Analysis and classification of web threats in systems with intelligent assistants

Abstract

This article investigates the transformation of web threat models driven by the integration of intelligent assistants into modern distributed web systems. Unlike existing approaches that focus primarily on technical vulnerabilities, the study argues that an intelligent assistant constitutes a qualitatively new architectural attack surface for which classical threat modeling frameworks - including STRIDE and OWASP methodologies - are structurally inadequate. The core finding is that the principal risk shifts from the syntactic validation layer to the semantic interpretation layer: an intelligent assistant acts as a probabilistic intermediary between user intent and system operations, making its behavior context-dependent and non-deterministic in ways that evade automated scanners and standard penetration testing. Based on comparative analysis of traditional and AI-oriented architectures, five categories of novel threats are identified: intent manipulation (prompt injection), information leakage through data aggregation, model hallucination risks, agent over-permission, and context boundary violations. For each category, the article demonstrates why it remains invisible to DAST tools and conventional security controls. A four-layer threat modeling framework is proposed, explicitly incorporating the intent interpretation layer as a distinct attack surface without a counterpart in classical web systems. The proposed framework extends STRIDE by treating the intelligent assistant as an independent actor with its own decision logic. The study acknowledges its primary limitation: the classification and model are conceptually grounded and scenario-validated rather than empirically verified on production systems. Directions for future work include empirical red-teaming validation, development of AI-specific security testing methodologies, and analysis of threat topology across different agent architectures (RAG, multi-agent, tool-use).