At a recent NCSA and Nasdaq security summit, three experts in cybersecurity discussed how machine learning might be exploited to avoid defenses and accelerate breaches. An article in TechRepublic reported that the summit, hosted by Kelvin Coleman, executive director of the NCSA, discussed three ways in which artificial intelligence and machine learning could be used for cybersecurity attacks:
- By attacking the data sets used for machine learning models, to deliberately force a reduction in the accuracy of the results. Said Elham Tabassi, chief of staff information technology laboratory for the NIST, “Data is the blood and fuel for machine learning and as much attention should be paid to the data we are using to train the models as the models.”
- By using Generative Adversarial Networks (GANs) to create fraudulent content that mimics the original. The outputs can be used by attackers to create authentic looking traffic patterns, which can hide malicious activity, or as an aid for password cracking.
- By deploying bots to trick AI algorithms. Said Greg Foss, senior cybersecurity strategist at VMware Carbon Black, “If attackers understand these models, they can abuse these models,” noting the use in a recent attack on a cryptocurrency trading system.
Source:
