Krakow, Poland, 19 - 21 June 2024
The hackers AI handbook: Malicious use cases for AI Models
Conference - Short (INTERMEDIATE level)
Room 4B
2023 will be known as the year of AI was launched into an unprepared world. AI has changed the security landscape in many areas, from next-gen phishing emails to AI-powered script kiddies. In this presentation, we demo how hackers and red teamers are using AI to their advantage.
1 What is AI
We will explore how AI models are trained, including looking at the most common training set, the ‘Common Crawl Database’ and why generative AI can consume trash, yet still sound convincing in their answers. We will also dive into the different types of AI such as LLMs vs generative AI, predictive AI, and contextual AI.
2 AI in the wrong hands
We show how malicious actors can use AI tools for nefarious activities including abusing AI dependency hallucinations, data poising, and using prompt injection to get to the hidden treasures of an AI model. We also look at the concerns of open-source AI models which can be adapted to give script kiddies super powers.
3 Using AI safely
During this section, we will discuss some of the many ways AI can be used to help developers without destroying security
4 Conclusion
AI is neither good nor bad, but it is here to stay. By reviewing how malicious actors use AI, the risks that come with it, and the benefits it brings, this survival guide will help any developer, hacker or defending build for and with AI.
1 What is AI
We will explore how AI models are trained, including looking at the most common training set, the ‘Common Crawl Database’ and why generative AI can consume trash, yet still sound convincing in their answers. We will also dive into the different types of AI such as LLMs vs generative AI, predictive AI, and contextual AI.
2 AI in the wrong hands
We show how malicious actors can use AI tools for nefarious activities including abusing AI dependency hallucinations, data poising, and using prompt injection to get to the hidden treasures of an AI model. We also look at the concerns of open-source AI models which can be adapted to give script kiddies super powers.
3 Using AI safely
During this section, we will discuss some of the many ways AI can be used to help developers without destroying security
4 Conclusion
AI is neither good nor bad, but it is here to stay. By reviewing how malicious actors use AI, the risks that come with it, and the benefits it brings, this survival guide will help any developer, hacker or defending build for and with AI.
Mackenzie Jackson
GitGuardian
Mackenzie is a developer and security advocate with a passion for DevOps and application security. As the co-founder and former CTO of the health tech company Conpago, he learned first-hand how critical it is to build secure applications with robust developer operations.
Today Mackenzie continues his passion for security by working with the GitGuardian research team to uncover the latest trends malicious actors are using. Mackenzie is also the host of The Security Repo podcast, an established security writer, and an experienced global speaker.
Today Mackenzie continues his passion for security by working with the GitGuardian research team to uncover the latest trends malicious actors are using. Mackenzie is also the host of The Security Repo podcast, an established security writer, and an experienced global speaker.
Ticket prices will go up in...
176
Days
:
11
Hours
:
55
Minutes
:
02
Seconds
You missed out!
Venue address
ICE Krakow, ul. Marii Konopnickiej 17
Phone
+48 691 793 877
info@devoxx.pl