C IF -C ybers ecurity InitiativeF landers Artificial Intelligence and Security What’s at the crossroad? Our first policy considerations Stefano Fantin Researcher - CiTiP L euven, 04_10_19 C elebrato ry C o nference fo r C iTiP ’s 30 th A nnivers ary
A I and S ecurity , 4_10_19 today A quick intro The four dimensions of AI and Cybersecurity Common issues How can (cyber) security practices inform AI policy Conclusions C IF -C ybers ecurity InitiativeF landers 2
A I and S ecurity , 4_10_19 What I will be talking about today, instead: C IF -C ybers ecurity InitiativeF landers 3
A I and S ecurity , 4_10_19 AI and cybersecurity: a 4D model (a) Two different (but intertwined) conceptual perspectives: AI as an instrument vs AI as a target (b) Dual use nature of AI: attack vs defense C IF -C ybers ecurity InitiativeF landers 4
A I and S ecurity , 4_10_19 AI – enabled attack and defense AI attacks : 1. Evasiveness : malware alteration aimed at non-detection (Anderson, 2017) 2. Pervasiveness: bots competing with each other (DARPA Cyber Grand Challenge, 2016) 3. Adaptiveness: AI to go beyond the creativity of human attackers Brundage Taxonomy (2018) : AI defense: 1. Pattern identification using traditional ML 1. Pure cyberattacks 2. NLP to help threat intel 2. Physical attacks (UAVs) 3. Automation of response 3. ‘Political’ attacks (misinformation, propaganda, mass surveillance, deception) C IF -C ybers ecurity InitiativeF landers 5
A I and S ecurity , 4_10_19 Attacking (and defending) AI AI is vulnerable by design! Exposure to attacks cannot be, at the moment, neutralized ab initio AI- SOTA shortcomings include (Belfer Cr., 2018): a) ML learns relatively brittle patterns that work well but are easy to disrupt b) High dependence on data opens up a channel for manipulation and corruption c) The black box principle makes auditing quite a challenging task Attacks don’t depend on human errors, unlike most of the cyber-attacks According to the nature and the ways such attacks can be initiated, these don’t have to necessarily be cyber-related: by simply taping a stop sign on a crossroad AI-driven vehicles might misinterpret inputs and outputs C IF -C ybers ecurity InitiativeF landers 6
Common security issue A I and S ecurity , 4_10_19 Amplification of security Dual use Democratization threats + nature of of AI and of its proliferation AI offensive regime of malicious actors C IF -C ybers ecurity InitiativeF landers 7
A I and S ecurity , 4_10_19 Democratization reduces control Democratization of AI and amplification of security threats leads to a loss of control, an essential element in security doctrines and related applied disciplines, inter alia: C IF -C ybers ecurity InitiativeF landers 8
A I and S ecurity , 4_10_19 Examples of (cyber) security control-driven practices that can inform AI policy Software vulnerability responsible disclosure frameworks - including restrictions on publication (CEPS, 2017; Brundage 2018) Explore plan Bs – see de- Security risk assessment / digitalization of critical compliance practices - evaluate infrastructures (US Congress, the necessity of AI systems in Securing Energy Infrastructure a certain application (Belfer Cr., Act – SEIA, 2019) 2018) C IF -C ybers ecurity InitiativeF landers 9
A I and S ecurity , 4_10_19 To conclude: Acknowledgment of the dual use nature of AI against a new security threat landscape Policies to look at ways to gain control over the security threat landscape: limitations are the instrument, not the end Exploring and re-adapting cybersecurity practices could help informing policy and regulation on AI security C IF -C ybers ecurity InitiativeF landers 10
THANK YOU stefano.fantin@kuleuven.be @s_van_teen KU Leuven Centre for IT & IP Law (CiTiP) - imec Sint-Michielsstraat 6, box 3443 BE-3000 Leuven, Belgium http://www.law.kuleuven.be/citip 11
Recommend
More recommend
