{"id":189074,"date":"2025-03-24T11:01:11","date_gmt":"2025-03-24T02:01:11","guid":{"rendered":"http:\/\/ee.presscat.kr\/?post_type=research-achieve&p=189074"},"modified":"2026-04-13T07:07:19","modified_gmt":"2026-04-12T22:07:19","slug":"ee-prof-seungwon-shins-team-validates-cyber-risks-of-llms","status":"publish","type":"research-achieve","link":"http:\/\/ee.presscat.kr\/en\/research-achieve\/ee-prof-seungwon-shins-team-validates-cyber-risks-of-llms\/","title":{"rendered":"EE Prof. Seungwon Shin\u2019s Team Validates Cyber Risks of LLMs"},"content":{"rendered":"
\"\"
\u3008 <(from left) Ph.D. candidate Kim Hanna, Prof. Shin Seungwon, and Ph.D. candidate Song Minkyoo \u3009<\/figcaption><\/figure>\n

Recent advancements in artificial intelligence have propelled large language models (LLMs) like ChatGPT from simple chatbots to autonomous agents. Notably, Google\u2019s recent retraction of its previous pledge not to use AI for weapons or surveillance applications has rekindled concerns about the potential misuse of AI. In this context, the research team has demonstrated that LLM agents can be exploited for personal information collection and phishing attacks.<\/span><\/p>\n

 <\/p>\n

A joint research team, led by EE Professor Seungwon Shin and AI Professor Kimin Lee, experimentally validated the potential for LLMs to be misused in cyber attacks in real-world scenarios.<\/span><\/p>\n

 <\/p>\n

Currently, commercial LLM services\u2014such as those offered by OpenAI and Google AI\u2014have built-in defense mechanisms designed to prevent their use in cyber attacks. However, the research team\u2019s experiments revealed that these defenses can be easily bypassed, enabling malicious cyber attacks.<\/span><\/p>\n

 <\/p>\n

Unlike traditional attackers who required significant time and effort to carry out such attacks, LLM agents can autonomously execute actions like personal information theft within an average of 5 to 20 seconds at a cost of only 30 to 60 won (approximately 2 to 4 cents). This efficiency has emerged as a new threat vector.<\/span><\/p>\n

 <\/p>\n

\"\"
\u3008 Figure 1. Illustration showing the process in which an LLM agent utilizes web-based tools to generate responses according to the attacker\u2019s (user\u2019s) requests. \u3009<\/figcaption><\/figure>\n

 <\/p>\n

According to the experimental results, the LLM agent was able to collect personal information from targeted individuals with up to 95.9% accuracy. Moreover, in an experiment where a false post was created impersonating a well-known professor, up to 93.9% of the posts were perceived as genuine.<\/span><\/p>\n

 <\/p>\n

In addition, the LLM agent was capable of generating highly sophisticated phishing emails tailored to a victim using only the victim\u2019s email address. The experiments further revealed that the probability of participants clicking on links embedded in these phishing emails increased to 46.67%. These findings highlight the serious threat posed by AI-driven automated attacks.<\/span><\/p>\n

 <\/p>\n

Kim Hanna, the first author of the study, commented, \u201cOur results confirm that as LLMs are endowed with more capabilities, the threat of cyber attacks increases exponentially. There is an urgent need for scalable security measures that take into account the potential of LLM agents.\u201d<\/span><\/p>\n

 <\/p>\n

\"\"
\u3008 Figure 2. A phishing email generated by an LLM agent (using Claude) targeted at Meta\u2019s CEO, Mark Zuckerberg. The email was created solely based on his email address, with the LLM agent autonomously determining relevant content, sender information, and URL link text. \u3009<\/figcaption><\/figure>\n

 <\/p>\n

Professor Shin stated, \u201cWe expect this research to serve as an essential foundation for improving information security and AI policy. Our team plans to collaborate with LLM service providers and research institutions to discuss robust security countermeasures.\u201d<\/span><\/p>\n

 <\/p>\n

\"\"
\u3008Figure 3. Experimental results showing the extent to which personal information can be collected using a Claude-based LLM agent. In this experiment, personal information of computer science professors was collected. \u3009<\/figcaption><\/figure>\n

 <\/p>\n

The study, with Ph.D. candidate Kim Hanna as the first author, will be presented at the USENIX Security Symposium 2025\u2014one of the premier international conferences in the field of computer security. (Paper title: \u201cWhen LLMs Go Online: The Emerging Threat of Web-Enabled LLMs\u201d \u2014 DOI: 10.48550\/arXiv.2410.14569)<\/span><\/p>\n

 <\/p>\n

This research was supported by the Information and Communication Technology Promotion Agency, the Ministry of Science and ICT, and the Gwangju Metropolitan City.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

599<\/p>\n","protected":false},"featured_media":188883,"template":"","research_category":[],"class_list":["post-189074","research-achieve","type-research-achieve","status-publish","has-post-thumbnail","hentry"],"acf":[],"_links":{"self":[{"href":"http:\/\/ee.presscat.kr\/en\/wp-json\/wp\/v2\/research-achieve\/189074","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ee.presscat.kr\/en\/wp-json\/wp\/v2\/research-achieve"}],"about":[{"href":"http:\/\/ee.presscat.kr\/en\/wp-json\/wp\/v2\/types\/research-achieve"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ee.presscat.kr\/en\/wp-json\/wp\/v2\/media\/188883"}],"wp:attachment":[{"href":"http:\/\/ee.presscat.kr\/en\/wp-json\/wp\/v2\/media?parent=189074"}],"wp:term":[{"taxonomy":"research_category","embeddable":true,"href":"http:\/\/ee.presscat.kr\/en\/wp-json\/wp\/v2\/research_category?post=189074"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}