AI is a major driver of digital transformation and will have a profound impact on our society. Cybersecurity threats is one of our main concerns at IoTerop, that is why in partnership with the Montpellier Laboratory of Informatics, Robotics and Microelectronics (LIRMM), we invest in Cybersecurity and AI techniques to improve overall security performance and provide better protection.
Yohan, as a software engineer with an expertise in Artificial Intelligence (AI) & Cybersecurity, could you tell us more about where does AI stand today and what are the challenges we are facing?
AI is a broad term most commonly associated with the idea of machines performing tasks in intelligent ways. Looking closer we see it is composed of several branches, including Machine Learning (ML), Neural Networks (NN) and Deep Learning (DL). There are a lot of different algorithms for each category, with different goals. For example, NN and DL work very well for image recognition. However, Cybersecurity relies mostly on Machine Learning to achieve its goals. ML is based on the concept that machines can process and learn data on their own. A basic architecture to detect attacks with ML would be:
- Define rules. What constitutes a threat (pdf, malware, network intrusion, DoS, etc.)?
- Create a ML model to detect the defined threat based on rules and train the system to recognize such attacks.
- Define appropriate actions according to threat. System analyzes inputs and alerts the security operators if an attack or anomaly should be detected. They would then take an appropriate course of action in face of the threat.
Figure 1: ML architecture for Cybersecurity
However, for now, there are several limitations and challenges before deployment to be really pragmatic.
Here some examples:
- Machine Leaning algorithms produce (lots of) false positive meaning security operators will need to deal with, making ML complicated to be pushed in production. Thus, the first challenge is to reduce these false positives. The goal is better security and efficiency. Not one or the other.
- ML helps to defend against attacks but are likewise vulnerable to attacks as well. For example, adversarial examples and data poisoning can lead to unexpected results. In figure 2, we can see the system recognizes the first image as a panda, but if data are added as this image, the system recognizes a gibbon. But for us the image is still a panda. We could imagine the same scenario for Cybersecurity, an attacker can try to bypass the detection by adding data to his payload.
Figure 2: Data poisoning example
- Machine learning is trained to recognize an attack using vectors. This means the security administrator would need a lot of expertise to configure the system and cannot predict new attacks such a 0-day. Thus, the system would never be 100% secure as it could be just using ML.
A better approach would be to characterize the system in its “normal” behavior and capture any anomaly to detect attacks. However, this is very complicated and the research is not yet ready to deploy such system. Eventually we could imagine a system that is truly intelligent in the sense it would be adaptive leveraging advanced AI capabilities to automatically deploy countermeasures without human oversight. This kind of autonomous ability however would bring its own challenges.
We can see the synergy between AI and IoT. As an embedded software company, what role do you play in AI?
Even though machines are stepping into our lives from our vacuum cleaners to Siri or Alexa to more underlying technologies such as self-driving vehicles or AI-assisted surgery, AI is still at a blossom stage. As an IoT service provider, we need to pay attention and be part of the innovation process.
There is a commonly expression used that “data is dumb.” We understand that data alone does not create value. Only once we take data, study it, contextualize it and then make decisions is value created. Decisions have always been left to humans. However, humans can’t really process huge data sets in real-time.
If we can transfer human-like decision making skills to computers that are able to process vast amounts of data being collected in real-time from IoT we will create opportunities in key sectors like healthcare, transport, manufacturing and Smart Cities that are as of yet unimagined.
The interdependence between what we do at IoTerop and AI is obvious. AI is going to broaden and deepened intelligence throughout organizations by leveraging IoT. Analysts now consider data the new oil. We can think of Open Standards and IoT interoperability as crude oil which AI will refine to create new efficiencies. AI, Open Standards and IoT interoperability are the essential ingredients to this “refining process” we now call Industry 4.0.