Post on 18-Aug-2020
Artificial Intelligence in Cyber SecurityPanacea, Pandora's Box or Nothing New under the Sun?
October 1st, 12:20-13:00
2
3Photo by Hitesh Choudhary on Unsplash
4Photo by Louis Hansel on Unsplash
5Photo by Alex Knight on UnsplashPhoto by Jens Johnsson on Unsplash
6Photo by Todd Quackenbush on Unsplash
7
Deep learning
Machine learning Random forest
K-nearest neighbors
Genetic algorithms
Linear regression
Logistic regression
Markov chainsNeural networks
Natural Language Processing
Reinforcement
learning
Techniques for narrow AI (AI Bingo!)
Machine learning
8
UnsupervisedSupervised
Pre-labeled
‘ground truth’
Discover
commonalities &
outliers
Today’s services and products with narrow AI tools• Personal assistants
• Recommendation services
• Autonomous vehicles
• Data (image, audio, video, text) recognition/generation
9
• Large datasets of adequate quality
• Algorithms to create a model or existing models to ‘learn’ and act
AI ingredients
• Large processing capacity
10
11Photo by Maarten van den Heuvel on Unsplash
AI in cyber security
AI: Cyber security activities cheaper and at scale
12
Marginal costs
Scale Scale
Performance
13 Defender has advantage
Attacker has advantage
Human
vulnerabilityTechnical
vulnerability
Titel | Datum14Photo by Olav Ahrens Røtne on Unsplash
Existing cyber security challenges
Automated vulnerability detection
15Photo by Chris Ried on Unsplash
Automated vulnerability detection with AI
• Examples:- Learning the patterns of security vulnerabilities directly from code using natural
language processing (NLP) (Russell et al. 2018)
- Automated software vulnerability detection with machine learning (Harer et al. 2018) - Machine Learning Methods for Software Vulnerability Detection (Chernis, Verma 2018)
- Pattern-Based Vulnerability Discovery (Yamaguchi 2015)
16
Vulnerability dataset
Feature extraction
Train model Apply to code
Update classifierStatic
analysisDynamic analysis
Automated vulnerability detection with AI
• Benefits both attackers and defenders
• Reliable vulnerability datasets for training are a challenge
• AI is an addition to existing working methods
17
18Photo by Marc A on Unsplash
Mass scale spear phishing
Mass scale spear phishing with AI
• Automatically acquire targets through social media mining
• Automatically create spear phishing message based on social media content
• Example:- Generative Models for Spear Phishing Posts on Social
Media (Seymour and Tully 2018)
19
Mass scale spear phishing with AI
• Attackers benefits
• Targets human vulnerability
• Economies of scale for the attacker
• Detection of automatically generated text? (GLTR)
Titel | Datum20
Network and host based detection
21
Network and host based detection with AI
• Detection usually based on profiles of ‘normal behavior’ given a certain context
• Defining outliers with unsupervised learning is still a challenge
• Useful to prioritize possible anomalies and to increase detection rates through human-computer cooperation (SIEM/SOC)
22
23 Photo by Olav Ahrens Røtne on Unsplash
New cyber security challenges caused by AI
Deepfakes: social engineering on steroids
24
https://ThisPersonDoesNotExist.com/
Social engineering on steroids
25
Social engineering with AI
• Mostly used: generative adversarial networks
• Costs of model creation decreasing rapidly
• Deepfake detection is challenging
• Human authentication more important than ever!
26
Automated hacking and patching
27
Cyber Grand Challenge
AI as an attack vector
28Photo by Simon Zhu on Unsplash
AI as an attack vector (poisoning)
29
AI as an attack vector
30
Photo by Michael Sum on Unsplash
CAT
Photo by Berkay Gumustekin on Unsplash
Dog
AI as an attack vector
31
Photo by Michael Sum on Unsplash
CAT
Photo by Michael Sum on Unsplash
DOG
Details: Explaining and harnessing adversarial examples (Goodfellow et al 2015)
Add specific noise
AI as an attack vector – options
• Evade AI detection
• Skew training models (poisoning)
• Steal models
• AI software vulnerabilities
32
Key take aways
Titel | Datum33
•AI supplements and strengthens existing measures and
provides new opportunities for automation
•AI brings advantages for attack and defense
•AI isn’t a panacea or a Pandora’s box
Photo by Lodewijk Hertog on Unsplash