IN-DEPTH: As the war against malware rages, smart software could be the key to getting ahead of hackers
There is a caveat to using AI systems in cyber security, according to Gartner’s research vice president Anton Chuvakin.
He pointed out that it is very difficult to know how machine and deep learning systems are detecting and combating malware due to their self-learning capabilities.
“Sure, it can show you the connection it flagged as ‘likely bad’, but it cannot explain WHY it flagged it, apart from some vague point like ‘it was 73 percent similar to some other bad traffic seen in the past’,” he said.
“Same with binaries: even if you amass the world’s largest collection of known good and known bad binaries, build a classifier, extract features, train it, etc – the resulting system may not explain why it flagged some future binary as bad.”
Faith in computers
While Chuvakin was open to machine learning and AIs helping him decide what to buy on Amazon he was not convinced that the inability to not know exactly why something has been categorised as a threat is acceptable for the high stakes of cyber security.
He noted such a system would be akin to a security guard shooting a person based on pre-defined statistical criteria and past experiences, rather than actually posing an immediate threat.
It’s a compelling counter point, but as cyber threats continue to grow and have the potential to allow hackers to wreak havoc, machine learning and AI is arguably needed in some form to help beleaguers cyber security specialists fight the onslaught of threats.
In the near-future than may take the form of using smart systems that acts as a means to alert IT teams to threats but leaving it up to a human to take action, rather than ceding compete control over to the machines.
How much do you know about the world’s technology leaders? Take our quiz!