.5 Challenges to Modern Threat Hunting 171.4 Capabilities and Limitations of LLMs in Cybersecurity 181.4.1 General Limitations of LLMs for Cybersecurity 181.4.2 General Capabilities of LLMs Useful for Cybersecurity 201.4.3 Applications of LLMs in Cybersecurity 221.5 Conclusion: Reimagining LLMs as Assistant Threat Hunter 24References 272 LLMs on Support of Privacy and Security of Mobile Apps: State-of-the-art and Research Directions 29Tran Thanh Lam Nguyen, Barbara Carminati, and Elena Ferrari2.1 Introduction 292.2 Background on LLMs 322.2.1 Large Language Models 322.2.2 FSL and RAG 392.3 Mobile Apps: Main Security and Privacy Threats 432.4 LLM-based Solutions: State-of-the-art 472.4.1 Vulnerabilities Detection 482.4.2 Bug Detection and Reproduction 502.4.3 Malware Detection 522.5 An LLMs-based Approach for Mitigating Image Metadata Leakage Risks 532.6 Research Challenges 572.7 Conclusion 60Acknowledgment 61References 613 Machine Learning-based Intrusion Detection Systems: Capabilities, Methodologies, and Open Research Challenges 67Chaoyu Zhang, Ning Wang, Y. Thomas Hou, and Wenjing Lou3.1 Introduction 673.2 Basic Concepts and ML for Intrusion Detection 693.2.1 Fundamental Concepts 693.2.2 ml Algorithms for Intrusion Detection 703.2.3 Taxonomy of IDSs 723.2.4 Evaluation Metrics and Datasets 733.3 Capability I: Zero-day Attack Detection with ml 753.3.1 Understanding Zero-day Attacks and Their Impact 753.3.2 General Workflow of ML-IDS for Identifying Zero-day Attacks 753.3.3 Anomaly Detection Mechanisms 763.3.4 Open Research Challenges 773.4 Capability II: Intrusion Explainability Through XAI 793.4.1 Enhancing Transparency and Trust in Intrusion Detection 793.4.2 General Workflow of XAI 803.4.3 XAI Methods for IDS Transparency Enhancement 803.4.4 Open Research Challenges 833.5 Capability III: Intrusion Detection in Encrypted Traffic 843.5.1 Challenges in Intrusion Detection for Encrypted Traffic 843.5.2 Workflow of ML-IDS for Encrypted Traffic 843.5.3 ML-based Solutions for Encrypted Traffic Analysis 843.5.4 Open Research Challenges 873.6 Capability IV: Context-aware Threat Detection and Reasoning with GNNs 883.6.1 Introduction to GNNs in IDS 883.6.2 Workflow of GNNs for Intrusion Detection 883.6.3 Provenance-based Intrusion Detection by GNNs 893.6.4 Open Research Challenges 923.7 Capability V: LLMs for Intrusion Detection and Understanding 933.7.1 The Role of LLMs in Cybersecurity 933.7.2 Leveraging LLMs for Intrusion Detection 943.7.3 A Review of LLM-based IDS 943.7.4 Open Research Challenges 973.8 Summary 97References 984 Generative AI for Advanced Cyber Defense 109Moqsadur Rahman, Aaron Sanchez, Krish Piryani, Siddhartha Das, Sai Munikoti, Luis de la Torre Quintana, Monowar Hasan, Joseph Aguayo, Monika Akbar, Shahriar Hossain, and Mahantesh Halappanavar4.1 Introduction 1094.2 Motivation and Related Work 1114.2.1 AI-supported Vulnerability Management 1124.3 Foundations for Cyber Defense 1144.3.1 Mapping Vulnerabilities, Weaknesses, and Attack Patterns Using LLMs 1154.4 Retrieval-augmented Generation 1174.5 KG and Querying 1184.5.1 Graph Schema 1194.5.2 Neo4j KG Implementation 1224.5.3 Cypher Queries 1234.6 Evaluation and Results 1264.6.1 RAG-based Response Generation 1274.6.2 CWE Predictions Using RAG 1314.6.3 CWE Predictions Using GPT4-o 1364.7 Conclusion 142References 1425 Enhancing Threat Detection and Response with Generative AI and Blockchain 147Driss El Majdoubi, Souad Sadki, Zakia El Uahhabi, and Mohamed Essaidi5.1 Introduction 1475.2 Cybersecurity Current Issues: Background 1485.3 Blockchain Technology for Cybersecurity 1505.3.1 Blockchain Benefits for Cybersecurity 1505.3.2 Existing Blockchain-based Cybersecurity Solutions 1535.4 Combining Generative AI and Blockchain for Cybersecurity 1565.4.1 Integration of Generative AI and Blockchain 1605.4.2 Understanding Capabilities and Risks 1605.4.3 Practical Benefits for Cybersecurity 1615.4.4 Limitations and Open Research Issues 1615.5 Conclusion 162References 1636 Privacy-preserving Collaborative Machine Learning 169Runhua Xu and James Joshi6.1 Introduction 1696.1.1 Objectives and Structure 1716.2 Collaborative Learning Overview 1726.2.1 Definition and Characteristics 1726.2.2 Related Terminologies 1746.2.3 Collaborative Decentralized Learning and Collaborative Distributed Learning 1756.3 Collaborative Learning Paradigms and Privacy Risks 1776.3.1 Key Collaborative Approaches 1776.3.2 Privacy Risks in Collaborative Learning 1826.3.3 Privacy Inference Attacks in Collaborative Learning 1836.4 Privacy-preserving Technologies 1876.4.1 The Need for Privacy Preservation 1876.4.2 Privacy-preserving Technologies 1886.5 Conclusion 195References 1967 Security and Privacy in Federated Learning 203Zhuosheng Zhang and Shucheng Yu7.1 Introduction 2037.1.1 Federated Learning 2037.1.2 Privacy Threats in FL 2057.1.3 Security Issues in FL 2077.1.4 Characterize FL 2117.2 Privacy-preserving FL 2157.2.1 Secure Multiparty Computation 2157.2.2 Trust Execution Environments 2167.2.3 Secure Aggregation 2177.2.4 Differential Privacy 2187.3 Enhance Security in FL 2197.3.1 Data-poisoning Attack and Nonadaptive Model-poisoning Attack 2207.3.2 Model-poisoning Attack 2227.4 Secure Privacy-preserving FL 2257.4.1 Enhancing Security in FL with DP 2257.4.2 Verifiability in Private FL 2267.4.3 Security in Private FL 2277.5 Conclusion 228References 2298 Machine Learning Attacks on Signal Characteristics in Wireless Networks 235Yan Wang, Cong Shi, Yingying Chen, and Zijie Tang8.1 Introduction 2358.2 Threat Model and Targeted Models 2398.2.1 Backdoor Attack Scenarios 2398.2.2 Attackers’ Capability 2408.2.3 Attackers’ Objective 2408.2.4 Targeted ML Models 2418.3 Attack Formulation and Challenges 2418.3.1 Backdoor Attack Formulation 2418.3.2 Challenges 2448.4 Poison-label Backdoor Attack 2468.4.1 Stealthy Trigger Designs 2468.4.2 Backdoor Trigger Optimization 2498.5 Clean-label Backdoor Trigger Design 2528.5.1 Clean-label Backdoor Trigger Optimization 2538.6 Evaluation 2558.6.1 Victim ML Model 2558.6.2 Experimental Methodology 2558.6.3 RF Backdoor Attack Performance 2578.6.4 Resistance to Backdoor Defense 2598.7 Related Work 2618.8 Conclusion 262References 2639 Secure by Design 267Mehdi Mirakhorli and Kevin E. Greene9.1 Introduction 2679.1.1 Definitions and Contexts 2689.1.2 Core Principles of “Secure by Design” 2699.1.3 Principle of Compartmentalization and Isolation 2739.2 A Methodological Approach to Secure by Design 2759.2.1 Assumption of Breach 2759.2.2 Misuse and Abuse Cases to Drive Secure by Design 2769.2.3 Secure by Design Through Architectural Tactics 2779.2.4 Shifting Software Assurance from Coding Bugs to Design Flaws 2829.3 AI in Secure by Design: Opportunities and Challenges 2839.4 Conclusion and Future Directions 284References 28410 DDoS Detection in IoT Environments: Deep Packet Inspection and Real-world Applications 289Nikola Gavric, Guru Bhandari, and Andrii Shalaginov10.1 Introduction 28910.2 DDoS Detection Techniques in Research 29410.2.1 Network-based Intrusion Detection Systems 29510.2.2 Host-based Intrusion Detection Systems 30010.3 Limitations of Research Approaches 30310.4 Industry Practices for DDoS Detection 30510.5 Challenges in DDoS Detection 30910.6 Future Directions 31110.7 Conclusion 313References 31411 Data Science for Cybersecurity: A Case Study Focused on DDoS Attacks 317Michele Nogueira, Ligia F. Borges, and Anderson B. Neira11.1 Introduction 31711.2 Background 31911.2.1 Cybersecurity 32011.2.2 Data Science 32611.3 State of the Art 33311.3.1 Data Acquisition 33411.3.2 Data Preparation 33511.3.3 Feature Preprocessing 33611.3.4 Data Visualization 33711.3.5 Data Analysis 33811.3.6 ml in Cybersecurity 33911.4 Challenges and Opportunities 34011.5 Conclusion 341Acknowledgments 342References 34212 AI Implications for Cybersecurity Education and Future Explorations 347Elizabeth Hawthorne, Mihaela Sabin, and Melissa Dark12.1 Introduction 34712.2 Postsecondary Cybersecurity Education: Historical Perspective and Current Initiatives 34812.2.1 ACM Computing Curricula 34812.2.2 National Centers for Academic Excellence in Cybersecurity 35612.2.3 ABET Criteria 35912.3 Cybersecurity Policy in Secondary Education 36112.3.1 US High School Landscape 36212.4 Conclusion 36712.5 Future Explorations 368References 36813 Ethical AI in Cybersecurity: Quantum-resistant Architectures and Decentralized Optimization Strategies 371Andreou Andreas, Mavromoustakis X. Constandinos, Houbing Song, and Jordi Mongay Batalla13.1 Introduction 37113.1.1 Motivation 37213.1.2 Contribution 37313.1.3 Novelty 37313.2 Literature Review 37313.3 Overview and Ethical Considerations in AI-centric Cybersecurity 37413.4 AML and Privacy Risks in AI Systems 37813.5 Forensic and Formal Methods for AI Security 38013.5.1 Auditing Tools for Security and Privacy 38313.5.2 Transparency, Interpretability, and Trust 38313.5.3 Building Secure and Trustworthy AI Systems 38413.6 Generative AI and Quantum-resistant Architectures in Cybersecurity 38513.6.1 Opportunities and Risks 38513.6.2 Threats and Countermeasures 38613.6.3 Strategies for Resilience 38713.7 Future Directions and Ethical Considerations 38713.8 Conclusion 390References 39114 Security Threats and Defenses in AI-enabled Object Tracking Systems 397Mengjie Jia, Yanyan Li, and Jiawei Yuan14.1 Introduction 39714.2 Related Works 39814.2.1 UAV Object Tracking 39814.2.2 Adversarial Tracking Attacks 39914.2.3 Robustness Enhancement Against Attacks 40014.3 Methods 40114.3.1 Model Architecture 40314.3.2 Decision Loss 40314.3.3 Feature Loss 40414.3.4 l 2 Norm loss 40514.4 Evaluation 40514.4.1 Experiment Setup 40514.4.2 Evaluation Metrics 40514.4.3 Results 40614.4.4 Tracking Examples 40914.5 Conclusion 413Acknowledgment 413References 41315 AI for Android Malware Detection and Classification 419Safayat Bin Hakim, Muhammad Adil, Kamal Acharya, and Houbing Herbert Song15.1 Introduction 41915.1.1 Security Threats in Android Applications 42015.1.2 Challenges in Android Malware Detection 42215.1.3 Current Approaches and Limitations 42315.2 Design of the Proposed Framework 42415.2.1 Core Components and Architecture 42415.2.2 Feature Extraction with Attention Mechanism 42515.2.3 Feature Extraction with Attention Mechanism 42515.2.4 Dimensionality Reduction and Optimization 42715.2.5 Classification Using SVMs 42715.3 Implementation and Dataset Overview 42815.3.1 Dataset Insights 42815.3.2 Preprocessing Strategies 42915.3.3 Handling Class Imbalance 42915.3.4 Adversarial Training and Evaluation 42915.4 Results and Insights 43115.4.1 Experimental Setup 43115.4.2 Performance Analysis 43515.4.3 Performance Insights with Visualization 43615.4.4 Benchmarking Against Existing Methods 43815.4.5 Key Insights 43915.5 Feature Importance Analysis 43915.5.1 Top Feature Importance 43915.5.2 Feature Impact Analysis Using SHAP Values 44115.5.3 Global Feature Impact Distribution 44215.6 Comparative Analysis and Advancements over Existing Methods 44215.6.1 Feature Space Optimization 44415.6.2 Advances in Adversarial Robustness 44515.6.3 Performance Improvements 44515.6.4 Summary of Key Advancements 44515.7 Discussion 44615.7.1 Limitations and Future Work 44615.8 Conclusion 447References 44716 Cyber-AI Supply Chain Vulnerabilities 451Joanna C. S. Santos16.1 Introduction 45116.2 AI/ML Supply Chain Attacks via Untrusted Model Deserialization 45216.2.1 Model Deserialization 45316.2.2 AI/ML Attack Scenarios 45716.3 The State-of-the-art of the AI/ML Supply Chain 45816.3.1 Commonly Used Serialization Formats 45816.3.2 Deliberately Malicious Models Published on Hugging Face 46016.3.3 Developers’ Perception on Safetensors 46216.4 Conclusion 46616.4.1 Implications for Research 46616.4.2 Implications for Practitioners 467References 46717 AI-powered Physical Layer Security in Industrial Wireless Networks 471Hong Wen, Qi Wang, and Zhibo Pang17.1 Introduction 47117.2 Radio Frequency Fingerprint Identification 47417.2.1 System Model 47417.2.2 Cross-device RFFI 47617.2.3 Experimental Investigation 48017.3 CSI-based PLA 48117.3.1 System Model 48217.3.2 Transfer Learning-based PLA 48417.3.3 Data Augmentation 48817.3.4 Experimental Investigation 49017.4 PLK Distribution 49317.4.1 System Model 49317.4.2 AI-powered Quantization 49517.5 Physical Layer Security Enhanced ZT Security Framework 49817.5.1 ZT Requirements in IIoT 49917.5.2 PLS Enhanced ZT Security Framework 500References 50218 The Security of Reinforcement Learning Systems in Electric Grid Domain 505Suman Rath, Zain ul Abdeen, Olivera Kotevska, Viktor Reshniak, and Vivek Kumar Singh18.1 Introduction 50518.2 RL for Control 50618.2.1 Overview of RL Algorithms 50618.2.2 DQN Algorithm 51018.3 Case Study: RL for Control in Cyber-physical Microgrids 51318.4 Related Work: Grid Applications of RL 51618.5 Open Challenges and Solutions 51818.6 Conclusion 522Acknowledgments 524References 52419 Geopolitical Dimensions of AI in Cybersecurity: The Emerging Battleground 533Felix Staicu and Mihai Barloiu19.1 Introduction 53319.1.1 A Conceptual Framework 53419.2 Foundations of AI in Geopolitics: From Military Origins to Emerging Strategic Trajectories 53619.2.1 Historical Foundations: The Military and Intelligence Roots of Key Technologies 53619.2.2 Early International Debates on AI Governance and Their Geopolitical Dimensions 53719.2.3 The Two-way Influence Between AI and Geopolitics: Early Signals of Strategic Catalysts and Normative Vectors 53819.3 The Contemporary Battleground: AI as a Strategic Variable 54019.3.1 AI-infused IO: Precision, Persistence, and Policy Dilemmas 54019.3.2 Fusion Technologies for Battlefield Control, Unmanned Vehicles, and AI Swarming 54219.3.3 Regulatory Power as Soft Power: Competing Models for Global AI Norms 54319.3.4 Global Rivalries: The US-China AI Race and the Fragmenting Digital Ecosystem 54519.4 Beyond Today’s Conflicts: Future Horizons in AI-driven Security 54819.4.1 2050 Hypothesis-driven Scenarios in the International System 54819.4.2 AI in the Nuclear Quartet 55119.4.3 AI in Kinetic Conventional Military Capabilities 55319.4.4 AI in Cybersecurity and Information Warfare 55419.4.5 A Holistic View of AI’s Impact on International Security 55619.5 Conclusions and Recommendations 55819.5.1 Integrative Insights 55819.6 Conclusion 560Acknowledgments 561References 56120 Robust AI Techniques to Support High-consequence Applications in the Cyber Age 567Joel Brogan, Linsey Passarella, Mark Adam, Birdy Phathanapirom, Nathan Martindale, Jordan Stomps, Olivera Kotevska, Matthew Yohe, Ryan Tokola, Ryan Kerekes, and Scott Stewart20.1 Introduction 56720.2 Motivation 56820.3 Explainability Measures for Deep Learning in High-consequence Scenarios 57020.3.1 Gradient-based Methods 57120.3.2 Perturbation-based Methods 57220.3.3 Comparisons Between Explainability Methods 57220.4 Improving Confidence and Robustness Measures for Deep Learning in Critical Decision-making Scenarios 57320.4.1 Introduction 57320.4.2 Dataset Description 57420.4.3 Methodology 57520.4.4 Attribution Algorithms 57620.4.5 Confidence Measure Algorithms 57620.4.6 Results and Analysis 58120.4.7 Discussion and Future Work 58120.5 Building Robust AI Through SME Knowledge Embeddings 58320.5.1 Explicit Knowledge in Structured Formats 58620.5.2 Fine-tuning and Evaluating Foundation Models 58720.6 Flight-path Vocabularies for Foundation Model Training 58820.6.1 Introduction 58820.6.2 Dataset 58920.6.3 Methodology 59020.6.4 Results and Discussion 59120.7 Promise and Peril of Foundation Models in High-consequence Scenarios 59220.7.1 Adversarial Vulnerabilities of Foundation Models 59320.7.2 Privacy Violation Vulnerabilities in Foundation Models 59420.7.3 Alignment Hazards When Training Foundation Models 59420.7.4 Performance Hazards When Inferring and Generating with Foundation Models 59520.8 Discussion 596Acknowledgments 596References 596Index 601