{"title":"AI vs. AI: Exploring the Intersections of AI and Cybersecurity","authors":"Ian Molloy, J. Rao, M. Stoecklin","doi":"10.1145/3445970.3456286","DOIUrl":null,"url":null,"abstract":"The future of cybersecurity will pit AI against AI. In this talk, we explore the role of AI in strengthening security defenses as well as the role of security in protecting AI services. We expect that the scale, scope and frequency of cyber attacks will increase disruptively with attackers harnessing AI to develop attacks that are even more targeted, sophisticated and evasive. At the same time, analysts in security operations centers are being increasingly overwhelmed in their efforts to keep up with the tasks of detecting, managing and responding to attacks. To cope, the security industry and practitioners are experimenting with the application of AI and machine learning technologies in different areas of security operations. These include a diverse set of areas such as detecting (mis)behaviors and malware, extracting and consolidating threat intelligence, reasoning over security alerts, and recommending countermeasures and/or protective measures. At the same time, adversarial attacks on machine learning systems have become an indisputable threat. Attackers can compromise the training of machine learning models by injecting malicious data into the training set (so-called poisoning attacks), or by crafting adversarial samples that exploit the blind spots of machine learning models at test time (so-called evasion attacks). Adversarial attacks have been demonstrated in a number of different application domains, including malware detection, spam filtering, visual recognition, speech-to-text conversion, and natural language understanding. Devising comprehensive defenses against poisoning and evasion attacks by adaptive adversaries is still an open challenge. Thus, gaining a better understanding of the threat by adversarial attacks and developing more effective defense systems and methods are paramount for the adoption of machine learning systems in security-critical real-world applications. The talk will provide an industrial research perspective and will cover research conducted at IBM Security Research over the several years.","PeriodicalId":117291,"journal":{"name":"Proceedings of the 2021 ACM Workshop on Security and Privacy Analytics","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 ACM Workshop on Security and Privacy Analytics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3445970.3456286","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The future of cybersecurity will pit AI against AI. In this talk, we explore the role of AI in strengthening security defenses as well as the role of security in protecting AI services. We expect that the scale, scope and frequency of cyber attacks will increase disruptively with attackers harnessing AI to develop attacks that are even more targeted, sophisticated and evasive. At the same time, analysts in security operations centers are being increasingly overwhelmed in their efforts to keep up with the tasks of detecting, managing and responding to attacks. To cope, the security industry and practitioners are experimenting with the application of AI and machine learning technologies in different areas of security operations. These include a diverse set of areas such as detecting (mis)behaviors and malware, extracting and consolidating threat intelligence, reasoning over security alerts, and recommending countermeasures and/or protective measures. At the same time, adversarial attacks on machine learning systems have become an indisputable threat. Attackers can compromise the training of machine learning models by injecting malicious data into the training set (so-called poisoning attacks), or by crafting adversarial samples that exploit the blind spots of machine learning models at test time (so-called evasion attacks). Adversarial attacks have been demonstrated in a number of different application domains, including malware detection, spam filtering, visual recognition, speech-to-text conversion, and natural language understanding. Devising comprehensive defenses against poisoning and evasion attacks by adaptive adversaries is still an open challenge. Thus, gaining a better understanding of the threat by adversarial attacks and developing more effective defense systems and methods are paramount for the adoption of machine learning systems in security-critical real-world applications. The talk will provide an industrial research perspective and will cover research conducted at IBM Security Research over the several years.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
