MixMode CTO and Chief Scientist, Igor Mezic, recently contributed an article for Techiexpert that examines three modern AI adversarial attacks, the financial toll they are having on some of our most important systems (including healthcare), and how predictive, third-wave AI is the only future-proof cybersecurity solution to protect organizations from these intelligent attacks.
From the article:
Why does this keep happening? Because it works for the hackers.
The problem partially lies in the outdated cybersecurity solutions organizations employ to protect themselves. And the sad thing is, it’s not always the enterprises fault. Security vendors are making untrue claims about the capabilities of their solutions and the AI that serves as their backbone. A dirty secret held by many enterprise cybersecurity vendors is that although they may make fantastical claims about the level of AI underpinning their technology, that the technology isn’t utilizing true Artificial Intelligence at all.
The majority of these platforms use basic machine learning that only allows for labeling of attacks they have seen before. This simply will not work if the hack has never been seen before and is useless in protecting enterprises from attacks using advanced adversarial technology. Why is that? It has to do with the AI types, or as DARPA refers to them, ‘Waves’ of AI.
Most AI used today in cybersecurity is actually what is referred to as first or second-wave AI, and this more rudimentary form of AI, which relies on constant human labeling of data and creation of rules, is leaving enterprises woefully unprepared against today’s cyber attacks.
First-wave AI is rule based and second-wave AI relies on label driven data, so it has a little bit of interpolation ability but no extrapolation ability. Third-wave AI is completely different as an architecture and it is really structured to learn in the same way that humans learn by starting with an unsupervised baseline, a generative model of the network, then adding on specific tasks it should focus on, and finally interacting with the user in order to add labels to these events.
Most of the so-called “AI” security systems available today are only doing the latter part– labeling and creating rules based off of those labels. However, these are pointless in stopping many of the more advanced methods of hacking that are currently being used to cause massive amounts of damage to enterprises, such as Ransomware, GANs and Man in the Middle Attacks.