The latest research finds that AI-powered chatbots can pass certified ethical hacker exams, but researchers warn that they should not be solely relied upon for cybersecurity protection. The study was conducted by researchers Prasad Calyam from the University of Missouri and collaborators from Amrita University in India, and tested the leading generative AI tools ChatGPT by OpenAI and Bard (now known as Gemini) by Google.
Image Source Note: Image generated by AI, provided by Midjourney Image Licensing
Certified ethical hackers are cybersecurity professionals who use the same techniques and tools as malicious hackers to discover and fix security vulnerabilities. These exams measure individuals' understanding of various types of attacks and how to protect systems and respond to security vulnerabilities.
In the study, Calyam and his team used standard questions from verified certified ethical hacker exams to test these robots. For example, they challenged the AI tools to explain a man-in-the-middle attack, where a third party intercepts communication between two systems. The study found that both ChatGPT and Bard could explain this attack and suggest ways to prevent it.
The researchers found that Bard slightly outperformed ChatGPT in accuracy, while ChatGPT showed better performance in content comprehensiveness, clarity, and conciseness.
Professor Calyam points out that although these tools can provide quick help for individuals or small companies, they cannot replace human cybersecurity experts with problem-solving experience, who can develop more robust cybersecurity measures.
Despite the potential of AI models in ethical hacking, researchers believe further efforts are needed to fully utilize their capabilities and ensure their accuracy to improve overall cybersecurity levels.
Highlight:
🤖 AI Chatbots Pass Exams: Research by the University of Missouri and Amrita University shows that AI chatbots can pass ethical hacker exams.
🔒 Ethical Hacker Role: Ethical hackers use the same techniques and tools as malicious hackers to detect and repair security vulnerabilities.
📝 Limitations of AI Tools: Although AI chatbots performed well in the tests, they cannot completely replace the work of human experts in the cybersecurity field.