防火墙做不到的事,人工智能可以吗?
2016年最大热门可能是人工智能,不过关于“人工智能”的定义也引发不少争议。有些人支持人工智能,也有些人认为其充满危险。还有些人担心人类会沦为人工智能统治的奴隶。但不管在物联网还是医疗领域,人工智能都已开始发挥作用。从影响力和技术本身来看,网络安全会是人工智能应用下一个风口。 眼下还是人类对抗人类。 如今对商业、政府和机构来说,网络攻击已成最大威胁之一。非营利机构身份盗窃资源中心指出,2015年1.78亿条个人信息遭泄露,2016年信息泄露更是频繁,连国土安全部和联邦调查局都未能幸免。 2016年加德纳网络安全与风险峰会上,数据研究公司加德纳研究副总裁厄尔·帕金斯谈及到2020年十大战略预测时指出,99%的漏洞都已被公开。很惊人,不是么? 不幸的是,我们只能靠防火墙稍作抵抗,但只要黑客真想攻破,防火墙根本防不住。现在的攻防战只是人类揣测别人可能会做什么。 人工智能能帮忙保护数据安全么?最近一场网络研讨会上,认知监测公司Cognetyx总裁兼首席执行官桑托什·瓦努吉斯提出,在抵抗黑客方面人工智能是很强大的友军。人类可以训练人工智能学习各种行为模式,从而能像人类一样发觉异常。 战鼓敲响 机器学习是人工智能的一部分,主要通过学习现有数据不断改进功能和策略。机器学习会熟知普通用户的行为,一旦稍有偏差就能发现,例如办公室明明在德州以,一名员工登录的IP地址却显示纽约州。除了通过收集信息甄别发现威胁,人工智能也能利用数据改进自身功能和策略。 与人类相比,技术显得格外强大。让人类筛选登录、电脑使用和系统基础设施等海量信息是很难做到的。而人工智能处理大量信息既迅速又毫不费力,而且能一年365年七天24小时不停工作。 人工智能是网络安全的未来? 私营领域的企业和公司已经开始使用人工智能系统,据美国白宫透露,有些政府部门也引入了这项技术。为什么?因为人工智能可以迅速筛查结构性数据,节约大量时间和金钱,又能深入阅读和学习非结构性数据、统计结果、文字和短语。简而言之,人工智能既节省纳税人的钱又能保护国家机密安全。 不过漏洞也是存在的。黑客会想尽办法战胜机器,找到不为人知的缝隙悄然潜入。现在企业数据泄露后经常过几个月才会发觉,发现时黑客早已携敏感数据扬长而去。 换上人工智能,会不慌不忙地收集数据,等待黑客自己犯错。人工智能可以监测出黑客惯有的异常行为,例如输入密码的方式,或是登录地址等。某些痕迹很容易被忽略,但骗不过人工智能,一旦锁定遭受攻击人工智能会立刻出手阻止黑客。 瓦努吉斯指出,任何系统皆可破解。在网络安全这场永不停歇的棋局中,黑客永远在测试系统的弱点,包括人工智能的弱点。人工智能既然是人类编程的产物,必然能被打败。虽然人工智能整合处理信息十分强大,但超不出人类编程时赋予的能力。 随着黑客渐渐适应人工智能系统,程序员也要积极寻找新的防护手段。猫鼠游戏没有尽头,但有了人工智能,保卫数据安全的守军实力大增。(财富中文网) 作者:Hira Saeed,VentureBeat 译者:Pessy 审校:夏林 |
Artificial intelligence may be the hot trend of 2016, but the term itself opens up a debate. Some praise AI, while others believe reliance on AI is fraught with danger. Others worry about the demise of humans at the hands of our AI masters. Yet whether it is the Internet of Things or health care, AI is only beginning to have an effect. The next big opportunity, in terms of both impact and technology, is cybersecurity. For now, it’s humans vs. humans Cyber attacks are among the biggest threats to businesses, governments, and institutions today. The Identity Theft Resource Center notes that nearly 178 million personal records were exposed in data breaches in 2015; high-profile breaches announced in 2016 include the Department of Homeland Security and the Federal Bureau of Investigation. According to Earl Perkins, research VP at Gartner, who spoke at the 2016 Gartner Security & Risk Summit on the top 10 strategic planning assumptions for security through 2020, 99 percent of exploited vulnerabilities are already known. Alarming, isn’t it? Unfortunately, we tend to rely on firewalls as a defense. But firewalls will not stop a determined hacker. For now, it’s just humans who try to anticipate what the other human might do before they do it. So how does artificial intelligence play into this? At a recent webinar, Santosh Varughese, president and CEO of cognitive surveillance company Cognetyx, gave insight into how AI can be a valuable ally when it comes to defending against hackers. AI can be trained to constantly learn patterns in order to identify any deviation in it, much like a human does. The war is coming Machine learning, a component of AI, applies existing data to constantly improve its functions and strategies over time. It learns and understands normal user behavior and can identify even the slightest variation from that pattern, such as if an employee logs in from New York when the office is in Texas. But besides gathering information to detect and identify threats, AI can use this data to improve its own functions and strategies as well. This technology exceeds human capabilities by leaps and bounds. If you asked a person to filter through massive amounts of information that included logins, computer usage, and system infrastructure, they would never be able to keep on top of all that data. AI, on the other hand, can handle all of this information quickly, effortlessly, and on a 24/7/365 basis. Is AI the future of cybersecurity? Private sector businesses and corporations have already deployed AI systems, and as the White House notes, even some governments are using the technology. Why? Because AI can save time and money by going through structured data quickly, as well as comprehensively reading and learning unstructured data, statistics, words, and phrases. Essentially, AI could save tax dollars as well as national secrets. Still, loopholes exist. Hackers are trying to figure out ways to beat the machines, sneaking in through cracks we didn’t know existed. Right now, months go by before an organization detects a data breach. By then, the hacker is long gone, along with all the sensitive data. On the other hand, AI can sit back, collect data, and wait for a hacker to get messy. AI looks for behavioral abnormalities that hackers are bound to display — for instance, the way a password is typed or where the user is logging in. AI can detect these small signs that otherwise might have gone unnoticed and halt the hacker in their tracks. Any system can be exploited, as Varughese noted. In the constant chess match of cybersecurity, human hackers will always probe the weaknesses in every system — including AI. Artificial intelligence is programmed by humans, and thus can still be defeated. While AI’s ability to synthesize and process information is impressive, it can only work as well as it was programmed to. As hackers adjust to AI systems, human programmers will have to deploy new countermeasures. The cat and mouse game will continue, but AI forms a welcome reinforcement in the war to protect data. |