AI tools are now used millions of times to research topics, write letters and create images. But artificial intelligence is also becoming increasingly important in the area of cybersecurity.
On the one hand, it can make the work of those responsible for security easier, but on the other hand, it offers cybercriminals numerous new opportunities. These range from deepfakes to AI-powered cyberattack campaigns on demand. Whitehat hacker Kody Kinzie has tried out the extent to which artificial intelligence can be used to better exploit the results of “wardriving”, i.e. the systematic search for WiFi networks with the help of a vehicle.
AI tool Claude
The security specialist collected information about WiFi networks in Manhattan on a Circle Line ferry using WiGLE. He received a CSV data set of 5.000 lines and uploaded it to Claude. “I wanted to see if this AI model could do three things: analyze the data, enrich the data, and output the data in a visual representation,” said Kinzie. To do this, Claude should compare the MAC addresses of all these wireless networks against a list of providers and then identify the most common providers in that area.
The tool said it extracted the network ID column, used the MAC Vendor Lookup package in Python to look up the provider, calculated the count of each provider, and then sorted the providers to determine their frequency . The results corresponded to a typical distribution of manufacturers. “Claude appears to have taken the steps a savvy person would take to enrich the data. Accordingly, I assumed that the tool had actually processed my information.”
Claude hallucinates
To check the results, Kinzie repeated the test several times - always with completely different results. “Obviously Claude did not carry out the tasks he set himself, but simply anticipated the results. The tool was able to write the Python code used for real analysis of the data. But after actually running the wardriving data through this code, it was revealed that most of the data was not true, but rather a hallucination. On the other hand, Claude created a map that showed the location of several vulnerable networks and was identical to the results of a real analysis,” explains Kinzie.
Claude wasn't right, but he wasn't completely wrong either: "In my opinion, that's worse than being completely wrong, because the results seem plausible and contain a few correct conclusions." But this behavior is not limited to Claude: "AI- Systems like Claude, Bard from Google or ChatGPT try to approximate plausible results. So when you do data analysis and do things that AI seems good for, you have to be very careful and always check those results manually.”
More at Varonis.com
About Varonis Since its founding in 2005, Varonis has taken a different approach than most IT security providers by placing company data stored both locally and in the cloud at the center of its security strategy: sensitive files and e-mails, confidential customer, patient and Employee data, financial data, strategy and product plans and other intellectual property. The Varonis data security platform (DSP) detects insider threats and cyber attacks through the analysis of data, account activities, telemetry and user behavior, prevents or limits data security breaches by locking sensitive, regulated and outdated data and maintains a secure state of the systems through efficient automation .,
Matching articles on the topic