相關主題
商品描述
This book explores the most common generative AI (GenAI) tools and techniques used by malicious actors for hacking and cyber-deception, along with the security risks of large language models (LLMs). It also covers how LLM deployment and use can be secured, and how generative AI can be utilized in SOC automation.
The rapid advancements and growing variety of publicly available generative AI tools enables cybersecurity use cases for threat modeling, security awareness support, web application scanning, actionable insights, and alert fatigue prevention. However, they also came with a steep rise in the number of offensive/rogue/malicious generative AI applications. With large language models, social engineering tactics can reach new heights in the efficiency of phishing campaigns and cyber-deception via synthetic media generation (misleading deepfake images and videos, faceswapping, morphs, and voice clones). The result is a new era of cybersecurity that necessitates innovative approaches to detect and mitigate sophisticated cyberattacks, and to prevent hyper-realistic cyber-deception. This work provides a starting point for researchers and students diving into malicious chatbot use, system administrators trying to harden the security of GenAI deployments, and organizations prone to sensitive data leak through shadow AI. It also benefits SOC analysts considering generative AI for partially automating incident detection and response, and GenAI vendors working on security guardrails against malicious prompting.商品描述(中文翻譯)
這本書探討了惡意行為者用於駭客攻擊和網路欺騙的最常見生成式人工智慧(Generative AI, GenAI)工具和技術,以及大型語言模型(Large Language Models, LLMs)的安全風險。它還涵蓋了如何確保LLM的部署和使用安全,以及如何在安全運營中心(Security Operations Center, SOC)自動化中利用生成式人工智慧。
隨著公開可用的生成式人工智慧工具的快速進步和日益多樣化,這些工具使得在威脅建模、安全意識支持、網路應用掃描、可行見解和警報疲勞預防等方面的網路安全應用成為可能。然而,這也伴隨著攻擊性/流氓/惡意生成式人工智慧應用數量的急劇上升。利用大型語言模型,社交工程策略在網路釣魚活動和通過合成媒體生成(誤導性的深偽影像和影片、臉部交換、變形和聲音克隆)進行網路欺騙的效率達到了新的高度。結果是網路安全進入了一個新時代,這需要創新的方法來檢測和減輕複雜的網路攻擊,並防止超現實的網路欺騙。
這項工作為研究人員和學生深入惡意聊天機器人使用、系統管理員努力加強生成式人工智慧部署的安全性,以及容易通過影子人工智慧洩漏敏感數據的組織提供了一個起點。它還有助於考慮使用生成式人工智慧部分自動化事件檢測和響應的SOC分析師,以及針對惡意提示工作以建立安全防護措施的生成式人工智慧供應商。
作者簡介
Leslie F. Sikos, Ph.D., is a computer scientist specializing in cybersecurity applications powered by artificial intelligence and data science. He holds two Ph.D. degrees and 20+ industry certificates, coupled with industry experience in enterprise ICT infrastructures. He is an active member of the research community as an author, editor, reviewer, conference organizer, and speaker; a senior member of the IEEE, and a certified professional of the Australian Computer Society. He is an invited reviewer of major academic publishers such as Springer and Taylor & Francis, as well as EU research proposals, and interviewed as a subject matter expert by the United Nations and media outlets such as ABC News and 7NEWS. Dr. Sikos is a prolific author who published, beyond numerous journal papers and conference papers, more than 20 books, including textbooks, monographs, and edited volumes.
作者簡介(中文翻譯)
Leslie F. Sikos 博士是一位專注於人工智慧和數據科學驅動的網路安全應用的計算機科學家。他擁有兩個博士學位和超過 20 個行業證書,並在企業 ICT 基礎設施方面擁有豐富的行業經驗。他是研究社群的活躍成員,擔任作者、編輯、審稿人、會議組織者和演講者;同時也是 IEEE 的高級會員,以及澳大利亞計算機協會的認證專業人士。他是主要學術出版商如 Springer 和 Taylor & Francis 的邀請審稿人,並參與歐盟研究提案的審查,還曾被聯合國及 ABC News 和 7NEWS 等媒體採訪,作為主題專家。Sikos 博士是一位多產的作者,除了發表眾多期刊論文和會議論文外,還出版了超過 20 本書籍,包括教科書、專著和編輯卷。
![公職考試 2026 試題大補帖【輸配電學概要】(103~114年試題)(申論題型)[適用四等/普考、地方特考]-cover](https://cf-assets2.tenlong.com.tw/products/images/000/249/569/medium/CK521201011001.jpg?1764304086)
