3 ways criminals use artificial intelligence in cybersecurity attacks Posted on : Oct 08 - 2020

Bad actors use machine learning to break passwords more quickly and build malware that knows how to hide, experts warn.

Three cybersecurity experts explained how artificial intelligence and machine learning can be used to evade cybersecurity defenses and make breaches faster and more efficient during a NCSA and Nasdaq cybersecurity summit.

Kevin Coleman, the executive director of the National Cyber Security Alliance, hosted the conversation as part of Usable Security: Effecting and Measuring Change in Human Behavior on Tuesday, Oct. 6.

Elham Tabassi, chief of staff information technology laboratory, National Institute of Standards and Technology, was one of the panelists in the "Artificial Intelligence and Machine Learning for Cybersecurity: The Good, the Bad, and the Ugly" session.text

Attackers can use AI to evade detections, to hide where they can't be found, and automatically adapt to counter measures," Tabassi said.

Tim Bandos, chief information security officer at Digital Guardian, said that cybersecurity will always need human minds to build strong defenses and stop attacks.

"AI is the sidekick and security analysts and threat hunters are the superheroes," he said.

Here are three ways AI and ML can be used in cybersecurity attacks.

Data poisoning

Tabassi said that bad actors sometimes target the data used to train machine learning models. Data poisoning is designed to manipulate a training dataset to control the prediction behavior of a trained model to trick the model into performing incorrectly, such as labeling spam emails as safe content.

There are two types of data poisoning: Attacks that target a ML algorithm's availability and attacks that target its integrity. Research suggests that a 3% training data set poisoning leads to an 11% drop in accuracy.

With backdoor attacks, an intruder can add an input to an algorithm that the model's designer does not know about. The attacker uses that backdoor to get the ML system to misclassify a certain string as benign when it might be carrying bad data.

Tabassi said that techniques for poisoning data can be transferred from one model to another. 

"Data is the blood and fuel for machine learning and as much attention should be paid to the data we are using to train the models as the models," she said. "User trust is influenced by the model and the quality of the training and the data that is going into it."

Tabassi said the industry needs standards and guidelines to ensure data quality and that NIST is working on national guidelines for trustworthy AI, including  both high-level guidelines and technical requirements to address accuracy, security, bias, privacy, and explainability. View More