A Lazy Introduction to AI for Infosec. What is AI in the first place? The simulation of human intelligence by computers is called AI. The simulation includes learning, understanding, logical reasoning, and improvisation. Any AI that is created to perform only a specific set of tasks is called Artificial Narrow Intelligence. AI that is capable of self-correcting and making decisions exactly like a human is called Artificial General Intelligence. Real-time examples of artificial narrow intelligence include SIRI, Google Home, Alexa, IBM Watson, and Microsoft Cognitive Services. Key Insights: 61% of enterprises say they cannot detect breach attempts today without the use of AI technologies 64% say that AI lowers the cost to detect and respond to breaches and reduces the overall time taken by 12% 73% of enterprises are testing use cases for AI for cybersecurity across their organizations Positive Consequences: : Integrate and unify security solutions into a cohesive physical security management system Access Securing : Identify possible predictors of fraud associated with known and their actions in the past Fraud detection fraudsters : Process of determining the functionality, origin and potential impact of a given malware sample Malware detection : Detecting vulnerability exploits against a target application or computer Intrusion detection : Identifying and quantifying cyber-risk are essential for effective risk prioritization Scoring risk in a network : Algorithms and Statistical analysis to detect meaningful anomalies from the patterns of human behavior User entity behavioral analysis : Detailed timing information which describes exactly when each key was pressed and when it was released as a person is typing on a computer keyboard Authentication with keystroke dynamics Negative Consequences: :   Neural networks can often guess passwords more effectively than state-of-the-art approaches Modeling Password Guessability Using Neural Networks : Machines that attack on their own Weaponized drones : A coordinate attack in which a fraction of the training data is controlled by the attacker and manipulated to subvert the learning process Poisoning of Deep Learning Algorithms : DNN is not continuous and very sensitive to tiny perturbation on the input vectors. Images can be crafted to adversarial images with modification just on one pixel One pixel attack for fooling deep neural networks : Clustering algorithms can be significantly compromised if an attacker can exercise some control over the input data Poisoning Behavioral Malware Clustering : Attacks using rudimentary machine learning to observe and learn patterns of normal user behavior inside a network AI-Powered Cyberattacks Are Detected Why do we need private ML algorithms? Machine learning algorithms work by studying tons of data and updating their parameters to identify the patterns in that data. Ideally, we want the parameters of the machine learning models to encode general patterns (“patients who smoke are more likely to possess heart disease’’) instead of facts about specific training examples (“Alice Parker has heart disease”). Unfortunately, the algorithms don’t learn to ignore these specifics by default. If we would like to use machine learning to unravel such a crucial task, like making a cancer diagnosis model, then once we publish that machine learning model (for example, by making an open-source cancer diagnosis model for doctors around the globe to use) we may inadvertently reveal information about the training set. A malicious attacker could inspect the published model and learn private information about Alice Parker. This is where differential privacy comes in. makes it possible for tech companies to collect and share aggregate information about user habits while maintaining the privacy of individual users. It is a framework for measuring the privacy guarantees provided by an algorithm. The key is a family of algorithms called (PATE). is an open-source community whose goal is to make the world more privacy-preserving by lowering the barrier-to-entry to private AI technologies. With OpenMined, an AI model can be governed by multiple owners and trained securely on an unseen, distributed dataset. Differential privacy Private Aggregation of Teacher Ensembles OpenMined Now the BIG questions ahead are: How to make the most of AI for cybersecurity? What is ethical AI? Is there any scope for privacy in the future? Harnessing the power of AI can open up endless possibilities in Cyber. But respecting the data privacy and setting standards for using the data should be given priority. Although it’s a lazy intro but if it does make any sense, let’s start caring about our data. Stay tuned for . The Rajappan Project

Google

Microsoft

Target

2022 - HackerNoon Contributor of the Year - Cms

2022 - HackerNoon Contributor of the Year - Company Culture

2022 - HackerNoon Contributor of the Year - Java

Nominated for 2022 - HackerNoon Contributor of the Year - Java

Nominated for 2022 - HackerNoon Contributor of the Year - Company Culture

Nominated for 2022 - HackerNoon Contributor of the Year - Cms

Too Long; Didn't Read

Get hands-on learning from ML experts on Coursera 

Artificial Intelligence is No Match for Natural Stupidity

Artificial Intelligence is No Match for Natural Stupidity

Too Long; Didn't Read

Companies Mentioned

@kaiiyer

RELATED STORIES