Living Off the LLM: How LLMs Will Change Adversary Tactics
This addresses a potential future security threat for systems with on-device LLMs, though it is speculative and incremental as it extends existing attack concepts to new technology.
The paper explores how on-device large language models (LLMs) could be exploited by malicious actors to conduct living off the land attacks, using legitimate tools to evade detection, and suggests mitigation strategies for the security community.
In living off the land attacks, malicious actors use legitimate tools and processes already present on a system to avoid detection. In this paper, we explore how the on-device LLMs of the future will become a security concern as threat actors integrate LLMs into their living off the land attack pipeline and ways the security community may mitigate this threat.