1. ACPS
  2. All Volumes and Issues
  3. Volume 10, Number 1, 2025
  4. Artificial Intelligence in Penetration Testing: Leveraging Ai for Advanced Vulnerability Detection and Exploitation

Artificial Intelligence in Penetration Testing: Leveraging Ai for Advanced Vulnerability Detection and Exploitation

ACPS.
2025;
Volume 10, Number 1
: pp. 65 - 70
https://doi.org/10.23939/acps2025.01.065
Authors:
  1. Mariia Kozlovska
  2. Andrian Piskozub
  3. Volodymyr Khoma
1
Lviv Polytechnic National University, Ukraine
2
Lviv Polytechnic National University, Україна
3
Opole University of Technology, Poland

The article examines the ways artificial intelligence is influencing the penetration testing procedure. As technology advances and cyber threats grow more com- mon, conventional testing methods are insufficient. Artificial intelligence aids in automating processes like vulnerability detection and real-world attack simulation, leading to quicker, more precise results with reduced dependence on human input. Machine learning is a game-changer in identifying hidden security flaws by analyzing past attacks and abnormal patterns. Tools mentioned in the article are revolutionizing vulnerability detection, traffic monitoring, and attack simulations. These tools have better key perfor- mance metrics, such as scan time, false positive rate, detect- ion accuracy, mean time to detect, zero-day threats/month, compared to traditional penetration testing tools.

artificial intelligence
Penetration Testing
Vulnerability Detection
cybersecurity
machine learning
  1.  McKinnel, D. R., Dargahi, T., Dehghantanha, A., & Choo, K. K. R. (2019). A systematic literature review and meta- analysis on artificial intelligence in penetration testing and vulnerability assessment. Computers & Electrical Engineering, 75, 175-188. DOI: https://doi.org/10.1016/ j.compeleceng.2019.02.022.
  2. Stefinko, Y., Piskozub, A., & Banakh, R. (2016, February). Manual and automated penetration testing. Benefits and drawbacks. Modern tendency. In 2016 13th international conference on modern problems of radio engineering, telecommunications and computer science (TCSET) (pp. 488-491). IEEE. DOI: https://doi.org/10.1109/ TCSET.2016.7452095.
  3. Getting pwn’d by ai: Penetration testing with large language models. In Proceedings of the 31st ACM Joint European Software Engineering Conference and Sym- posium on the Foundations of Software Engineering (pp. 2082-2086). DOI: https://doi.org/10.48550/arXiv.2308.00121.
  4. Ferrag, M. A., Maglaras, L., Moschoyiannis, S., & Janicke, H. (2020). Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications, 50, 102419. DOI:https://doi.org/10.1016/j.jisa.2019.102419.
  5. Alhamed, M., & Rahman, M. H. (2023). A systematic literature review on penetration testing in networks: future research directions. Applied Sciences, 13(12), 6986.. DOI: https://doi.org/10.3390/app13126986.
  6. Tlachenska, E., Ivanov, K., Nenova, M., Valkova-Jarvis, Z., & Kassev, K. (2024, June). Approaches for Implementing Artificial Intelligence in Cyber-security to Improve, Speed up and Optimize Processes. In 2024 Ninth Junior Conference on Lighting (Lighting) (pp.  1-3). IEEE. DOI: https://doi.org/10.1109/Lighting62260.2024.10590694.
  7. Li, Z., Zou, D., Tang, J., Zhang, Z., Sun, M., & Jin, H. (2019). A comparative study of deep learning-based vulne- rability detection system. IEEE Access, 7, 103184-103197. DOI:https://doi.org/10.1109/ACCESS.2019.2930578.
  8. Jaber, A., & Fritsch, L. (2022, October). Towards ai- powered cybersecurity attack modeling with simulation tools: Review of attack simulators. In International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (pp. 249-257). Cham: Springer International Publishing. DOI: https://doi.org/10.1007/978-3-031- 19945-5_25.
  9. Abdirahman, A. A., Hashi, A. O., Romo Rodriguez, O. E.,& Elmi, M. A. (2024). Prediction of vulnerability severity using vulnerability description with natural language processing and deep learning. International Journal of Electrical & Computer Engineering (2088-8708), 14(4). DOI: http://doi.org/10.11591/ijece.v14i4.pp4551-4562.
  10. Zhang, Z., Al Hamadi, H., Damiani, E., Yeun, C. Y., & Taher, F. (2022). Explainable artificial intelligence applications in cyber security: State-of-the-art in research. IEEe Access, 10, 93104-93139. DOI: https://doi.org/ 10.1109/ACCESS.2022.3204051.
  11. George, A. S. (2024). Emerging Trends in AI-Driven Cybersecurity: An In-Depth Analysis. Partners Universal Innovative Research Publication, 2(4), 15-28. DOI: https://doi.org/10.5281/zenodo.13333202.
  12. Saadallah, M., Shahim, A., & Khapova, S. (2025). Optimizing AI and Human Expertise Integration in Cybersecurity: Enhancing Operational Efficiency and Collaborative Decision-Making. DOI: https://doi.org/ 10.56831/PSEN-06-177.
  13. Badarneh, H. J., Attiany, L. A., Asassfeh, M., Al-Shaikh, A. A., Afaneh, S., Shquier, M. M. A., ... & Samara, G. (2024, December). The power of Network Penetration Testing. In 2024 25th International Arab Conference on Information Technology (ACIT) (pp. 1-6). IEEE. https://doi.org/10.1109/ACIT62805.2024.10877214
  14. Weerabangs,  N.  (2022,  December  11).  Intruder  online vulnerability scanner review. Bug Zero. Available at: https://blog.bugzero.io/intruder-online-vulnerability- scanner-review-aea523c1e7af.
  15. Acunetix. (n.d.). Introduction to Acunetix. Available at: https://www.acunetix.com/support/docs/introduction/
  16. Piconese, F., Hakkala, A., Virtanen, S., & Crispo, B. (2020). Deployment of Next  Generation  Intrusion Detection Systems against Internal Threats in a Medium- sized Enterprise. Masters Thesis. Available at: https://core.ac.uk/download/347181142.pdf.
  17. Mezquida Salva, C. (2019). Desplegar la herramienta" Bro IDS" y su posterior explotación para el análisis de actividades sospechosas en la red. Available at: https://openaccess.uoc.edu/handle/10609/107627.
  18. Kim,  A.,  Park,  M.,  &  Lee,  D.  H.  (2020).  AI-IDS:Application of deep learning to real-time Web intrusion detection. Ieee Access, 8, 70245-70261. DOI: https://doi.org/10.1109/ACCESS.2020.2986882.
  19. Palmgren, K., & Nordstrand, S. (2022). Metodologisk jämförelse av automatiserade och manuella penetrationstestning: En studie på bristen av manuella penetrationstestare. Available at: https://www.diva- portal.org/smash/get/diva2:1678650/FULLTEXT01.pdf.
  20. Razak, A. A., Ruzaili, H. H. H., & Zolkipli, M. F. (2024). Study on Machine Learning Implementation in Cyber- security for Security Defend and Attack. Borneo Inter- national Journal eISSN 2636-9826, 7(2), 27-40. Available at: https://majmuah.com/journal/index.php/bij/article/ view/635.
  21. Chakrabarty, B., Patil, S. R., Shingornikar, S., Kothekar, A., Mujumdar, P., Raut, S., & Ukirde, D. (2021). Securing Data on Threat Detection by Using IBM Spectrum Scale and IBM QRadar: An Enhanced Cyber Resiliency Solution. IBM Redbooks. Available at: https://books. google.com.ua/ books?id=c69CEAAAQBAJ&pg=PA8