报告|A Road Towards an Interaction between Cyber Security and AIGC

A Road Towards an Interaction between Cyber Security and AIGC

AIGC and cyber security entails the syste matic integration of security testing throughout all phases of the software development process. The objective is to automate the security expertise of human professionals by employing tools, thereby enabling early identification and resolution of security concerns during the early phase of the development life cycle. However, its effectiveness greatly relies on the capabilities of intelligent tools to simulate or potentially replace security experts. With the emergence of LLM, a new means to accomplish this objective is now available. In this presentation, I will discuss recent endeavors in utilizing LLM within the realm of application security, to cover the complete life cycle of the vulnerability analysis: vulnerability detection, diagnosis, POC generation and repair.

On the other hand, LLM's security is equally important to make sure the successful deployment of the Al applications. In this direction, we will demonstrate the latest research works regarding the attack surface of LLM, blackbox/whitebox attack generation for prompt injection, attacks for multi-modality models, backdoor attacks, and possible defense mechanism.

Finally, we are looking at the integration of the two aspects to develop an Al-enabled platform for application security analysis.