Cyber Security Risks in the Rapid Development of Generative Artificial Intelligence: A Systematic Literature Review
Keywords:
generative artificial intelligence (GenAI), cybersecurity, systematic literature review.Abstract
This study aims to identify the cybersecurity risks arising from the use of Generative Artificial Intelligence (GenAI). By employing a systematic literature review (SLR) method and following the PRISMA 2020 guidelines, this research systematically selects and analyzes relevant literature to discover and understand the risks associated with the use of GenAI. From the seventeen studies successfully collected and reviewed, various cybersecurity risks were identified, including phishing attacks, social engineering, ransomware, malware, deepfakes, misinformation, data leakage, misuse of personal data, executable attack code generation, privacy risks, and intellectual property violations. These findings provide crucial insights into the potential threats that may emerge from the irresponsible use of GenAI. The study is designed to offer valuable information for various stakeholders in their risk mitigation efforts and in the development of relevant regulations concerning the ethical use of GenAI. It is hoped that these findings will serve as a solid foundation for developing more effective security strategies and policies to address the challenges posed by this technology, and encourage the implementation of improved protective measures to tackle emerging risks.
References
Taherdoost, H. (2022). An Overview of Trends in Information Systems: Emerging Technologies That Transform The Information Technology Industry. Cloud Computing and Data Science, 1–16. https://doi.org/10.37256/ccds.4120231653
Păvăloaia, V. D., & Necula, S. C. (2023). Artificial Intelligence as a Disruptive Technology—A Systematic Literature Review. MDPI. https://doi.org/10.3390/electronics12051102
Saddi, V. R., Gopal, S. K., Mohammed, A. S., Dhanasekaran, S., & Naruka, M. S. (2024). Examine The Role of Generative AI in Enhancing Threat Intelligence and Cyber Security Measures. In 2024 2nd International Conference on Disruptive Technologies, ICDT 2024 (pp. 537–542). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ICDT61202.2024.10489766
Teo, Z. L., Quek, C. W. N., Wong, J. L. Y., & Ting, D. S. W. (2024). Cybersecurity in the generative artificial intelligence era. Elsevier B.V. https://doi.org/10.1016/j.apjo.2024.100091
Polito, C., & Pupillo, L. (2024). Artificial Intelligence and Cybersecurity. Intereconomics, 59(1), 10–13. https://doi.org/10.2478/ie-2024-0004
Su, J., & Yang, W. (2023). Unlocking the Power of ChatGPT: A Framework for Applying Generative AI in Education. ECNU Review of Education, 6(3), 355–366. https://doi.org/10.1177/20965311231168423
Fui-Hoon Nah, F., Zheng, R., Cai, J., Siau, K., & Chen, L. (2023). Generative AI and ChatGPT: Applications, challenges, and AI-human collaboration. Routledge. https://doi.org/10.1080/15228053.2023.2233814
Nobles, C. (2023). Offensive artificial intelligence in cybersecurity: Techniques, challenges, and ethical considerations. In Real-World Solutions for Diversity, Strategic Change, and Organizational Development: Perspectives in Healthcare, Education, Business, and Technology (pp. 348–363). IGI Global. https://doi.org/10.4018/978-1-6684-8691-7.ch021
Amoo, O. O., Osasona, F., Atadoga, A., Ayinla, B. S., Farayola, O. A., & Abrahams, T. O. (2024). Cybersecurity Threats in the Age of IoT: A Review of Protective Measures. International Journal of Science and Research Archive, 11(1), 1304–1310. https://doi.org/10.30574/ijsra.2024.11.1.0217
Krishnamurthy, O. (2023). Enhancing Cyber Security Enhancement Through Generative AI. International Journal of Use, 9. Retrieved from http://www.ijuse.in
Acosta-Urigüen, M., et al. (2024). Conceptualizing the Active Ageing Index (AAI): A Systematic Literature Review of Frameworks and Supporting Digital Tools. In Proceedings of the 10th International Conference on Information and Communication Technologies for Ageing Well and e-Health (pp. 276–283). SCITEPRESS. https://doi.org/10.5220/0012722000003699
Dhingra, V., Keswani, S., Sama, R., & Noor Mohamed Qureshi, M. R. (2024). Social Media Influencers: A Systematic Review Using PRISMA. Cogent OA. https://doi.org/10.1080/23311975.2024.2368100
Page, M. J., et al. (2021). The PRISMA 2020 Statement: An Updated Guideline for Reporting Systematic Reviews. The BMJ, 372. https://doi.org/10.1136/bmj.n71
Rizzo, G., Migliore, G., Schifani, G., & Vecchio, R. (2024). Key Factors Influencing Farmers’ Adoption of Sustainable Innovations: A Systematic Literature Review and Research Agenda. Springer Science and Business Media B.V. https://doi.org/10.1007/s13165-023-00440-7
Dey, R., Kassim, S., Maurya, S., Mahajan, R. A., Kadia, A., & Singh, M. (2024). A Systematic Literature Review on the Islamic Capital Market: Insights Using the PRISMA Approach.
Albhirat, M. M., et al. (2024). The PRISMA Statement in Enviropreneurship Study: A Systematic Literature and A Research Agenda. Elsevier Ltd. https://doi.org/10.1016/j.clet.2024.100721
de Oliveira, U. R., Menezes, R. P., & Fernandes, V. A. (2024). A Systematic Literature Review on Corporate Sustainability: Contributions, Barriers, Innovations and Future Possibilities. Springer Science and Business Media B.V. https://doi.org/10.1007/s10668-023-02933-7
Mangaroo-Pillay, M., & Coetzee, R. (2022). Lean Frameworks: A Systematic Literature Review (SLR) Investigating Methods and Design Elements. Journal of Industrial Engineering and Management, 15(2), 202–214. https://doi.org/10.3926/jiem.3677
. Gupta, M., Akiri, C., Aryal, K., Parker, E., & Praharaj, L. (2023). From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy. IEEE Access. https://doi.org/10.1109/ACCESS.2023.3300381
Metta, S., et al. (2024). Generative AI in Cybersecurity.
Sebastian, G. (2023). Do ChatGPT and Other AI Chatbots Pose a Cybersecurity Risk? International Journal of Security and Privacy in Pervasive Computing, 15(1), 1–11. https://doi.org/10.4018/ijsppc.320225
Okey, O. D., Udo, E. U., Rosa, R. L., Rodríguez, D. Z., & Kleinschmidt, J. H. (2023). Investigating ChatGPT and cybersecurity: A perspective on topic modeling and sentiment analysis. Computers & Security, 135. https://doi.org/10.1016/j.cose.2023.103476
Wang, M. (2024). Generative AI: A New Challenge for Cybersecurity. https://doi.org/10.32996/jcsts
Dwivedi, R., & Elluri, L. (2024). Exploring Generative Artificial Intelligence Research: A Bibliometric Analysis Approach. IEEE Access. https://doi.org/10.1109/ACCESS.2024.3450629
Yigit, Y., Buchanan, W. J., Tehrani, M. G., & Maglaras, L. (2024). Review of Generative AI Methods in Cybersecurity. arXiv. Retrieved from http://arxiv.org/abs/2403.08701
Romero Moreno, F. (2024). Generative AI and Deepfakes: A Human Rights Approach to Tackling Harmful Content. International Review of Law, Computers and Technology. https://doi.org/10.1080/13600869.2024.2324540
Takale, D. G., Mahalle, P. N., & Sule, B. (2024). Cyber Security Challenges in Generative AI Technology.
Golda, A., et al. (2024). Privacy and Security Concerns in Generative AI: A Comprehensive Survey. IEEE Access, 12, 48126–48144. https://doi.org/10.1109/ACCESS.2024.3381611
Novelli, C., Casolari, F., Hacker, P., Spedicato, G., & Floridi, L. (2024). Generative AI in EU Law: Liability, Privacy, Intellectual Property, and Cybersecurity.
Wach, K., et al. (2023). The Dark Side of Generative Artificial Intelligence: A Critical Analysis of Controversies and Risks of ChatGPT. Entrepreneurial Business and Economics Review, 11(2), 7–30. https://doi.org/10.15678/EBER.2023.110201
Ye, X., Yan, Y., Li, J., & Jiang, B. (2024). Privacy and Personal Data Risk Governance for Generative Artificial Intelligence: A Chinese Perspective. Telecommunications Policy. https://doi.org/10.1016/j.telpol.2024.102851
Wu, X., Qiu, Q., Li, J., & Zhao, Y. (2023). Intell-Dragonfly: A Cybersecurity Attack Surface Generation Engine Based On Artificial Intelligence-Generated Content Technology. arXiv. Retrieved from http://arxiv.org/abs/2311.00240
Kulkarni, A. V., & Nath, S. (2024). Human Susceptibility to Social Engineering Attacks: An Innovative Approach to Social Change. In 2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI) (pp. 1–6). IEEE. https://doi.org/10.1109/IATMSI60426.2024.10502492
Mira, F. (2021). A Systematic Literature Review on Malware Analysis. In 2021 IEEE International IoT, Electronics and Mechatronics Conference (IEMTRONICS) (pp. 1–5). IEEE. https://doi.org/10.1109/IEMTRONICS52119.2021.9422537
Chinmaya, B. J., Kudtarkar, S. A., & Mohana. (2023). Targeted Ransomware Attacks and Detection to Strengthen Cybersecurity Strategies. In 2023 2nd International Conference on Automation, Computing and Renewable Systems (ICACRS) (pp. 1039–1044). IEEE. https://doi.org/10.1109/ICACRS58579.2023.10404203
Ranka, H., et al. (2024). Examining the Implications of Deepfakes for Election Integrity.
Kumar, S. (2024). Online Defamation in the Digital Age: Issues and Challenges with Particular Reference to Deepfakes and Malicious Bots. International Journal of Law and Policy, 2(8), 32–41. https://doi.org/10.59022/ijlp.200
Monteith, S., Glenn, T., Geddes, J. R., Whybrow, P. C., Achtyes, E., & Bauer, M. (2024). Artificial Intelligence and Increasing Misinformation. The British Journal of Psychiatry, 224(2), 33–35. https://doi.org/10.1192/bjp.2023.136

