logo
allArticlesConferencesPresentations

AI & ML in Cyber Security - Why Algorithms are Dangerous

Conference:  BlackHat USA 2018

2018-08-09

Summary

The blind application of algorithms, including deep learning, in cybersecurity is dangerous and can lead to wrong results. Companies should invest in experts and build systems that absorb expert knowledge.
  • Algorithms are not spaghetti that can be thrown on the wall to see what sticks. Understanding data and algorithms is crucial.
  • Invest in people who know security and build systems that absorb expert knowledge.
  • The blind application of algorithms, including deep learning, can lead to wrong results.
  • Companies should focus on building systems that learn from and absorb the knowledge of experts.
The speaker emphasizes the importance of understanding data and algorithms before applying them blindly. He warns against relying solely on algorithms to detect anomalies in data without having a clue what the algorithm just did. The lack of explainability and verifiability in deep learning algorithms is concerning, as it is difficult to trust a black box to make the right decision in all kinds of different areas. The speaker suggests that companies should invest in experts and build systems that absorb expert knowledge, rather than relying solely on algorithms.

Abstract

Every single security company is talking in some way or another about how they are applying machine learning. Companies go out of their way to make sure they mention machine learning and not statistics when they explain how they work. Recently, that's not enough anymore either. As a security company you have to claim artificial intelligence to be even part of the conversation.Guess what. It's all baloney. We have entered a state in cyber security that is, in fact, dangerous. We are blindly relying on algorithms to do the right thing. We are letting deep learning algorithms detect anomalies in our data without having a clue what that algorithm just did. In academia, they call this the lack of explainability and verifiability. But rather than building systems with actual security knowledge, companies are using algorithms that nobody understands and in turn discover wrong insights. In this talk, I will show the limitations of machine learning, outline the issues of explainability, and show where deep learning should never be applied. I will show examples of how the blind application of algorithms (including deep learning) actually leads to wrong results. Algorithms are dangerous. We need to revert back to experts and invest in systems that learn from, and absorb the knowledge, of experts.
Materials:
Slides
Tags:

Post a comment

Related work

Ruling StarCraft Game Spitefully -- Exploiting the Blind Spot of AI-Powered Game Bots

Conference:  BlackHat USA 2020
Authors:
2020-08-05

Only takes a Spark - Popping a shell on a 1000 nodes

Conference:  Defcon 28
Authors:
2020-08-01

Machine Learning over Encrypted Data with Fully Homomorphic Encryption

Conference:  RSA Conference 2023
Authors: Benoit Chevallier-Mames, Jordan Frery
2023-04-24

How to Design, Launch, and Monitor Resilient ML Systems

Conference:  Transform X 2022
Authors: Dan Shiebler
2022-10-19

Uncovering Covert Channels in Your IoT Networks

Conference:  RSA Conference 2021
Authors:
2021-05-17

Top Tips from Netflix, NVIDIA, and Meta on Large Language Models (LLMs)

Conference:  Transform X 2022
Authors: Susan Zhang, Faisal Siddiqi, Bryan Catanzaro, Erhan Bas, Elliot Branson
2022-10-19