Endpoint

8/10/2018
10:30 AM
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

The Enigma of AI & Cybersecurity

We've only seen the beginning of what artificial intelligence can do for information security.

Alan Turing is famous for several reasons, one of which is that he cracked the Nazis' seemingly unbreakable Enigma machine code during World War II. Later in life, Turing also devised what would become known as the Turing test for determining whether a computer was "intelligent" — what we would now call artificial intelligence (AI). Turing believed that if a person couldn't tell the difference between a computer and a human in a conversation, then that computer was displaying AI.

AI and information security have been intertwined practically since the birth of the modern computer in the mid-20th century. For today's enterprises, the relationship can generally be broken down into three categories: incident detection, incident response, and situational awareness — i.e., helping a business understand its vulnerabilities before an incident occurs. IT infrastructure has grown so complex since Turing's era that it can be months before personnel notice an intrusion.

Current iterations of computer learning have yielded promising results. Chronicle, which was recently launched by Google's parent company, Alphabet, allows companies to tap its enormous processing power and advanced machine learning capabilities to scan IT infrastructure for unauthorized activity. AI² quickly learns how to differentiate true attacks from merely unusual activity, alleviating a vexing problem for IT security teams: false positives. There are numerous other examples of AI-based solutions, such as Palo Alto Networks' Magnifier, which uses machine learning to automate incident response, utilizing another strength of AI: speed.

These advances arrive at an opportune moment because the risks from cybercrime are rapidly growing; estimates of the cost worldwide is about $600 billion annually. The average cost of a data breach is estimated at $1.3 million for enterprises and $117,000 for small businesses, and companies are taking note. According to ESG research, 12% of enterprise organizations have already deployed AI-based security analytics extensively, and 27% have deployed AI-based security analytics on a limited basis.

Moreover, cybersecurity in the years ahead will be increasingly challenging. Enterprises and computers are relatively static and well-defined at present, but securing information amid the Internet of Things, in which almost every device will be programmable and therefore hackable, is going to be far harder. Soon, we won't just have to safeguard unseen servers anymore but also our cars and household devices.

Unfortunately, AI has also become available to hackers as well. Dark Web developments to date merit serious discussion, such as machine learning that gets better and better at phishing — tricking people into opening imposter messages in order to hack them. Further down the road, machines could take impersonation one step further by learning how to build fake images. Experts are also worried AI-based hacking programs might reroute or even crash self-piloting vehicles, such as delivery drones.

I suspect that in the future, users on the front end will be blissfully unaware that behind the scenes battles between good and bad learning machines rage, with each side continually innovating to outsmart the other. Already, the synthesis of AI and cybersecurity has yielded fascinating results, and there is no doubt we are only at the beginning. I am reminded of a quote by Dr. Turing:"We can only see a short distance ahead, but we can see plenty there that needs to be done."

Related Content:

Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Early-bird rate ends August 31. Click for more info

Dr. Dongyan Wang is Chief AI Officer at DeepBrain Chain, the world's first AI computing platform powered by the blockchain. Dr. Wang has almost 20 years of experience in AI and data science, including at several Fortune 500 companies. Among other accomplishments, Dr. Wang has ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15504
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
CVE-2018-15505
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...
CVE-2018-15492
PUBLISHED: 2018-08-18
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
CVE-2018-15494
PUBLISHED: 2018-08-18
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2018-15495
PUBLISHED: 2018-08-18
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.