Transforming Computer Security and Public Trust Through the Exploration of Fine-Tuning Large Language Models
It addresses the problem of escalating cybersecurity threats from LLM exploitation for computer security and public trust, but is incremental as it builds on existing fine-tuning approaches.
This paper investigates the misuse of large language models (LLMs) by malicious services called 'Mallas' to generate malware and phishing attacks, using a dataset from the Common Vulnerabilities and Exposures (CVE) program to explore fine-tuning methods for vulnerability-related code and text.
Large language models (LLMs) have revolutionized how we interact with machines. However, this technological advancement has been paralleled by the emergence of "Mallas," malicious services operating underground that exploit LLMs for nefarious purposes. Such services create malware, phishing attacks, and deceptive websites, escalating the cyber security threats landscape. This paper delves into the proliferation of Mallas by examining the use of various pre-trained language models and their efficiency and vulnerabilities when misused. Building on a dataset from the Common Vulnerabilities and Exposures (CVE) program, it explores fine-tuning methodologies to generate code and explanatory text related to identified vulnerabilities. This research aims to shed light on the operational strategies and exploitation techniques of Mallas, leading to the development of more secure and trustworthy AI applications. The paper concludes by emphasizing the need for further research, enhanced safeguards, and ethical guidelines to mitigate the risks associated with the malicious application of LLMs.