Of ML and malware: What’s in store?
All things labeled Artificial Intelligence
(AI) or Machine Learning (ML) are making waves, but talk of them in
cybersecurity contexts often muddies the waters. A new ESET white paper sets
out to bring some clarity to a subject where confusion often reigns supreme
It is no mean feat to find an area in
business and technology where the proponents of Artificial Intelligence (AI) or
Machine Learning (ML) don’t tout the benefits of any of their manifold
applications. Cybersecurity is no exception, of course. Given the promised
benefits of the technology and the urgency of stemming the rising tide of
internet-borne threats, the sustained fever that this “next big thing” has
triggered is understandable.
However, this is also why it might be good to
cool down and consider the broader picture, including where the technology’s
often already-apparent promise and limitations reside. And, of course, it would
be remiss of us should we also not consider the attendant risks and ask the
question whether AI can fuel future malware.
https://www.welivesecurity.com/2018/09/04/ml-malware-whats-in-store/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29
ML has brought various benefits to cyber-defenders,
including enhanced scanning, faster detection, and improvements in the ability
to spot anomalies. Ultimately, all this has contributed to a higher level of
protection for many enterprises.
On the other hand, the potential of the
technology isn’t lost on adversaries, who are likely to attempt to harness its
efficiency to fuel cyberattacks, especially those of the labor-intensive kind.
That leads to the threat of cyberattacks ultimately becoming more difficult to
detect, track, and mitigate.
ESET is well-positioned to offer its insight
into the upcoming challenges and possible scenarios, having fought crafty
attackers for more than three decades, including with the help of supervised ML
for years. The white paper considers ways in which AI/ML could be co-opted by
attackers, such as for protecting their own infrastructure, for generating and
distributing new breeds of malware, for conducting reconnaissance of targets,
and for identifying vulnerabilities in company systems, to name just a few possibilities.
To be sure, a survey commissioned by ESET has
found that the prospects for the virtuous and the villainous applications of
AI/ML are not lost on IT decision makers in US, UK and German businesses. In
addition to shedding light on their attitudes towards the implications of AI/ML
both for offense and defense, the poll also finds that many executives are
aware of the vendor hype that encompasses the subject.
Indeed, the limitations of the technology are
often lost in all the hype about the “brave new world” that AI/ML is poised to
proffer. However, our extensive experience in endpoint security and
experimenting with applying several ML approaches to it lays bare several ways
in which ML algorithms in general may fall short or be susceptible to subversion.
Claims about ML-based defensive solutions being fail-safe are, of course,
fact-challenged. Instead, a multi-layered approach where ML is but one brick in
your wall can augur well for your defenses.
To learn more about the different facets of
AI/ML outlined above, as well as about the inner workings of ESET’s
implementation of ML in its multi-layered engine and its business and home
solutions, head over to the white paper itself.