USING ARTIFICIAL INTELLIGENCE FOR UNAUTHORIZED ACCESS TO CONTAINERIZED SYSTEMS
DOI: 10.31673/2409-7292.2025.011683
DOI:
https://doi.org/10.31673/2409-7292.2025.011683Abstract
The article considers the potential use of open chatbots based on artificial intelligence (AI) to gain control over a
Kubernetes cluster without involving external services. The relevance of the problem lies in the rapid development and
integration of AI technologies into DevOps and DevSecOps processes, where Kubernetes is one of the most popular container
orchestration platforms. AI, in particular machine learning technologies, can be used to detect vulnerabilities in containerized
environments, which not only improves product security, but also gives attackers the opportunity to gain access to sensitive data
or critical infrastructure. Intelligent algorithms can automate attack processes by analyzing large amounts of data and adapting
strategies in real time. This increases the effectiveness of cyber threats, making them more difficult to detect and prevent. The
paper analyzes the possibility of performing illegal actions using AI chatbots, behavior after receiving direct or veiled calls for
malicious actions, as well as the use of AI for academic purposes. The proposed AI practical testing methods in an isolated
environment that simulates real-world conditions were applied to test the extent to which publicly accessible chatbots can detect
and exploit vulnerabilities in Kubernetes. The results obtained indicate the possibility of threats caused by the fact that automated
AI assistants can generate command code to interfere with cluster settings or analyze information system vulnerabilities, thereby
achieving unauthorized access rights. And mechanisms were identified that prohibit chatbots from helping to perform or giving
advice to perform illegal actions aimed at gaining access to the containerized environment.
Keywords: DevOps, DevSecOps, Kubernetes, cloud, artificial intelligence, ChatGPT, Claude, Phind, cybersecurity
References
1. Production-Grade Container Orchestration. Kubernetes. URL: https://kubernetes.io/ (date of access:
18.02.2025).
2. Reddy Chittibala D. Security in Kubernetes: A Comprehensive Review of Best Practices. International Journal
of Science and Research (IJSR). 2023. Vol. 12, no. 6. P. 2966–2970. URL: https://doi.org/10.21275/sr24304111526 (date
of access: 18.02.2025).
3. NIST SP 800-190. Application Container Security Guide. Official edition. Gaithersburg, 2017. 51 p.
URL: https://doi.org/10.6028/NIST.SP.800-190 (date of access: 18.02.2025)
4. Impact of AI on cybersecurity and security compliance / Adebola Folorunso et al. Global journal of engineering
and technology advances. 2024. Vol. 21, no. 1. P. 167–184. URL: https://doi.org/10.30574/gjeta.2024.21.1.0193 (date of
access: 18.02.2025)
5. Mahal A., Singh K., Singh K. Influence of Generative AI on Cyber Security. International journal of all research
education and scientific methods: Conference, Ludhiana, 2 January 2025. P. 1922–1928. Режим доступу:
URL: https://www.researchgate.net/publication/388586775_Influence_of_Generative_AI_on_Cyber_Security
6. 2023 Global DevSecOps Report. Gitlab. URL: https://about.gitlab.com/developer-survey/previous/2023/. (date
of access: 18.02.2025).
7. DevSecOps Market Report Scope & Overview. SNS Insider. URL: https://www.snsinsider.
com/reports/devsecops-market-2416. (date of access: 18.02.2025).
8. Development, Security, and Operations: A Brief Guide on DevSecOps. USCSI. URL:
https://www.uscsinstitute.org/cybersecurity-insights/blog/development-security-and-operations-a-brief-guide-ondevsecops. (date of access: 18.02.2025).
9. Fu M., Pasuksmit J., Tantithamthavorn C. AI for DevSecOps: A Landscape and Future Opportunities. 2024.
URL: https://doi.org/10.48550/arXiv.2404.04839. (date of access: 18.02.2025).
10. Nastenko V. Integrating Security in DevOps: Best Practices, Tools, and Challenges. URL: https://techstack.com/blog/integrating-security-in-devops-best-practices-tools-and-challenges/. (date of access: 18.02.2025).
11. Tao F., Akhtar M., Jiayuan Z. The future of Artificial Intelligence in Cybersecurity: A Comprehensive
Survey. EAI Endorsed Transactions on Creative Technologies. 2021. Vol. 8, no. 28. P. 170285.
URL: https://doi.org/10.4108/eai.7-7-2021.170285 (date of access: 18.02.2025).
12. Gajbhiye B., Goel O., Gopalakrishna Pandian P. K. Managing Vulnerabilities in Containerized and Kubernetes
Environments. Journal of Quantum Science and Technology. 2024. Vol. 1, no. 2. P. 59–71.
URL: https://doi.org/10.36676/jqst.v1.i2.16 (date of access: 18.02.2025)
13. Kampa S. Navigating the Landscape of Kubernetes Security Threats and Challenges. Journal of Knowledge
Learning and Science Technology ISSN: 2959-6386 (online). 2024. Vol. 3, no. 4. P. 274–281.
URL: https://doi.org/10.60087/jklst.v3.n4.p274. (date of access: 18.02.2025)
14. Phind. URL: https://www.phind.com/ (date of access: 18.02.2025).
15. Explore Chat GPT. Open AI. URL: https://openai.com/chatgpt/overview/ (date of access: 18.02.2025).
16. Google Kubernetes Engine (GKE). Google Cloud. URL: https://cloud.google.com/kubernetesengine?hl=en (date of access: 18.02.2025).
17. Jenkins. Jenkins. URL: https://www.jenkins.io/ (date of access: 18.02.2025).
18. Nastenko V. Integrating Security in DevOps: Best Practices, Tools, and Challenges. URL: https://techstack.com/blog/integrating-security-in-devops-best-practices-tools-and-challenges/. (date of access: 18.02.2025).
