Will artificial intelligence revolutionize cybersecurity?
Most people probably have no idea they encounter artificial intelligence technology at nearly every turn on the Internet. It's how retailers track shoppers' behavior and show them ads that attempt to match their听tastes in clothing or electronics.听
While that's a relatively simply use of artificial intelligence, often known as just AI, researchers, entrepreneurs, and US government officials are investing heavily into moving much more advanced AI into health care for such pursuits as drug research, automotive technology like self-driving cars, and even for teaching computers how to track and defend themselves against hackers.听
In fact, within the past year, security startups, leading academics, government agencies, and some of the largest digital security firms in the country have invested heavily in AI technology for cybersecurity, believing that recent advancements in processing power could allow听computers to outperform humans when it comes to many aspects of听defending networks.
"Just imagine a world in which bots are out there looking for vulnerabilities and other bots or artificial intelligence is simultaneously poking holes, plugging holes, poking back," said Ryan Calo, a law professor and director of the Tech Policy Lab at the University of Washington, a think tank that examines cybersecurity and AI policy.
Those kinds of systems are already beginning to enter the marketplace.听Last year, big data startup Splunk听听consulting firm Booz Allen Hamilton to offer artificial intelligence-powered services to help deter attacks. The cybersecurity firm Kaspersky Lab has patented technology听听false positives for machine learning algorithms.
This week, it will host a series of summertime workshops to further explore the benefits of AI in the government and the private sector.
"AI systems can also behave in surprising ways, and we鈥檙e increasingly relying on AI to advise decisions and operate physical and virtual machinery 鈥 adding to the challenge of predicting and controlling how complex technologies will behave," said听Ed Felten, deputy US chief technology officer, in a statement announcing the initiative.听
Additionally, the Defense Advanced Research Projects Agency (DARPA), the Pentagon's research wing, recently announced plans to develop a program to use AI to uncover culprits 鈥 whether criminal gangs or nation-state hackers 鈥 behind cyberattacks.听
That's the kind of technology that can听provide a leg up to security teams attempting to find attacks in reams of network traffic every day,听said Steve MacLellan, chief executive officer of听Blue Sky Management and Research, a firm that invests in cybersecurity startups.
"Humans are overwhelmed by data,鈥 said Mr. MacLellan. "The promise of AI says, if I can teach the machine to dynamically adapt. If I鈥檓 getting these hundreds of different signals coming in, the machine learning part says 鈥楬ey, this one is more important than that one.'"
Indeed, the amount of data that cybersecurity professionals and researchers contend with can be overwhelming, and the amount of information on cyberattacks and malware is growing expeditiously every day.听
"As a rule of thumb, AI benefits tremendously the more data that you have," said David Brumley, a computer science professor at Carnegie Mellon University and the cofounder of the cybersecurity startup ForAllSecure.
"We鈥檙e really in this nice time period where the amount of data we have and the sophistication of our algorithms give us much more accurate answers," he said.
Similarly, a startup that spun out of the听Massachusetts Institute of Technology called听PatternEx wants to听harness the power of machines to fight off hackers. Its听AI2 听platform 鈥 听鈥撎齛ims to combine big data technology with advanced听cybersecurity analysts in hopes of better understanding how to stop cyberattacks.听
Like other systems, AI2 culls networks for suspicious activity using a machine-learning algorithm that鈥檚 not supervised by humans. But since automated systems can only detect abnormalities 鈥 not attacks 鈥 Mr. Veeramacheni designed the program so it doesn't generate an alert every time it spots something unusual,听which can cause headaches for security teams that run routine penetration tests.
Instead, AI2 only spits out 100 to 200 threats each day, giving human analysts the ability to听label attacks by type, IP address, and similarity with old strains of malware, training the machine to get smarter to hackers.
PatternEx has already tested out the program using data from an unnamed e-commerce site, and plans to roll out the technology to a handful of Fortune 500 companies later this year.
But other companies drawing upon big data and AI to bolster cybersecurity aren't ready to cut the human out of the process entirely.
"The MIT system [AI2 ]听is starting out with an unsupervised learning system," said Chris McCubbin, director of data science at Sqrrl,听a cybersecurity startup. 鈥淭here鈥檚 a lot of things that are unusual that the system鈥檚 not going to know about."
Still, many AI researchers and backers say that AI systems will eventually become smart enough to know the difference between an听innocuous computer glitch and a malicious attack.
"As technology grows, you'll have smart houses, you'll have the Internet of things, you'll have all of these things are generating sensor data," said Blue Sky's MacLellan. "You need a platform that can consume that data."听
听
