TESTING NEURAL NETWORK MODELS FOR SOLVING THE PROBLEM OF DETECTING INFECTED PCS BASED ON DIGITAL TRACES
DOI:
https://doi.org/10.28925/2663-4023.2025.29.941Keywords:
artificial intelligence; neural network models; LLM; computer viruses; digital artifacts; testing; prompt; cybersecurity.Abstract
The development of artificial intelligence has made great progress and already today has a significant impact on a large number of industries and with the development of LLM will have an even greater impact in the future, especially on cybersecurity. AI can both help save data by early detection of cyberattacks, and harm cybersecurity by facilitating the writing of convincing phishing emails, reproducing fragments of malicious code, helping to identify weak points in the network, and finding vulnerabilities in the operating system, programs, etc. that are still unknown to software manufacturers (zero day vulnerability). Therefore, in order not to be lagging behind in this "arms race", it is necessary to already implement AI as one of the components of cyber protection in the enterprise. The relevance of the work lies in the need to find such artificial intelligence models that can already be involved in solving the problems of protecting infocommunication networks. The purpose of the article is to test neural network models of the GGUF format to assess the possibility of their application in solving the problem of detecting infected PCs based on digital traces. The paper considers the types and technologies of artificial intelligence, and their impact on cybersecurity both as protection against cyberattacks and as one of the components for attacks on information infrastructure. In order to assess the possibilities of using existing AI models to solve current cyberdefense problems, in particular, detecting infected PCs based on digital traces using AI, criteria were determined for an AI model that would be acceptable for use in a corporate environment and 135 GGUF format models were tested for their detection or non-detection of signs of viral activity and indicators of compromise in the prompt provided by the user. Since it was found that when running the same neural network model with the same prompts but different programs that can run local models on a PC, its response changes dramatically, a number of summary tables were prepared with the name of the model and answer options for each program for running AI models, excluding those that gave the wrong answer, took too long to answer, or ended with an error. A list of AI models in the GGUF format that are appropriate for use in solving cybersecurity problems, in particular for detecting infected PCs based on digital traces, was determined. However, since each model performs better in specific conditions with different launch scenarios, the choice of model will depend on the current tasks and available resources. Further research can be focused on improving the methodology for studying models for processing digital traces, converting digital traces from a PC into a prompt understandable for AI, and automatically analyzing the AI response.
Downloads
References
Microsoft. (2025, August 3). What is AI for cybersecurity? | Microsoft Security Essentials. Microsoft. https://www.microsoft.com/uk-ua/security/business/security-101/what-is-ai-for-cybersecurity
Kostiuk, Yu. V., Skladannyi, P. M., Bebeshko, B. T., Khorolska, K. V., Rzaieva, S. L., & Vorokhob, M. V. (2025). Information and communication systems security [Textbook]. Kyiv: Borys Grinchenko Kyiv Metropolitan University.
Kostiuk, Yu. V., Skladannyi, P. M., Hulak, H. M., Bebeshko, B. T., Khorolska, K. V., & Rzaieva, S. L. (2025). Information security systems [Textbook]. Kyiv: Borys Grinchenko Kyiv Metropolitan University.
Hulak, H. M., Zhyltsov, O. B., Kyrychok, R. V., Korshun, N. V., & Skladannyi, P. M. (2023). Enterprise information and cyber security [Textbook]. Kyiv: Borys Grinchenko Kyiv Metropolitan University.
World Economic Forum. (2025, August 5). Global cybersecurity outlook 2025. https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
Oberig IT. (2025, August 3). Artificial Intelligence (AI) and Privileged Access Management (PAM) Blog. https://oberig-it.com/statti/shtuchnyj-intelekt-shi-ta-upravlinnya-pryvilejovanym-dostupom-pam/
Weigand, S. (2025, August 4). 2025 forecast: AI to supercharge attacks, quantum threats grow, SaaS security woes. SC Media. https://www.scworld.com/feature/cybersecurity-threats-continue-to-evolve-in-2025-driven-by-ai
AV-ATLAS. (2025, September 22). AV-ATLAS – & PUA. https://portal.av-atlas.org/malware
Kalash, M., et al. (2018). Malware classification with deep convolutional neural networks. In 2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS). IEEE. https://doi.org/10.1109/NTMS.2018.8328749
Chernihivskyi, I., & Kriuchkova, L. (2025). Systematic approach to solving the task of protecting information in the infocommunication network from the influence of computer viruses. Cybersecurity: Education, Science, Technique, (27), 572–590. https://doi.org/10.28925/2663-4023.2025.27.781
BlackBerry. (2025, August 5). Predictive AI for cybersecurity. What actually works and how to understand it. https://blackberry.bakotech.com/ua/predictive-ai-for-cybersecurity
Otal, H. T., & Canbaz, M. A. (2024). LLM Honeypot: Leveraging large language models as advanced interactive honeypot systems. IEEE Conference on Communications and Network Security (CNS). https://doi.org/10.1109/CNS62487.2024.10735607
Gholami, Y. (2024). Large language models (LLMs) for cybersecurity: A systematic review. World Journal of Advanced Engineering Technology and Sciences, 13(1), 57–69. https://doi.org/10.30574/wjaets.2024.13.1.0395
Coppolino, L., et al. (2025). The good, the bad, and the algorithm: The impact of generative AI on cybersecurity. Neurocomputing, 623, 129406. https://doi.org/10.1016/j.neucom.2025.129406
Ucci, D., Aniello, L., & Baldoni, R. (2019). Survey of machine learning techniques for malware analysis. Computers & Security, 81, 123–147. https://doi.org/10.1016/j.cose.2018.11.001
Unite.AI. (2025, September 8). Top 10 AI cybersecurity tools (September 2025). Unite.AI – AI News. https://www.unite.ai/uk/ai-cybersecurity-tools/
Chernihivskyi, I., & Kriuchkova, L. (2025). Testing antivirus solutions for the corporate segment. Information Security. Scientific Journals of the State University “Kyiv Aviation Institute”. https://jrnl.nau.edu.ua/index.php/Infosecurity/article/view/20362
Hugging Face. (2025, August 8). GGUF. Hugging Face – The AI community building the future. https://huggingface.co/docs/hub/gguf
ggml-org. (2025, August 8). GGUF ggml/docs/gguf.md at master. GitHub. https://github.com/ggml-org/ggml/blob/master/docs/gguf.md
Hugging Face. (2025, August 8). Hugging Face – The AI community building the future. https://huggingface.co
Chernihivskyi, I., & Kriuchkova, L. (2025). Effective solutions for rapid detection of committed PCs in the infocommunication networks. Telecommunication and Information Technologies, 87(2). https://doi.org/10.31673/2412-4338.2025.029875
Bohdanov, O., & Chernihivskyi, I. (2024). Types of digital forensic artifacts in Windows computers. Cybersecurity: Education, Science, Technique, 4(24), 221–228. https://doi.org/10.28925/2663-4023.2024.24.221228
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Іван Чернігівський, Лариса Крючкова
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
