Center for Strategic Assessment and forecasts

Autonomous non-profit organization

Home / Defence and security / / Articles
Artificial intelligence transformerait information security, but do not expect instant changes
Material posted: Publication date: 15-12-2017
Though artificial intelligence and appeared as far back as the 50s, to this day it is one of the most talked about, interesting and controversial technologies in the world. Artificial intelligence is a universal term that describes a set of technologies that allow computer to perform various functions like man, for example, the processing and speech synthesis, natural language processing, computer vision.

Machine learning is a class of artificial intelligence methods, which is characterized by no direct solution to the problem, and training in the application of solutions to many similar problems. Ie the idea is that the more data you collect the car, the smarter it gets.

For consumers the most known and used examples of the use of artificial intelligence are these chat-bots, as Alex from Amazon or Apple's Siri. Entrepreneurs and corporations in turn are more interested in the question of how software artificial intelligence can help in closing the "holes" such as fraud or cyber attacks, as well as in optimizing the performance of the enterprise, for example, improving the quality of customer service.

Us company Narrative Science in their research found that 38% of corporations are already using artificial intelligence technology, and by mid 2018 the number will rise to 62%. The international research Agency Forrester Research has predicted that the growth of investments in artificial intelligence technologies from this year will increase by 300% with each subsequent year.


Companies engaged in information security, is also eager to snatch a tasty morsel of new technologies – and this is not surprising, considering the fact how progression increases the number of malware and hackers.

Due to its ability of learning through the filter of many examples of behavior in different situation, analyzing huge amounts of data, Artificial intelligence can help heads of departments in information security to find the "unknown known" security threats and automate responses from a control Center, and also to improve recovery from attacks. In short, with highly qualified staff (which is very hard to find), Artificial intelligence can fill certainly not all, but most of the spaces in the IT field.

Experts have long been calling for the necessity of creating intelligent, Autonomous security systems and Artificial intelligence in the words of cryptographer Bruce Schneier can be a good tool for this task. However, according to technical Director Resilient Systems (company specializing in the protection against cyber attacks) the hype around security is too inflated. He said while it is impossible to replace humans with artificial intelligence, because to allow full volume of protection needed is the staff. But certainly interest in the technology of artificial intelligence is, as it is able to increase mental activity and, therefore, the ideal solution would be use in conjunction human resources and new technologies.

Futurist and author of the book "the Robots are coming" Martin Ford said that "good" hackers and "bad" are already using technology based on deep learning neural networks. He also fears that cyber-criminals have even go a step ahead in some cases and use bots and auto-attacks. This means that every day criminals are becoming more sophisticated.

Artificial intelligence will increasingly gain value for attack detection and rapid response in order to protect the system. Unfortunately, many organizations still use entirely manual labor, but this approach will have to change so that the systems remained safe. Many heads of departments of information security is already on the way to it.

Head of IT of Intertek Dane Warren stated that the rules of the game completely changed: through the enhanced automation, controls, robotics and intelligent agents IT industry waits for greater development of both offensive and defensive capabilities. He also added that these improvements include a more rapid response to security events, the best data and analysis "using statistical models to better predict or planning behavior."

Andy rose, Head of IT at NATS, also noted the benefits. According to him, safety is always in need of clever processes to among the huge amount of data to detect specific "hole", for example, to find and stop the flow of spam or channel of data leakage. People interact with huge amount of data, which causes great difficulties, and artificial intelligence could be the ideal solution to speed up and automate the detection of problems in the security systems.

Service providers security a permanent developing and improving due to the constantly changing threats and their varieties, and artificial intelligence technologies not far behind them.

However, technology usually are always changing faster than service providers, initial development quickly appeared with new solutions based on artificial intelligence, to improve the efficiency of the operational management Center, risk assessment and optimization anomaly detection of network traffic.

Such new business as Tanium, Cylance and LogRhythm have already jumped in this cyberspace, but attention was also attracted startups like Darktrace technology, Harvest.AI, PatternEx and StatusToday.

Corporations also do not remain on the sidelines and applying artificial intelligence in security. For example, Google engineers are working on a system based on artificial intelligence that will create their own encryption, thus completely replacing the traditional captcha. IBM launched the Watson technology, Amazon has acquired a Harvest.AI – both systems use algorithms to determine the important documents and IP, and then analyzing the behavior of users for identifying possible hacker attacks.

At the moment these technologies are still growing and focused mostly on the analysis of the data, detect threats and aid in restoration under the supervision of staff. But in the future artificial intelligence will be able to automate the operational control centre to work 24x7 and will allow staff to focus on continuity of business processes and address critical issues. Artificial intelligence may function as assistant to work in many processes and at a high enough level in Analytics, and also on a professional level in the field of security.

Chief scientific officer PatternEx Ignacio Arnaldo believes that artificial intelligence will allow managers of information security to reach a new level. According to him, security is well aware of the problems and recognize the need for tools that will increase the efficiency of operational management. Artificial intelligence can do, but blindly trust technology leaders are not yet ready, they want proof that artificial intelligence is many to surpass the efficiency of a person.

"The basis of all"

Many people still think we're getting ahead of ourselves. So far artificial intelligence is only a luxury because we live in the era when many firms do not conduct regular patch management.

At the RSA conference this year, experts on cryptography discussed how to apply artificial intelligence in the field of security, how to teach it and what is the human role in all this action. On such issues as the reliability and possible okresnosti machine, and some participants expressed the view that it is strange to see how security as the basic concept in comparison with the technologies of artificial intelligence goes by the wayside.

Andy rose announced his position, emphasizing that the professionals in the field of security should constantly improve and revise the basics – General principles and approaches, patching, SDLP, etc., or the technology of artificial intelligence to turn into a program that will tell you about the numerous violations in the processes that already happened and you did not prevent them.

Bruce Schneier is a little different position. He believes that security can be improved by using artificial intelligence, but the technology should apply only to those companies that already have established safety and pre-configured processes and ready to implement the data provided by the machine. Established principles and norms, according to him, are only an obstacle to complete automation and does not care what tools you use "black" hackers or Supervisory agencies.

A completely opposite opinion was expressed by Ford, he believes that the world is under real threat. Artificial intelligence will pose a great danger in the near to medium term, because paying such great attention to presentation as futuristic machines with super intelligence will replace human, we forget that dishonest people will also have unlimited possibilities with these technologies.

Warren agrees that in the implementation of technology there are many obstacles that must be overcome to managers on safety, because it's the future and it requires visionary thinking, while many organizations continue to "wallow in the basics". Costly rewriting applications and programs, the introduction of new threats are just some of the challenges we faced with the introduction of artificial intelligence. Therefore a balance must be struck, otherwise we will reach a point where reality and technology will no longer keep up.

Artificial intelligence is not a panacea

Artificial intelligence and security does not have to be together inseparable. Security chief Vectra Gunter of Almana in his article in early 2017 noticed that many do not see the difference between the automated security and safety technologies based on artificial intelligence. And it primarily shows how dangerous bezopasnikam to buy solutions in which they do not even need, not to mention the further application of standards of technology, quality control and management.

Chief scientific officer PatternEx Ignacio Arnaldo notes that security-based artificial intelligence technology is not a panacea. First, some attacks are very difficult to catch, because in one single organisation there is a wide range of attacks in different time ranges and different data sources. Second, the nature of attacks are constantly changing. Therefore, the biggest challenge is the constant learning of artificial intelligence.

Palmer also adds a note of criticism, pointing out that the most hyped technologies of machine learning is actually not samebecause standing on the battle client. Instead, they are trained by malware samples in the cloud provider and are downloaded to the client, such as antivirus signatures. This approach is not particularly progressive from the point of view of safety of customers and remains a backward glance.

And how soon we will see applications of the newest security technologies?

Initially, you must understand that the majority of intrusion prevention systems (IPS) are in IDS mode, i.e. the mode of intrusion detection. And it happens because companies lack the confidence to 100% rely on an intelligent system for automated selection and uncontrolled changes in their basic infrastructure. Rose notes that there are concerns that such monitoring without context can cause serious damage to the entire service, and this is a huge threat. But you also need to understand that if we do not use artificial intelligence to improve and modernize the security systems, this technology will develop in their view "bad guys", and it will be a bigger problem than that.

Palmer absolutely sure of one thing – automation and ease of use is the only way to improve security, and artificial intelligence will definitely occupy a significant share in this area.


RELATED MATERIALS: Defence and security