Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Security’s greatest opportunity

467 views

Published on

The progress of AI in the last decade has seemed almost magical. But we will discuss the unique challenges posed by Security and what makes this domain the biggest challenge for AI. Reporting from the frontlines, we will describe the deployment of large-scale production-grade AI systems to combat security breaches, using lessons learned at Avast from defending over 400 million consumers every single day. Topics will cover the recent AI advancements in file-based anti-malware solutions, behavior-based on-device solutions, and network-based IoT security solutions.

Published in: Technology
  • There is a useful site for you that will help you to write a perfect and valuable essay and so on. Check out, please ⇒ www.WritePaper.info ⇐
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THE BOOK INTO AVAILABLE FORMAT (New Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://urlzs.com/UABbn } ......................................................................................................................... Download Full EPUB Ebook here { https://urlzs.com/UABbn } ......................................................................................................................... Download Full doc Ebook here { https://urlzs.com/UABbn } ......................................................................................................................... Download PDF EBOOK here { https://urlzs.com/UABbn } ......................................................................................................................... Download EPUB Ebook here { https://urlzs.com/UABbn } ......................................................................................................................... Download doc Ebook here { https://urlzs.com/UABbn } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THE can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THE is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBOOK .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, CookBOOK, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, EBOOK, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THE Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THE the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THE Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • It's so easy that you can find it with your eyes shut. For example, as for me the best and the most responsibly working service is this one - ⇒ HelpWriting.net ⇐ - you'll find there everything you need. And the prices are reasonable.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Security’s greatest opportunity

  1. 1. • Double Content Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here • Double Content Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here 1 Security is AI’s biggest challenge, AI is Security’s greatest opportunity Dr. Rajarshi Gupta | Head of AI, Avast | Sep 2018 Security is AI’s biggest challenge, AI is Security’s greatest opportunity Dr. Rajarshi Gupta | Head of AI, Avast | Nov 2018
  2. 2. ONLY domain of AI where there is a true adversary who can also make use ofAI BLACK HAT WHITE HAT Security is AI’s Biggest Challenge 2
  3. 3. Most threats have very short longevity; machines can act muchfaster VELOCITY SPEED VARIETY ACCURACY ML is also really good at taking into account large amounts of contextualdata VOLUME SCALABILITY Coping with the sheer volume of new threats would be impossible without ML AI is Security’s Greatest Opportunity 3
  4. 4. Come pit your AI skills against a true adversary 4344
  5. 5. MACHINE LEARNING AVAST CLOUD ENGINE MONTHLY ENGAGEMEN T 290M+ 145M + MONTHLY ENGAGEMENT > 10,000 Servers Across 10 Locations Worldwide, processing monthly: > 300M Files > 200Bn URLs Every Month, Avast: Handles 30+ million new executable files, 25 percent of which are usually malicious continuously sifts through 390TB of quality security data Every Month, Avast: Prevents +2 billion malware attacks Pushes 50 PB of data The World's Largest Consumer SecurityNetwork 5 1. WEB SHIELD 2. STATIC SCANNER 3. EMULATOR 4. DEEP SCREEN (SANDBOX) 5. CYBER CAPTURE 6. BEHAVIOUR SHIELD
  6. 6. Agenda for This Talk 6 • Malware Detection in the Cloud • Network Detection for IoT • Defense against Adversarial AI
  7. 7. Malware Detection in the Cloud
  8. 8. Advanced Threat Detection and PreventionArchitecture: No silverbullet 8 AVAST NEXT GENERATION AV PLATFORM 1. WEB SHIELD: protects at the entry level against network- based exploits, malicious URLs and anomalies 2. STATIC SCANNER: performs real-timesecurity assessments using cloud-based reputationdata and the local classificationengine 3. WEB SHIELD: protects at the entry level against network- based exploits, malicious URLs and anomalies 4. DEEPSCREEN (SANDBOX): secures ahypervisor-based virtual environment to test suspect files 5. CYBER CAPTURE: uses the full power ofAvast’s threat lab’s “clean room” to assess a file’s innermost workings 6. BEHAVIOR SHIELD: monitors each environment as programs run and protects against malicious behavior 1.WEBSHIELD 2.STATICSCANNER 3.EMULATOR 4.DEEPSCREEN(SANDBOX) 5.CYBERCAPTURE 6.CYBERCAPTURE
  9. 9. Avast Local Expert390 TB of Quality Data 3,000 Intelligently-Designed Clusters Months of Processing... ... Completed Daily in Real-Time COLLECTION EXTRACTION TRAINING EXECUTION Harness as much data as possible Deconstruct data into billions of artifacts Update models to understand the intention of a sample Precisely and quickly identify what is benign vs. malicious 6X more consumer PC users than the nearest competitor(1) Proprietary Local Expert architecture leverages over 500+ features (e.g. size, origin, age, and file entropy) New models can be trained on the entire historical dataset in less than 12 hours Endpoint-based models are updated 200+ times per day Goal: Avast Advantage: Training the Avast Machine LearningEngine 9 Purpose-built approach that takes < 12 hours to add new features, train, and deploy into production
  10. 10. Using Neural Nets to Optimize the Engine Published at ICLR2018 • Goal: augment our traditional handcrafted models with machine-generatedfeatures Train a Convolutional Neural Net using the raw sequence of bytes from the binary files Training set of 20 million Windows PE files • Results Raw model achieves comparable accuracy to hand crafted features Choosing machine-generated features makes it much harder to evade Enriched features model shows extra gain of using both sets of features 1 0
  11. 11. Network Detection for IoT Devices
  12. 12. Managing IoT Security Problem Mitigation ✓ Every device isconnected ✓ Devices are built by non-security companies whose motivations are lower prices and easier connectivity, notsecurity ✓ Rarely or neverpatched ✓ Mostly opaque/closed deviceswith no securitysoftware ✓ Need to observe from the network ✓ Each device is limited in its applications ✓ Structuredand repetitivebehavior– easyto model 19
  13. 13. POINT OF INFECTION VIDEO CAMERA URL VIDEO CAMERA DNS Gateway BEFORE MIRAI INFECTION DURING MIRAI INFECTION VIDEO CAMERA 9.0.91.38 9.0.0.125 9.0.0.185 9.0.0.245 9.0.1.82 9.0.100.68 9.0.102.77 9.0.105.66 9.0.108.148 9.0.109.16 9.0.110.172 9.0.113.202 9.0.115.171 9.0.118.154 MIRAI_BOT MIRAI_REPORT MIRAI_CNC 9.0.239.143 9.0.83.160 Detecting A SmartHome Security Breach 20
  14. 14. HOW WHAT How We Protect IoT Devices Swarm Behavior Network Type of Data Sent Infrastructure Analysis Amount of Data Sent Device Types Traffic Analysis Capabilities Vulnerabilities 14
  15. 15. Detecting Anomalies on IoT Traffic Router Unknown MalwareSpread DataLeak HVACTV PrinterMusic HomeAssistantCamera New DoS IoTSurface GameConsole Two parallel approaches Build an ensemble classifier in incremental steps, with models focused on known attacks Build a deep neural net that is broad enough to identify all the known attacks, and more 15
  16. 16. ATTACK TYPE May focus on a device type, or servicetype DEVICE TYPE IoT devices have very limitedbehavior Identifying devices allow us to model their behavior SERVICE TYPE Many devices plus internet makes up services, e.g.Netflix Multi-Level ModelInput: Flow statistics from millions of homes Deep Neural Net for IoT Traffic Benign Block access to this domain Block feed transmission Block communication between these devices Anomalies Device type Input device traffic information for many devices, in many homes over a long timeperiod Home Type Servic e Type DDos: Many devices attacking same domain Benign Unexpected destination for baby monitor feed Benign Unexpected traffic between devices within a home Output: Autonomously identify anomalous traffic Recognize unknown attacks Identify the device or service causing the attacks 16
  17. 17. Defense Against Adversarial AI
  18. 18. DeepFake: Human Beings are Easy to Fool 18 Source: Buzzfeed AI generated video having President Obama “speak” fake words
  19. 19. Deep Learning Algorithms are also Easy to Fool LabTest Summary (Stationary) Target Class: Speed Limit 45 Misclassify SubtlePoster SubtlePoster CamoGraffiti CamoArt CamoArt Evtimov, Ivan, Kevin Eykholt, Earlence Fernandes, Tadayoshi Kohno, Bo Li, Atul Prakash,Amir Rahmati, and Dawn Song. "Robust Physical-WorldAttacks on Machine Learning Models." arXiv preprint arXiv: 1707.08945 (2017). 19
  20. 20. DeepAttacks Definition: Malicious Content Automatically Generated by AI Algorithms Video Audio Images URLs & Webpages Binary Files Network Flows Upcoming Existing 20
  21. 21. Use the response to learn about the Classifier and improve guess Defense 1: Track the queries and limit the number of attempts CLASSIFIER 21 ATTACKER Defense 2: Train the Classifier simultaneously with own version of Attacker, in order to make it better at identifying generated examples ATTACKER DeepAttacks: Defenses in Security Try an example Response: Good/Bad Generative Adversarial Network (GAN) Defense 3: Build targeted models to identify the handiwork of such ML-based generators
  22. 22. Conclusion
  23. 23. Come pit your AI skills against a true adversary 23

×