AI boosts defences, but there’s a downside…2 min read

Increasingly, machine learning is proving effective at removing spam, intercepting fraud, and blocking malware, However, as is often the case, there are concerns that attackers will find ways to use AI technology to their advantage. A detailed article by veteran technology journalist Robert Lemos looks at the pros and cons.

In the article he cites the benefits obtained by security firm Malwarebytes, which has successfully improved its ability to detect attacks on consumer systems. “In the first five months of 2019,” he writes, “about 5% of the 94 million malicious programs detected by Malwarebytes’ endpoint protection software came from its machine-learning powered anomaly-detection system.”

Such systems, and artificial intelligence (AI) technologies, in general, will be a significant component of all companies’ cyberdefence, says Adam Kujawa, director of Malwarebytes’ research labs.

“The future of AI for defences goes beyond just detecting malware, but also will be used for things like finding network intrusions or just noticing that something weird is going on in your network,” says Kujawa. “The reality is that good AI will not only identify that it’s weird, but [it] also will let you know how it fits into the bigger scheme.”

However, as the article explains, automated and intelligent systems can also tip the balance in the attacker’s favour.

“Initially, attackers will likely incorporate machine learning into backend systems to create more custom and widespread attacks, but they will eventually focus on ways to attack other AI systems as well,” suggests Lemos.

The first problem for both attackers and defenders is creating stable AI technology. Machine-learning algorithms require good data to train into reliable systems, and researchers and bad actors have found ways to pollute the data sets as a way to corrupt the resultant system. Polluting the dataset collected by cybersecurity firms could similarly create unexpected behaviour and make them perform poorly.

In the future companies should expect attacks to become more targeted as attackers increasingly use AI techniques. Similar to the way that advertisers track potential interested users, attackers will track the population to better target their intrusions and malware.

Click on the link to read the full article.