Saved in:
Bibliographic Details
Main Authors: Kouremetis, Michael, Dotter, Marissa, Byrne, Alex, Martin, Dan, Michalak, Ethan, Russo, Gianpaolo, Threet, Michael, Zarrella, Guido
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2502.15797
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866917933749370880
author Kouremetis, Michael
Dotter, Marissa
Byrne, Alex
Martin, Dan
Michalak, Ethan
Russo, Gianpaolo
Threet, Michael
Zarrella, Guido
author_facet Kouremetis, Michael
Dotter, Marissa
Byrne, Alex
Martin, Dan
Michalak, Ethan
Russo, Gianpaolo
Threet, Michael
Zarrella, Guido
contents The prospect of artificial intelligence (AI) competing in the adversarial landscape of cyber security has long been considered one of the most impactful, challenging, and potentially dangerous applications of AI. Here, we demonstrate a new approach to assessing AI's progress towards enabling and scaling real-world offensive cyber operations (OCO) tactics in use by modern threat actors. We detail OCCULT, a lightweight operational evaluation framework that allows cyber security experts to contribute to rigorous and repeatable measurement of the plausible cyber security risks associated with any given large language model (LLM) or AI employed for OCO. We also prototype and evaluate three very different OCO benchmarks for LLMs that demonstrate our approach and serve as examples for building benchmarks under the OCCULT framework. Finally, we provide preliminary evaluation results to demonstrate how this framework allows us to move beyond traditional all-or-nothing tests, such as those crafted from educational exercises like capture-the-flag environments, to contextualize our indicators and warnings in true cyber threat scenarios that present risks to modern infrastructure. We find that there has been significant recent advancement in the risks of AI being used to scale realistic cyber threats. For the first time, we find a model (DeepSeek-R1) is capable of correctly answering over 90% of challenging offensive cyber knowledge tests in our Threat Actor Competency Test for LLMs (TACTL) multiple-choice benchmarks. We also show how Meta's Llama and Mistral's Mixtral model families show marked performance improvements over earlier models against our benchmarks where LLMs act as offensive agents in MITRE's high-fidelity offensive and defensive cyber operations simulation environment, CyberLayer.
format Preprint
id arxiv_https___arxiv_org_abs_2502_15797
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle OCCULT: Evaluating Large Language Models for Offensive Cyber Operation Capabilities
Kouremetis, Michael
Dotter, Marissa
Byrne, Alex
Martin, Dan
Michalak, Ethan
Russo, Gianpaolo
Threet, Michael
Zarrella, Guido
Cryptography and Security
Artificial Intelligence
The prospect of artificial intelligence (AI) competing in the adversarial landscape of cyber security has long been considered one of the most impactful, challenging, and potentially dangerous applications of AI. Here, we demonstrate a new approach to assessing AI's progress towards enabling and scaling real-world offensive cyber operations (OCO) tactics in use by modern threat actors. We detail OCCULT, a lightweight operational evaluation framework that allows cyber security experts to contribute to rigorous and repeatable measurement of the plausible cyber security risks associated with any given large language model (LLM) or AI employed for OCO. We also prototype and evaluate three very different OCO benchmarks for LLMs that demonstrate our approach and serve as examples for building benchmarks under the OCCULT framework. Finally, we provide preliminary evaluation results to demonstrate how this framework allows us to move beyond traditional all-or-nothing tests, such as those crafted from educational exercises like capture-the-flag environments, to contextualize our indicators and warnings in true cyber threat scenarios that present risks to modern infrastructure. We find that there has been significant recent advancement in the risks of AI being used to scale realistic cyber threats. For the first time, we find a model (DeepSeek-R1) is capable of correctly answering over 90% of challenging offensive cyber knowledge tests in our Threat Actor Competency Test for LLMs (TACTL) multiple-choice benchmarks. We also show how Meta's Llama and Mistral's Mixtral model families show marked performance improvements over earlier models against our benchmarks where LLMs act as offensive agents in MITRE's high-fidelity offensive and defensive cyber operations simulation environment, CyberLayer.
title OCCULT: Evaluating Large Language Models for Offensive Cyber Operation Capabilities
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2502.15797