Robots can help fill the skills gap in cyber security, but what if the AI system itself gets hacked?


From smart cars to smart roads, smart cities, to robot farms operating without human intervention, the impact of artificial intelligence (AI) is starting to take shape.

AI has for some time been deployed in areas such as data mining and logistics. It is also the technology enabler that will make driverless cars or computer assisted driving a reality. BMW is developing an AIbased co-pilot system known as the “Companion” aimed at enhancing driver perception as well as keeping them informed with continuous real-time information. Most major car manufactures are working with similar aspirations around the technology – either in terms of fully autonomous vehicles or by improving driver safety and comfort.

Elsewhere, research projects are examining vehicle to vehicle communications aimed at keeping cars a safe distance from each other at all times and ultimately negating the need for traffic lights, thus reducing congestion. Similarly, AI-based car sharing schemes could transform fleet management as well as traffic flow.

BMW is also looking at advancing its AI concepts even further through shared ownership protocols for its MINI cars – recognition technology which means that whatever MINI is being driven will always “belong” to the user and adapt accordingly.

IBM was one of the first companies to try to harness the power of AI when it created the cognitive computing platform Watson. The genesis of Watson comes from the success of IBM’s Deep Blue chess computer which beat grandmaster Gary Kasparov in 1997. IBM then went a step further and developed a question answering computer system that was ultimately able to compete against and beat human contestants in the US TV gameshow Jeopardy.

More than a decade later and the Watson project has grown exponentially, working with natural language and vast quantities of data to offer a range of applications from healthcare and biotechnology to research and development and cyber security, as Martin Borrett, chief technology officer at IBM Security Europe explains.

Unlike Deep Blue, Watson is not a physical machine that sits in an office – it is a cloud ser vice “a big corpus in the cloud,” as Borrett describes it. A cloud with a phenomenal skill set.

Borrett calls Watson’s cognitive ability “one of the most ground breaking things we have seen in recent times” and something “more than just artificial intelligence”.

Insatiable appetite

Over the last couple of years, IBM has been applying Watson’s cognitive capabilities to a number of different industries – with particularly positive outcomes around cyber security. This is crucial considering one of the inherent risks around AI is a potentially increased exposure to cyber attacks.

However, rather than increasing vulnerability, Borrett believes AI will help deliver better protection. “It has been particularly interesting for me from a security perspective, teaching Watson about security and the language of security which has its own peculiarities,” Borrett says. “It is fascinating because you would not imagine that a computer system would understand natural English and all the nuances of English and the subtleties of the way we use some of those expressions and yet it can.”

Key to Watson’s success, however, is its ability to consume, analyse and learn from vast quantities of information.

“Sometimes people forget that although there is a lot we don’t know about cyber security there is an awful lot that we do,” Borrett says.

“There are expert and academic articles, blogs, news stories – a huge wealth of information and evidence. The problem [for humans] is consumability. I can only read so much every day, so how do I assimilate all those pieces of information when you are talking about millions of documents? That is where it has been so exciting – to not just teach Watson the language of security but to get it to digest all that information.”

Watson’s insatiable appetite has recently been put to the test as part of a Beta security programme among a number of IBM clients.

“In the Beta programme, the current corpus has around a million documents in it and Watson is able to look through those and gain insights for a particular client against a particular query,” Borrett says. “For example, one of our Beta customers will see an incident in their dashboard – there will be a human analyst there also looking and trying to figure out whether this is a false-positive incident or whether it is real. If it is real what action should they take? And that process is quite manual – it takes a lot of experience, some intuition and various tools. So the whole premise here is to provide an advisory capability to allow the analyst to take some key indicators they find on that dashboard and pass that to Watson.

“Watson then searches across that body of knowledge to look for related incidents and other matching indicators and comes up with a hypothesis of what it could be. It does that by searching the corpus in just a few minutes.”

So far, says Borrett, results have been “quite promising in two dimensions”.

“First, the speed of research. Watson comes back in minutes with something that several of the customers had told us their analysts would definitely have found – they would have got to half of it - but it would have taken them about three hours. So you have more complete analysis in a fraction of the time.

“Second, in a couple of test cases where they ask an analyst and Watson the question in parallel and compare the two outcomes there have been several instances where the analyst thought it wasn’t a real incident – a false positive – but where Watson actually found several things that the analysts missed.

“It is quite sophisticated in the way that it can come back with a hypothesis and then do further validation of that automatically.”

Better still, Watson is extremely efficient. “It, doesn’t get tired, sleepy or bored and it is not just a straight analytic engine,” says Borrett. While the same could be said of other analytical systems, Watson has a further special skill which sets it apart. “Watson can look for non-intuitive relationships between data,” he says. “It can use things like graph theory and various other mathematical theories and pull things together that are not intuitive.”

Watson can also start to turn the tables on hackers. “Organised criminals have a modus operandi,” Borrett says. “They reuse malware, they reuse code and techniques. They create variants around a theme. So again, there is quite a lot you can do to better equip yourself. You cannot stop it all but you can spot it in a more timely way and the better prepared and more mature organisations are able to do that.”

Security weapons

Deloitte is another organisation developing aspects of machine learning linked to cyber security. Massimo Cotrozzi, director of cyber security at Deloitte, says the company is also developing its own tool to get data “proactively communicating to us”.

“We are trying to get to the unknown unknowns – to find the outliers in the vast amount of data that we have,” Cotrozzi says.

“When you start talking about security, people start looking at high risk or high volume alerts – the sort of thing that has happened millions of times. What is interesting are the things that have happened just once; those single instances among the millions in the data. Why, and what is the reason for the single occurrence in 365 days? That is interesting.

“Deciding what is meaningful is often very complicated for an analyst, especially if someone comes up with something that has not been done before. Only an algorithm can understand it. What we are doing here is deploying something that learns by itself.

“To do this, it has to understand what is normal without a human telling it so. It decides this based on use, frequency and other methods – and then provides information to the analyst. It will ask if something is good or bad. If bad, then from then on everything like it will be considered bad. The algorithm continues learning in this way and if something happens that is different, it provides analysts with an understanding.”

Global cyber crime security specialist Peter Hacker, co-founder of Distinction.Global, says AI will ultimately improve the speed of response to attacks so that defensive measures are taken while a breach is ongoing.

“AI systems are able to respond to an incident in what is called near real time. With threat vectors mutating constantly, an AI system can react because its algorithms follow an attack and develop a bespoke defensive response.

“AI gives a system the capacity to learn from and counter threats and also to identify them at an earlier stage. This will bring a real time rather than near real time response. The inherent ability to anticipate also increases the readiness to be able to develop an appropriate response. This will have a huge impact on preventing cyber crime.”

But what about the risk that the AI system itself gets hacked?

“We must make sure the AI itself is resistant to attacks,” says Hacker. “We must make sure that the systems and the software behave as they are supposed to.”

Cotrozzi concedes it could be a target for attacks because the AI “knows a lot about your organisation and how it works”.

“Hackers want to know when to hack something, and the AI system is where the knowledge is,” Cotrozzi says. “Security of the machine itself is important.”

Both Cotrozzi and Borrett agree that although systems such as Watson are proving to be powerful security weapons, they will not make the human element of cyber protection obsolete. Instead they are fulfilling a vital need and supporting hard-pressed IT teams.

“We have a huge gap in skills when it comes to cyber security and this gap is growing despite all the efforts to train more people,” Borrett says. “So in an environment like that Watson can only help to augment an already stretched workforce.”

In medicine, another area where Watson is proving to be especially effective, Borrett believes that it will be “many years, if ever”, before human doctors are replaced by an AI equivalent.

“There is no thought that we are going to put doctors out of work or that you would not have a doctor there with Watson, it really is seen as an advisory capability,” he says. “I think this will remain the case for many years to come.”

So will AI render millions, possibly billions, of people around the world redundant in the future? “These systems are becoming incredibly powerful and capable but there is still that human judgement, intuition or gut feel,” says Borrett. “I think we are still truly a long way off from truly and complete autonomy for a system like that. If ever.”