The good, the bad and the ugly: Artificial intelligence
Posted: 23 February 2017 | By Darcie Thompson-Fields
While the future promised by films such as Minority Report remains a fantasy, advancements in the field of artificial intelligence (AI) make a world where computers outsmart humans seem increasingly likely.
Computer security is an arena that would be an obvious benefactor from AI. Computer code is riddled with flaws because it is inherently complex, poorly documented and of course…written by humans. Today, it is largely the task of humans to root out those same flaws and patch them – a costly and time-consuming process that ensures a large window of opportunity for hackers, should they uncover those flaws before they can be addressed.
The impending impact of AI
The Defense Advanced Research Projects Agency (DARPA) was so interested in the potential impact of AI on computer security that it was willing to place a £44M bet to find out what that potential was. It held the Cyber Grand Challenge at the famed DEFCON security conference last summer with £4M in prize money on the line.
In this, seven teams were granted access to a DARPA-supplied super computer and tasked with writing a bot that could independently seek out and identify software vulnerabilities, write proof of concept exploit code to exploit them and at the same time, patch and defend their own system from attack. Once the bots were launched, the teams could only sit back and watch as no human intervention was permitted.
So what did this determine on the impact of AI? It wasn’t a complete success, with bots failing to complete the full competition and disabling machines that they were meant to protect. Though in the end, the bots did uncover vulnerabilities with impressive speed, some of which would until recently have not have been uncovered without days of effort by highly skilled reverse engineers.
Automation is here to help, not replace
So while the potential of AI for security is exciting – it remains a work in progress and by no means presents an imminent threat to skilled workers or deserves the bad reputation it has gained of late.
Generally speaking, while automation is making jobs easier it doesn’t mean that computer security researchers need to be concerned about job security. AI is simply able to tackle some of the low hanging fruit so that IT executives can focus on the larger challenges. Machine learning, a subset of AI is, in fact, an area where practical applications for computer security are already emerging. For tasks such as separating malicious binary files from benign ones, or in the emerging industry of user behaviour and event analytics (UBEA), commercial security products and services already exist.
Two sided AI
But, if there’s one thing that history has taught us, it’s that powerful tools can be used for both good and evil. As AI evolves to become an effective tool for securing computer systems, it will also be used to exploit them. Hackers will also desire AI technologies to root out vulnerabilities, but for the purpose of exploiting them before they’re patched. Machine learning will provide a powerful capability to sift through massive amounts of data to quickly focus on interesting gems. Stealing millions of records from a government agency to identify targets vulnerable to extortion is a time-consuming task for a human, but not so much for a computer.
If AI and machine learning promises hackers such an invaluable tool, why aren’t we seeing it widely used today? Technical challenges and cost are certainly factors, but the reality is far more basic. Today, software vulnerabilities remain far too plentiful and humans far too susceptible to social engineering attacks to justify the effort. If you want to compromise a network or steal a password, AI simply isn’t necessary. That will of course change over time as AI becomes a realistic tool for securing computer systems, it too will become a necessary tool for attackers.
Zscaler, Inc., the leading cloud security company, is revolutionising Internet security with the industry’s first Security as a Service Platform. As the most innovative firm in the $35 billion security market, Zscaler is used by more than 5,000 leading organisations, including 50 of the Fortune 500, protecting more than 15 million users worldwide against cyber-attacks and data breaches.