“Watson, come here!”Artificial Intelligence in Cybersecurity

Tools of AI

Machine Learning (ML) – unsupervised

and supervised. Uses various learning

algorithms such as decision tree and

Bayesian estimation.

Deep Neural Networks (DNN)– artificial

neurons connected in hierarchical layers.

Connections between neurons can have

different weights (positive, negative, or

zero).

2

Artificial neuron

f(i)input 2

input 1

input 3

output1

0

0 or 1

3

1

Neural network

“cat”

Input

layer

Output

layerHidden

layers

4

The current state of AI

AlphaGo: General-purpose learning through

observation (self-taught).

Libratus: Winning at poker (games of imperfect

information).

Reproducing 2001 Nobel Prize-winning physics

experiment in one hour (unique techniques).

Detecting cancerous cells – humans & AI

working together are better (teaming).

5

From recognizing objects to telling a

story

24 million nodes

15 billion connections

140 million parameters

Data source: ImageNet (15 million images in 22,000 categories)

https://youtu.be/40riCqvRoMs

6

AI in cybersecurity: AI2

Combination of supervised and

unsupervised deep learning.

After training, AI2 had a false positive rate

of 4.4% & a detection rate of 86%.

Tested on 3.6 billion

real world log lines.

http://youtu.be/b6Hf1O_vpwQ

7

The burgeoning AI cybersecurity

industry

CloudSek:. AI-based risk management enterprise.

Cylance: Uses AI to predict attacks and proactively

defend against malware.

BluVector: Uses ML to detect incoming threats in

real-time. (Spin-off from Northrop Grumman.)

Harvest.ai: Uses ML to analyze user behavior near a

company’s key IP. (Bought by AWS.)

Niara: Uses ML to analyze user behavior to defend

against the insider threat. (Bought by HPE.)

8

AI in cybersecurity: DARPA Cyber

Grand Challenge

Challenge: find and patch flawed code within seconds while also attacking other systems.

Goal: automated, scalable, machine-speed vulnerability detection and patching

https://youtu.be/v5ghK6yUJv4

All code from the final event was released.

9

5-10 years down the road?

Narrow AI gets wider

Success breeds autonomy

China as an AI powerhouse?

10

What’s the takeaway?

Human experts + narrow AI = much better

security.

As AI-based tools improve, they will get more

autonomy.

Significant changes to our profession.

A cyber AI arms race?

11

Questions? Comments? Concerns?

Frank Gearhart

frank.gearhart@mac.com

719.351.2576

12

Further viewing

“Artificial Intelligence within Cyber Security”

“Cybersecurity and AI”

“How Artificial Intelligence is changing the face of Cyber

Security”

“Cyber defense and the role of artificial intelligence and

machine learning”

“DARPA’s Cyber Grand Challenge: Final Event Program”

“Trustlook SECURE(ai) Artificial Intelligence for

Cybersecurity”

“How AI can be most intelligent defense against

hackers”

13