Capture the Flag with ChatGPT: Security Testing with AI ChatBots
DOI:
https://doi.org/10.34190/iccws.19.1.2171Keywords:
cyber, ChatGPT, Chatbot, Penetration Testing, CTF, Hacking, cybersecurity, securityAbstract
Penetration testing, commonly referred to as pen testing, is a process of assessing the security of a computer system or network by simulating an attack from an external or internal threat actor. One type of pen testing exercise that has become popular among cybersecurity enthusiasts is called Capture the Flag (CTF). This involves solving a series of challenges that simulate real-world hacking scenarios, with the goal of capturing a flag that represents a piece of sensitive information. Recently, there has been a growing interest in the use of natural language processing (NLP) and machine learning (ML) technologies for penetration testing and CTF exercises. One such technology that has received significant attention is ChatGPT, a large language model (LLM) trained by OpenAI based on the GPT-3.5 architecture. The use of ChatGPT in CTFs has several potential benefits for participants and organisers, including more dynamic and realistic scenarios and enhanced learning experiences, and enhance the effectiveness and realism of CTFs.. Future research can explore more sophisticated models and evaluate the effectiveness of ChatGPT in improving the performance of participants in CTFs.
Downloads
Published
Issue
Section
License
Copyright (c) 2024 David Chamberlain, Ellis Casey
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.