In this paper, we explore the potential of Large Language Models (LLMs) to reason about threats, generate information about tools, and automate cyber campaigns. We begin with a manual exploration of LLMs in supporting specific threat-related actions and decisions. We proceed by automating the decision process in a cyber campaign. We present prompt engineering approaches for a plan-act-report loop for one action of a threat campaign and and a prompt chaining design that directs the sequential decision process of a multi-action campaign. We assess the extent of LLM's cyber-specific knowledge w.r.t the short campaign we demonstrate and provide insights into prompt design for eliciting actionable responses. We discuss the potential impact of LLMs on the threat landscape and the ethical considerations of using LLMs for accelerating threat actor capabilities. We report a promising, yet concerning, application of generative AI to cyber threats. However, the LLM's capabilities to deal with more complex networks, sophisticated vulnerabilities, and the sensitivity of prompts are open questions. This research should spur deliberations over the inevitable advancements in LLM-supported cyber adversarial landscape.

翻译：本文探讨了大语言模型（LLMs）在威胁推理、工具信息生成及网络攻击自动化方面的潜力。我们首先通过人工实验验证LLMs在特定威胁相关行动与决策中的支持能力，继而实现网络攻击中决策过程的自动化。针对单次威胁行动，我们提出了一种“规划-行动-报告”循环的提示工程方法；针对多行动攻击链，则设计了引导序列决策过程的提示串联方案。我们评估了LLMs在演示的短周期攻击链中的网络安全领域知识水平，并深入分析了如何设计提示以触发其生成可执行响应。本文讨论了LLMs对威胁格局的潜在影响，以及利用LLMs加速威胁行为者能力所引发的伦理问题。我们报告了生成式AI在网络威胁领域中一项前景可观但令人担忧的应用，但指出LLMs在处理复杂网络、高级漏洞及提示敏感性等方面仍存在开放性问题。这项研究应促使学界对LLM赋能的网络对抗格局这一必然发展趋势展开深入探讨。