Machine Learning Era in Cyber ​​Security

While artificial intelligence (AI) and machine learning (ML) have been transforming various areas of human activity for some time, this transformation potential has yet to be fully realized. ML-based technologies are increasingly helping from combating fraud to evaluating and reorganizing business processes, improving testing processes, and developing new solutions to existing problems.

However, like most disruptive innovations, machine learning has some disadvantages.

As the business world, critical infrastructures and our personal lives become more and more integrated with digital platforms, new risks will come along. Attackers can use ML technology in many different ways: from empowering their malware, to gain valuable information by targeting specific victims, to detect zero-day vulnerabilities, or to protect compromised infrastructure such as botnets.

Machine learning solutions deployed by legitimate organizations are another interesting target. Attackers can create malicious datasets and present a false view of the current environment, possibly causing chaos as a result of beneficial systems making wrong decisions.

Misuse of ML for translations and targeting

The first signs of these scenarios turning from theory to reality are beginning to be seen. A good example of this is spammers who misuse legitimate ML-based translation services to enhance their messages in a wide variety of local languages.

Another circulating example showing ML-like signs is the recent popular download tool Emotet, which is suspected of using this type of technology to enhance its targeting mechanism. Although it affects thousands of victims every day, it is surprisingly honeypotand botnetIt can be very effective in avoiding predators.

To achieve this, Emotet collects telemetry data of its potential victims and sends it to the attacker’s C&C server for analysis. Based on this input, the malware not only selects modules in the payload, but can also distinguish human operators from virtual machines used by researchers.

Since defense mechanisms like these would be very complex and expensive, Emotet operators would have to invest an enormous amount of resources to develop their malware capabilities in this direction without machine learning.

If there are not enough layers, there is not enough security.

Confusing the ML model with malicious inputs or malicious machine learning will be an emerging threat that we will face in the future, especially in cybersecurity.

If less sophisticated ML-based scan engines are manipulated by attackers to make wrong choices, this can lead to serious damage by compromising the security of the targeted company.

You can read the full article by Juraj Jánošík at the link here.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *