EXPERT PANEL: Recorded on Feb 22, 2017
A few key take-aways from the session:
- We could see some bad actors leveraging AI and ML, most likely in the area of ransomware
- Information security professionals have a delicate ethical balance to strike when it comes to collecting, using, and exposing data in and from their AI/ML systems
- We are already seeing organizations 'pit' their ML systems against each other as well as using one ML system to train another ML system
- Ultimately, context is key... it's the context surrounding the data that provides the real value
Is artificial intelligence real?
Which poses the greatest threat?
Sean Martin, CISSP, Founder and Editor-in-Chief at ITSPmagazine
Sven Krasser, Chief Scientist at CrowdStrike
Igor Baikalov, Chief Scientist at Securonix
Stephan Jou, CTO of Interset
Engin Akyol, Co-Founder & CTO of Distil Network
Artificial Intelligence and Machine Learning are becoming more pervasive in the cybersecurity space, but it is not the panacea everyone thinks it is. Lacking real case studies, many vendors must resort to simulated data and made-up scenarios to demonstrate their product capabilities. Moderator Sean Martin, Editor in Chief of ITSP Magazine, asked the expert panelists to share their insights as to how AI and/or ML can be used to help address a variety of cybersecurity risks.
Leading into this actionable advice, the panel provided additional insights, including:
- The difference is between AI and ML
- How AI and ML can be used for good … and evil
- What the future of AI and ML looks like
HERE ARE SOME ADDITIONAL ANSWERS TO COMMENTS AND QUESTIONS RAISED DURING THE WEBINAR FOR WHICH WE WERE UNABLE TO ADDRESS DURING THE LIVE SESSION
Question: What is your opinion to use open source artificial intelligence software to analyze closed proprietary commercial "black-box" software. In order to reveal intentionally embedded malware / adware / spyware by the biggest and the most famous world companies. I see the biggest CyberSecurity risks are relying on closed software and using security software to attack end-users.
Baikalov: It's no different than detecting bad-ware in any other form of digital content; and while there are AV companies that claim 99.9% detection using AI on static binaries, I'd highly recommend to look at the run-time behavior and communication patterns too. You can definitely use open source AI, but it will require quite a bit of training and significant malware expertise to achieve decent detection rates.
Question: Marc Van Zadelhof, the general manager of IBM Security, said at RSA 2017 that IBM Watson has been building to be a cybersecurity powerhouse. I use to stress that 'Ai' good and 'AI' bad are two sides of the same 'AI' coin and I cannot see how IBM can stop someone from acting a certain way. For example, someone poses like a researcher and he is actually a terrorist. Shouldn't the 'Partnership on AI' formed by Google, Facebook, Amazon, IBM and Microsoft take it seriously?
Jou: I agree the overall sentiment that AI is just a tool that can be used by both good and bad, and also that partnership and openness by all companies — not just the ones listed in your question — is important for us to defend against attackers. The reality is that the bad guys have better tools than we do and they collaborate more (talking in the dark web, sharing techniques and scripts, building toolkits). On the AI side, I’m a big fan of openness, transparency and sharing of the analytical models and methods of all companies, including Interset. It’s important for us to win this war.
Question: Humans are one of the weakest links in cybersecurity. What is your thought about employee awareness training as a way for a corporation to fight phishing emails and not ML?
Baikalov: I believe it's not either/or, it's both: defense in depth. You need robust, continuously-learning ML algorithms to stop most of the phish and detect new twists in constantly evolving phishing campaigns, and you definitely need employee awareness to defend not only against an occasional phish that slips through, but also against smiishing, vishing, pharming, and whatever else bad guys throw at you. See my post on Modifying Employee’s Risky Behavior and (much) longer ICIT Insider Threat Brief
Jou: I would support Igor’s response that it’s always going to be people, process and technology. I would also say that for some use cases, employee education (while always important) can be less effective — for example, employee education is less effective in insider threat use cases where the employee is intentionally and maliciously engaging in data theft or hacktivism.
Question: Are new security controls being developed to detect and defeat AI/ML emerging threats?
Jou: Yes, the industry shift in fact incorporate more AI-based, signature-less methods is in fact a direct response to handle rapidly changing and emerging threats.
Question: Is AI meant to replace or compliment human intuition ? (In context of security forensics)
Baikalov: Definitely augment - with logical conclusions based on the extensive knowledge base that might be beyond the capacity of an ordinary human. Intuition, in my layman's understanding, is an amazing ability of the human brain to instantly recognize a previously learned pattern to connect concepts or entities that are not necessarily logically connected.
Resolving technological issues, like creating a vast repository of facts to operate on, or developing massive parallelization to perform fuzzy pattern matching, is not enough. Artificial Intuition's biggest challenge is the ability to loosen up, or daydream in human terms; to break away from logical thinking. Perhaps, zapping a neural network with a taser will do the trick?
Question: How well do ML AV products stack up in this field?
Krasser: Machine Learning has indeed become a hot topic in the AV space with many products now making claims of utilizing it. At CrowdStrike, we take pride in having created the first purely ML-based AV engine that is integrated into VirusTotal, exposed to public scrutiny and ready for you to try it out. (You can read more about how it works on our blog.) In summary, this performs extremely well with a very small footprint.
There are some more nuances to consider when evaluating these types of products. First of all, it is actually fairly easy to integrate basic ML, so just ticking that checkbox does not tell you a whole lot about how the product performs. With ML, the saying “garbage in/garbage out” still holds true, and therefore access to quality data is crucial. At CrowdStrike, for example, we use vast amounts of cloud telemetry that our EDR application provides to sophisticatedly tune our next-gen AV models.
Next, let’s look at AV detection rates. Generally speaking, detecting 99% of malware is considered good in the industry. With enterprises facing advanced persistent threats (APTs) that is no longer sufficient. If you do the math, when an APT attacker launches as little as 350 independent attacks, there’s a likelihood of over 97% that at least one attack is successful. And one attack slipping through is all that is needed to get breached. To make matters worse, only about 40% of breaches actually involve malware.
The upshot is that ML based AV products work well to detect malware, especially new and unseen malware as that is the primary appeal of moving from signatures to ML models. But for a product to keep your network safe, you will need to look beyond just AV. At CrowdStrike, for example, we leverage Indicators of Attack (IoAs) to capture intent and objectives of actors to detect on those more abstract concepts.