Artificial Intelligence in Cybersecurity

Transcript

1. ARTIFICIAL INTELLIGENCE IN CYBERSECURITY Presented by: Syed Ubaid Ali Jafri

   Global Cyber Security Speaker / Researcher & Forensic Professional | Cybersecurity Advisor | Cybersecurity Influencer

2. AI IN CYBERSECURITY – A NEW PARADIGM When using machine

   learning, human developers no longer program an algorithm to tell the computer how to solve a given problem but instead they program it to teach the computer to learn how to solve the problem. An approach to learn from data or past experience, which automates analytical model building. AI involves in the following areas and is actively working on it which includes: 1. Block Chain 2. Security Automation and Customization 3. Deep Face Recognition Technology 4. Digital Forensic 5. Data Sciences

3. CYBER SECURITY & AI – 4 ANGLES OF INFLUENCE Opportunities

   Challenges Resilience 1. AI to create smarter cybersecurity More effective security controls (antivirus, intrusion detection and prevention, email scanning), automatic discovery of vulnerabilities, automatic malware analysis, smarter cyber defence, etc. 2. Robustness/Vulnerability of AI Algorithms Adversarial machine learning (i.e. exploitation of weaknesses in AI algorithms to change their behaviour), attacks against AI powered cyber- physical systems, etc. Deterrence 4. Use of AI to fight cyber attackers & criminals Better biometrics, smarter forensics, fraud analysis, encryption challenge, fight against fake news, etc. 3. Misuse of AI Creation of deep audio video fakes, AI powered malware, smarter social engineering attacks, etc. cybersecurity risk in the context of the influence of AI and Digital Transformation

4. AI TO CREATE SMARTER CYBERSECURITY Smarter cybersecurity controls • Better

   biometric controls • Security, orchestration, automation and response (SOAR) • Implementing AI in Security Information & event management by incorporating automated logs integration based on machine learning • Automated Detection of new threat & Response • Advance threat detection & automated analysis • Vulnerability Prioritization & Risk quantification • Enhance Email filtration (spam, phishing, etc.) • Artificial Intelligence-based cyber security platform, called 'AI2,’ developed by researchers at MIT has the ability to predict, detect, and stop 85% of Cyber Automatization in labour intensive tasks • Automatic discovery of vulnerabilities • Automatic exploitation of vulnerabilities • AI applied to malware analysis • Security logs and event correlation • Automatization of security operations (e.g. incident response) • Cybersecurity exercises (attack/defense) and training • Awareness raising ANGLE - 1

5. ROBUSTNESS/VULNERABILITY OF AI ALGORITHMS Vulnerability of AI Algorithms • AI

   cannot be made unconditionally safe, like any other technology. • AI software based on machine learning techniques is found to not be robust against malicious attacks that exploit a specific set of AI vulnerabilities. • AI itself will likely be exploited and misused, for example by criminals. • Securing cyber-physical systems employing AI. ANGLE - 2

6. MISUSE OF AI Captchas https://github.com/mwrlabs/captcha_cracking AI applied to malware Social

   Engineering, deception and Identity theft AI-based attacks against authentication systems Identity theft and social engineering Phishing and cyber extortion Automated interactive attacks • More targeted (e.g. impersonation of friends; location of targets in social media) • More contextualized (e.g. language translation, use of personal information) • Massive spear phishing • Automatic ransom negotiation and assistance • Deep video fakes • Fake audio voice • Fake news • Autonomous decision making in malware (lower dependence on remote control) • Evasion of malware detection controls • Self-maintained, self-protecting and evolving botnets ANGLE - 3

7. USE OF AI TO FIGHT CYBER ATTACKERS & CRIMINALS ANGLE

   - 4 Tattoo Description To JRC ML / Deep Learning feature-based approach … Tattoo Detection Segmentation Learnt features 1st candidate 2nd 3rd Deep Learning Model Deep Learning Model Deep Learning or SVM New AI based tools: • Biometrics • Image / audio / video analytics • Localisation fingerprinting • Evidence identification and correlation • Encryption challenge • Automatic scanning • Digital Forensics (data in transit, data at rest) • Analysis of local and global context JRC ML helps identifying criminals who have printed Tatto’s on skin, system has got the ability to learn new patterns with same approach to identify criminals.