Papers
Topics
Authors
Recent
Search
2000 character limit reached

Malicious Uses in Technology

Updated 13 April 2026
  • Malicious uses are defined as intentional exploitation of technological systems to compromise confidentiality, integrity, and availability using tactics like software manipulation and hardware sabotage.
  • They employ diverse methods such as obfuscation, programmatic attack construction, and payload automation, achieving high bypass rates against traditional defenses.
  • Research focuses on detection and mitigation strategies including hybrid static–dynamic filtering, sandboxing, and formal threat modeling to counter evolving adversarial challenges.

Malicious uses encompass any intentional abuse or exploitation of technological systems, algorithms, or infrastructures to undermine confidentiality, integrity, availability, or to manipulate public trust, social processes, or physical safety. Contemporary research characterizes malicious use as a cross-domain phenomenon, driven by advances in AI, software supply chains, networked hardware, and digital communications, and underpinned by a spectrum of adversarial tactics from simple obfuscation to hardware-level sabotage. The threat landscape is continually evolving as adversaries capitalize on automation, scale, and technical vulnerabilities to maximize economic, political, or strategic gains.

1. Taxonomy of Malicious Use Threats

A rigorous taxonomy spans several modalities:

2. Mechanisms and Implementation Strategies

Malicious use employs a spectrum of technical methods, often tailored to the operational domain. Key strategies include:

  • Obfuscation and Evasion: Introduction of minor mutations (typos, synonyms, encoding) to evade static or pattern-based detection filters, employed in LLM prompt attacks and malicious URL campaigns (Kang et al., 2023, Almashor et al., 2021).
  • Programmatic Attack Construction: Use of instruction-following LLMs to assemble multi-stage attacks through code injection, prompt indirection (splitting payloads across variables), and stateful prompt chaining (virtualization), yielding high empirical bypass rates (≥92–100%) against black-box content moderation systems (Kang et al., 2023, Charan et al., 2023).
  • Payload Automation: Automation of MITRE ATT&CK techniques, including privilege escalation, credential dumping, data encryption for ransomware, and process hollowing, with LLMs enabling rapid, iterative generation even by low-skill actors (Charan et al., 2023).
  • Hardware-Level Subversion: Stealthy Trojan insertion at the bootloader or firmware level, like FLAW3D, can alter physical manufacturing outcomes without observable software anomalies, significantly degrading structural integrity (up to 78% reduction in tensile strength) (Pearce et al., 2021).
  • Supply Chain Poisoning: Strategic manipulation of package metadata to evade static analyzers and downstream security controls, targeting both easy-to-manipulate (ETM) and difficult-to-manipulate (DTM) features (Halder et al., 2024).
  • Extension and API Abuse: Browser extensions exploit API permissions, delayed activation, and function-disguise for credential exfiltration, keystroke logging, or user surveillance, with code obfuscation and stealth thresholds to defeat marketplace vetting (Singh et al., 6 Mar 2025, Seetharam et al., 10 Dec 2025).
  • Protocol and Infrastructure Attacks: Poisoned feedback in closed-loop MIMO/RIS systems, malicious peripherals leveraging DMA or protocol violations, and adversary-controlled hardware evading channel estimation or configuration integrity checks (Angel et al., 2015, Mukherjee et al., 2010, Mughal et al., 8 Aug 2025, Zawoad et al., 2012).

3. Empirical Findings and Impact Quantification

Studies highlight the pronounced efficiency, scale, and economic advantage gained by malicious actors:

Domain Success/Evasion Rate Cost Differential Notes
LLM-based Phishing 92–100% filter bypass $0.0064–$0.016/email vs. $0.10+ Automated, personalized, and highly convincing
Browser Extensions 100% bypass in Firefox Chrome blocks 80–90%, but stealth/delay still effective
3D Printer Trojan up to 78% strength loss Visual detection ineffective, <1.7 KiB payload
Malicious Packages ~0.02% FP/FN (DRF) 97.56% FP, 91.86% FN reduction Metadata-based models robust to adversarial evasion

Empirical methodologies include controlled red-teaming with LLM prompt attacks (Kang et al., 2023), functional code exploitation loops over top MITRE techniques (Charan et al., 2023), PoC extension deployment and vetting bypass measurement in browser stores (Singh et al., 6 Mar 2025, Seetharam et al., 10 Dec 2025), real-world hospital attack simulations (Zawoad et al., 2012), and real device sabotage with mechanical validation (Pearce et al., 2021). Quantitative metrics leverage precision, recall, F₁, cost comparisons, and bypass/detection rates.

4. Detection, Defense, and Mitigation Strategies

Technical and process-level mitigations feature prominently:

  • Hybrid Static–Dynamic Filtering: Static AST/feature analysis augmented with dynamic runtime monitoring or cluster-based anomaly detection for encrypted flows, as in unsupervised TLS malware clustering (F₁=0.993) and black-box LLM defenses (Kang et al., 2023, Gomez et al., 2021).
  • Permission and Behavior Sandboxing: Restriction and fine-grained auditing of extension and peripheral permissions, combined with automated anomaly and rollback mechanisms (extension safe-mode, sensor-based device isolation, secure enclaves) (Angel et al., 2015, Singh et al., 6 Mar 2025).
  • Metadata-Based Access Control: Partitioning features into ETM/DTM classes for supply-chain defense, leveraging time-sequenced, hard-to-forge metadata for probabilistic adversarial robustness (Halder et al., 2024).
  • Human-in-the-Loop Escalation: Manual review escalation for suspicious multi-turn LLM or browser sessions (Kang et al., 2023).
  • Component and User Gating: Trusted user registration, per-component watermarking, and differential model/data release to curb proliferation and enable traceability (Pöhler et al., 2024).
  • Hardware Tamper Protection: Hardware roots of trust, secure-boot, and off-chip binary verification for embedded systems (Pearce et al., 2021, Mughal et al., 8 Aug 2025).
  • Formal Threat Modeling: Efforts grounded in defining the set of malicious behaviors T\mathcal{T} and transformations TT, with unconditional security impossible by Rice’s theorem, necessitating probabilistic or subset-based filtering (Kang et al., 2023).

5. Policy, Economic, and Societal Dimensions

The ecosystemic risk of malicious use mandates multilevel responses:

  • Economic Scaling: Automated attack chains drive per-unit cost of malicious activity below traditional human rates, further lowering barriers for non-state actors and unsophisticated individuals (Kang et al., 2023, Charan et al., 2023).
  • Regulation and Governance: Regulatory architectures propose AI-component classification, user certification, dual-use export controls, provenance tracking via watermarking/signing, and emergency kill-switch requirements (Pöhler et al., 2024, Brundage et al., 2018).
  • International Cooperation: Inclusion of malicious-use scenarios in AI non-proliferation frameworks, UN-GGE, and broader transdisciplinary forums is recommended to avoid asymmetric empowerment and mass-diffusion of high-yield attack tools (Pöhler et al., 2024).
  • Awareness and Training: Organizational and public education on risks arising from LLM misuse, supply-chain attacks, and browser extension threats, as well as continuous blue-team and incident response pipeline updates, are considered essential (Charan et al., 2023, Seetharam et al., 10 Dec 2025).

6. Limitations, Open Problems, and Future Priorities

Despite advances in detection and policy, open challenges persist:

  • Inherent Detection Gaps: Rice’s theorem precludes perfect distinguishing of malicious intent in Turing-complete systems; purely syntactic or static approaches offer only partial coverage (Kang et al., 2023).
  • Sophisticated Evasion: Adversarial adaptation, such as delayed payload activation, behavioral blending, and stealthy hardware trojans, frequently outpace vetting and detection, especially in open or rapidly updating ecosystems (Singh et al., 6 Mar 2025, Pearce et al., 2021).
  • Lack of Real-time or Longitudinal Monitoring: Insufficient longitudinal data and weak post-release surveillance hamper dynamic detection, particularly in browser and package repositories (Singh et al., 6 Mar 2025, Seetharam et al., 10 Dec 2025).
  • Cross-Domain Spillover: The convergence of digital, physical, and political domains via composite AI modules and hardware/software integration amplifies both attack and defense complexity (Pöhler et al., 2024, Brundage et al., 2018).

Priority research directions include: (1) integrating adversarially robust learning in detection pipelines, (2) advancing provenance-aware hardware and software control architectures, (3) formalizing threat models and probabilistic guarantees for complex systems, and (4) developing scalable, privacy-preserving anomaly detection adaptable to evolving attacker TTPs.

Key references: (Kang et al., 2023, Charan et al., 2023, Pöhler et al., 2024, Singh et al., 6 Mar 2025, Gomez et al., 2021, Halder et al., 2024, Almashor et al., 2021, Brundage et al., 2018, Angel et al., 2015, Zawoad et al., 2012, Mukherjee et al., 2010, Seetharam et al., 10 Dec 2025, Pearce et al., 2021, Mughal et al., 8 Aug 2025, Elmendili et al., 2018).

Topic to Video (Beta)

No one has generated a video about this topic yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this topic yet.

Sign Up to Generate

Follow Topic

Get notified by email when new papers are published related to Malicious Uses.

Sign Up to Follow Topic by Email