Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
2018: The Year Machine Intelligence Arrived in Cybersecurity
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
1/8/2019 | 7:01:24 PM
Re: Probabilistic
@Curt: Yep. When you press even the most gung-ho "We offer AI!" marketers, they will admit that, no, they really don't -- at least, not generalized AI (a.k.a. "true AI", as we tend to think of it).

Unrelatedly, I really dig the drawn portrait that is your avatar. Florida artist?
Curt Franklin
50%
50%
Curt Franklin,
User Rank: Author
1/2/2019 | 10:54:52 AM
Re: Probabilistic
Joe, my understanding is that AI can be deterministic, but it's capable of being deterministic in ways that the developer didn't anticipate. Where machine learning is great at reaching rapid conclusions within a known population of answers, AI should be capable of "thinking outside the box" and finding correlations (and therefore, conclusions) that are outside any previously anticipate answers.

That's a much tougher thing to develop, and why most of the AI researchers I've talked to say that what we're seeing in security (and most of commercia computing) today is correctly classified as ML rather than AI.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/31/2018 | 10:44:24 PM
Re: False positives
@Dr. T: In security studies, security-alert fatigue is routinely identified as the top or near-top obstacle facing security teams.

AI/ML can help, but you can also accomplish a lot by trying some lower-tech techniques (like banning all non-whitelisted bots, for instance).
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/31/2018 | 10:42:13 PM
Re: Probabilistic
> AI is probabilistic, not deterministic.

Is it, though? I mean, sure, modern ML programming relies on PPLs, but we have not reached true/generalized AI yet. Perhaps AI models will evolve such that some are more deterministic in nature.

Or maybe I'm overthinking this.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/31/2018 | 10:39:05 PM
Re: Big data
@Dr. T: That's the very definition of big data: data collections that are so big that humans unaided by tech automation cannot possibly contend with them.

The real question, however, is to what extent actual ML and AI are necessary for this. Terrific analytics advances have been made -- but hurdles are still left to be overcome.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
12/27/2018 | 11:47:16 AM
Humans and AI
we're a long away from totally automating out the need for some type of security professional that occasionally has to make a decision." I would agree. Currently decision of action would still require humans in most scenarios.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
12/27/2018 | 11:44:55 AM
Big data
Machines are really good at looking at vast amounts of data and making sense of it all in a statistical way, and humans are not That makes sense. Humans are not equipped for big data, we need AI help to deal with it.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
12/27/2018 | 11:43:04 AM
False positives
Microsoft sees 6.5 trillion security signals a day. AI helps rationalize them down to a quantity that humans can deal with Yes. This helps us avoiding false positives.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
12/27/2018 | 11:41:31 AM
Probabilistic
"The best use of AI is to give security admins the ability to deconflict tasks to know which, out of scores of possibilities, are critical and will have the greatest impact," This makes sense. AI is probabilistic, not deterministic. So someone should intervene at one point.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
12/27/2018 | 11:39:43 AM
Speed
What machine learning has really given us is the ability to predict patterns before they actually happen I think this is the important aspect of AI in cyber security, the speed.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Attacker Dwell Time: Ransomware's Most Important Metric
Ricardo Villadiego, Founder and CEO of Lumu,  9/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-25288
PUBLISHED: 2020-09-30
An issue was discovered in MantisBT before 2.24.3. When editing an Issue in a Project where a Custom Field with a crafted Regular Expression property is used, improper escaping of the corresponding form input's pattern attribute allows HTML injection and, if CSP settings permit, execution of arbitra...
CVE-2020-25781
PUBLISHED: 2020-09-30
An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.
CVE-2020-25830
PUBLISHED: 2020-09-30
An issue was discovered in MantisBT before 2.24.3. Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when attempting to update said custom field via bug_actiongroup_page.php.
CVE-2020-26159
PUBLISHED: 2020-09-30
In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c .
CVE-2020-6654
PUBLISHED: 2020-09-30
A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.