Search papers, labs, and topics across Lattice.
This paper analyzes the dual-use nature of LLMs in cybersecurity, highlighting both their potential for advanced defenses and new attack vectors. It introduces the LLM Scalability Risk Index (LSRI) as a framework to stress-test operational risks associated with LLM deployment in security-critical environments. The paper also proposes a model-supply-chain framework to establish a verifiable root of trust throughout the model lifecycle, aiming to mitigate risks associated with compromised or malicious models.
LLMs in cybersecurity are a double-edged sword, and this paper introduces a framework to stress-test the operational risks of deploying them in security-critical environments.
Large Language Models (LLMs) & Generative AI are transforming cybersecurity, enabling both advanced defenses and new attacks. Organizations now use LLMs for threat detection, code review, and DevSecOps automation, while adversaries leverage them to produce malwares and run targeted social-engineering campaigns. This paper presents a unified analysis integrating offensive and defensive perspectives on GenAI-driven cybersecurity. Drawing on 70 academic, industry, and policy sources, it analyzes the rise of AI-facilitated threats and its implications for global security to ground necessity for scalable defensive mechanisms. We introduce two primary contributions: the LLM Scalability Risk Index (LSRI), a parametric framework to stress-test operational risks when deploying LLMs in security-critical environments & a model-supply-chain framework establishing a verifiable root of trust throughout model lifecycle. We also synthesize defense strategies from platforms like Google Play Protect, Microsoft Security Copilot and outline a governance roadmap for secure, large-scale LLM deployment.
