Saved in:
Bibliographic Details
Main Authors: Xu, Minrui, Fan, Jiani, Huang, Xinyu, Zhou, Conghao, Kang, Jiawen, Niyato, Dusit, Mao, Shiwen, Han, Zhu, Xuemin, Shen, Lam, Kwok-Yan
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2505.12786
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909624026791936
author Xu, Minrui
Fan, Jiani
Huang, Xinyu
Zhou, Conghao
Kang, Jiawen
Niyato, Dusit
Mao, Shiwen
Han, Zhu
Xuemin
Shen
Lam, Kwok-Yan
author_facet Xu, Minrui
Fan, Jiani
Huang, Xinyu
Zhou, Conghao
Kang, Jiawen
Niyato, Dusit
Mao, Shiwen
Han, Zhu
Xuemin
Shen
Lam, Kwok-Yan
contents With the continuous evolution of Large Language Models (LLMs), LLM-based agents have advanced beyond passive chatbots to become autonomous cyber entities capable of performing complex tasks, including web browsing, malicious code and deceptive content generation, and decision-making. By significantly reducing the time, expertise, and resources, AI-assisted cyberattacks orchestrated by LLM-based agents have led to a phenomenon termed Cyber Threat Inflation, characterized by a significant reduction in attack costs and a tremendous increase in attack scale. To provide actionable defensive insights, in this survey, we focus on the potential cyber threats posed by LLM-based agents across diverse network systems. Firstly, we present the capabilities of LLM-based cyberattack agents, which include executing autonomous attack strategies, comprising scouting, memory, reasoning, and action, and facilitating collaborative operations with other agents or human operators. Building on these capabilities, we examine common cyberattacks initiated by LLM-based agents and compare their effectiveness across different types of networks, including static, mobile, and infrastructure-free paradigms. Moreover, we analyze threat bottlenecks of LLM-based agents across different network infrastructures and review their defense methods. Due to operational imbalances, existing defense methods are inadequate against autonomous cyberattacks. Finally, we outline future research directions and potential defensive strategies for legacy network systems.
format Preprint
id arxiv_https___arxiv_org_abs_2505_12786
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Forewarned is Forearmed: A Survey on Large Language Model-based Agents in Autonomous Cyberattacks
Xu, Minrui
Fan, Jiani
Huang, Xinyu
Zhou, Conghao
Kang, Jiawen
Niyato, Dusit
Mao, Shiwen
Han, Zhu
Xuemin
Shen
Lam, Kwok-Yan
Networking and Internet Architecture
With the continuous evolution of Large Language Models (LLMs), LLM-based agents have advanced beyond passive chatbots to become autonomous cyber entities capable of performing complex tasks, including web browsing, malicious code and deceptive content generation, and decision-making. By significantly reducing the time, expertise, and resources, AI-assisted cyberattacks orchestrated by LLM-based agents have led to a phenomenon termed Cyber Threat Inflation, characterized by a significant reduction in attack costs and a tremendous increase in attack scale. To provide actionable defensive insights, in this survey, we focus on the potential cyber threats posed by LLM-based agents across diverse network systems. Firstly, we present the capabilities of LLM-based cyberattack agents, which include executing autonomous attack strategies, comprising scouting, memory, reasoning, and action, and facilitating collaborative operations with other agents or human operators. Building on these capabilities, we examine common cyberattacks initiated by LLM-based agents and compare their effectiveness across different types of networks, including static, mobile, and infrastructure-free paradigms. Moreover, we analyze threat bottlenecks of LLM-based agents across different network infrastructures and review their defense methods. Due to operational imbalances, existing defense methods are inadequate against autonomous cyberattacks. Finally, we outline future research directions and potential defensive strategies for legacy network systems.
title Forewarned is Forearmed: A Survey on Large Language Model-based Agents in Autonomous Cyberattacks
topic Networking and Internet Architecture
url https://arxiv.org/abs/2505.12786