ai人工智能的本质和未来
Chinese philosophy yin and yang represent how the seemingly opposite poles can complement each other and achieve harmony.
中国的阴阳哲学代表着看似相反的两极如何相互补充,实现和谐。
In cybersecurity, this ancient philosophy perfectly represents the relationship between supervised and unsupervised machine learning. For example, monitored machine learning processes can be used for detection, while unsupervised machine learning uses clustering. In the case of cybersecurity and data security research and development, monitored machine learning is often implemented in the form of machine learning algorithms.
在网络安全中,这种古老的哲学完美地代表了有监督和无监督机器学习之间的关系。 例如,受监视的机器学习过程可用于检测,而无监督的机器学习则使用聚类。 在网络安全和数据安全研究与开发的情况下,受监视的机器学习通常以机器学习算法的形式实现。
It is not easy to describe Artificial Intelligence (AI). It has no clear definition. Most of the existing definitions try to express AI as a computer process that mimics human intelligence and behavior and acts intelligently. But this situation brings more questions such as what is intelligence? Do people always act smart and logical? Is the desired achievement for AI, human intelligence? Or can a computer perform better than a human? The definition of approaches that base AI on rational behavior refers to a computer doing things that are difficult to do. In this article, however, a pragmatic approach is adopted to simplify the issue and AI is defined as a scientific area responsible for producing computer-based solutions to the complex problems that human beings have difficulty in finding solutions.
描述人工智能(AI)并不容易。 它没有明确的定义。 现有的大多数定义都试图将AI表达为模仿人类智力和行为并以智能方式行事的计算机过程。 但是这种情况带来了更多的问题,例如什么是智力? 人们总是表现得聪明而合乎逻辑吗? 人工智能是人类的理想成就吗? 还是计算机的性能要比人类好? 将AI建立在理性行为基础上的方法的定义是指计算机执行难以完成的事情。 但是,在本文中,采用了务实的方法来简化问题,并且AI被定义为负责为人类难以找到解决方案的复杂问题提供基于计算机的解决方案的科学领域。
The use of AI in cybersecurity is relatively new. While some cybersecurity experts argue that the answer to cybersecurity is machine learning to detect sophisticated breaches and that cybersecurity will only continue to succeed if the IT environment is secured by the help of AI-based solutions. Others argue that while machine learning is very good at finding similarities, it is not good enough at detecting anomalies and is therefore not suited to cybersecurity.
在网络安全中使用AI相对较新。 尽管一些网络安全专家认为,网络安全的答案是机器学习来检测复杂的漏洞,并且只有在基于AI解决方案的帮助下确保IT环境安全的情况下,网络安全才会继续取得成功。 其他人则认为,尽管机器学习非常善于发现相似之处,但它不足以检测异常,因此不适合网络安全。
Beyond these discussions, it is a fact that machine-learning has taken great steps in recent years, from autonomous tools to virtual assistants, from chatbots to face/object recognition. As we move towards a future where cybersecurity is much more integrated into our daily life, it is important to be aware of different approaches based on machine and deep learning in order to better defend the network and data security against increasingly complex and advanced attacks.
除了这些讨论之外,事实上,近年来,机器学习已迈出了重要的一步,从自主工具到虚拟助手,从聊天机器人到人脸/物体识别。 随着我们迈向将网络安全与我们的日常生活更加融合的未来,重要的是要意识到基于机器和深度学习的不同方法,以便更好地保护网络和数据安全免受日益复杂和高级的攻击。
As you already may know, there are four types of machine learning algorithms to train a machine neural network: Supervised Learning, Unsupervised Learning, Semi-supervised Learning (also known as active learning), Reinforcement Learning. Supervised learning is about learning from a training data set, while unsupervised machines learn from the data itself that is limited in its ability to detect threats, as it only looks for details it has seen and flagged before, while unsupervised learning constantly scans the network and finds anomalies. Unsupervised learning, however, does not require labeled training data and is better suited to detecting suspicious activity, including detecting attacks that have never been observed before.
您可能已经知道,有四种类型的机器学习算法可以训练机器神经网络:监督学习,无监督学习,半监督学习(也称为主动学习),强化学习。 监督学习是关于从训练数据集中学习,而不受监督的机器则是从数据本身中学习,这种数据在检测威胁方面受到限制,因为它仅查找以前已经看到并标记过的细节,而不受监督的学习则不断地扫描网络和网络。发现异常。 但是,无监督学习不需要标记的训练数据,更适合于检测可疑活动,包括检测以前从未观察到的攻击。
Supervised learning is about learning from a training dataset. Supervised machines learn from the data itself, which is limited only by its ability to detect threats when searching for details that it has previously seen and marked. For unattended learning, tagged training data is not required and is more suitable for detecting suspicious activity, including detecting attacks that have never been observed before. Unsupervised learning constantly scans the network and finds anomalies.
监督学习是关于从训练数据集中学习。 受监控的机器从数据本身中学习,这仅受其在搜索先前已查看和标记的详细信息时检测威胁的能力的限制。 对于无人值守的学习,不需要标记的训练数据,它更适合于检测可疑活动,包括检测以前从未观察到的攻击。 无监督学习会不断扫描网络并发现异常情况。
Machine learning is already used to reduce the load that attack detection and prevention tools can handle as part of cybersecurity systems. AI algorithms similar to real human decision mechanisms try to model a decision mechanism.
机器学习已被用来减少攻击检测和防御工具可以作为网络安全系统的一部分处理的负载。 与真实人类决策机制相似的AI算法尝试对决策机制进行建模。
There have been a number of attempts to override unattended machine learning security solutions, resulting in a host of untested solutions to a variety of security problems. Many of these early attempts had difficulty generating enough data to effectively detect complex breaches such as identity fraud and advanced cyberattacks.
已经进行了许多尝试来覆盖无人看管的机器学习安全性解决方案,从而导致了许多未经测试的解决方案,可以解决各种安全问题。 这些早期尝试中的许多尝试都难以生成足够的数据以有效检测复杂的漏洞,例如身份欺诈和高级网络攻击。
By contrast, unsupervised machine learning is about finding and describing the hidden structures in the data. This problem is related to the problem of defining distance functions, since most, if not all, cluster algorithms are based on numerical and non-categorical data, and therefore we hear as much about cluster algorithms as we do about classification.
相比之下,无监督机器学习是关于发现和描述数据中的隐藏结构。 这个问题与定义距离函数的问题有关,因为大多数(即使不是全部)聚类算法都基于数值和非分类数据,因此,与聚类一样,我们对聚类算法的了解也很多。
In the context of cybersecurity, AI tries to defend the system by weighing behavior patterns that indicate a threat to the systems. From this point of view, machine learning is the process of learning patterns that lead to malicious behavior.
在网络安全的背景下,人工智能试图通过权衡表明对系统构成威胁的行为模式来保护系统。 从这个角度来看,机器学习是导致恶意行为的学习模式的过程。
AI solutions are generally analyst-oriented and unsupervised machine learning-focused in information security. Using unsupervised machine learning to detect rare or abnormal patterns can increase the detection of new attacks. However, it can also trigger more false positives and warnings. This requires a significant amount of analysis effort to investigate the accuracy of these false positives. Such false alarms can cause alarm fatigue and insecurity and, over time, lead to its return to analytical-focused solutions and the resulting weaknesses. Three major challenges facing the information security industry, each of which can be addressed by machine learning solutions, have been identified as follows [2]:
人工智能解决方案通常面向分析师,面向信息安全的无监督机器学习。 使用无监督机器学习来检测稀有或异常模式可以增加对新攻击的检测。 但是,它也可能触发更多的误报和警告。 这需要大量分析工作来调查这些误报的准确性。 此类错误警报可能会导致警报疲劳和不安全感,并随着时间的流逝,导致其返回到以分析为中心的解决方案,并因此而导致缺陷。 信息安全行业面临的三个主要挑战可以通过机器学习解决方案来解决,这些挑战如下:[2]:
- Missing or Lack of Tagged Data: Many organizations lack the ability to use tagged examples and supervised learning models of previous attacks. 标记数据的丢失或缺失:许多组织缺乏使用标记示例和监督先前攻击的学习模型的能力。
- Continuously Evolving Attacks: Even though controlled learning models are possible, attackers can change their behavior and override them. 不断发展的攻击:即使可以控制学习模型,攻击者也可以更改其行为并覆盖它们。
- Limited Time and Budget for Research or Investigation: Applying to analysts to investigate attacks is costly and time-consuming. 研究或调查的时间和预算有限:向分析人员申请调查攻击既昂贵又费时。
As the industry is still experimenting with the technology as a proof-of-concept, however, the idea of trust is ideal where the security solution is machine learning. It can help to improve the fight against cybercrime, and while AI can boost human efforts by automating the pattern-recognition process. Machine learning systems report useful data based on categories, while analysts talk openly about how machine learning can be a black box solution for security, where CISOs are not quite sure what is under the hood.
但是,由于业界仍在尝试将该技术用作概念验证,因此在安全解决方案是机器学习的情况下,信任的想法非常理想。 它可以帮助改善与网络犯罪的斗争,而人工智能可以通过使模式识别过程自动化来促进人类的努力。 机器学习系统会根据类别报告有用的数据,而分析师则公开谈论机器学习如何成为安全性的黑匣子解决方案,而CISO对此不太确定。
Today, AI is not ready to replace humans, but by automating the pattern-recognition process, it can enhance human efforts. There is a truth here that cannot be denied because machine learning has very different uses in cyber defense.
如今,人工智能尚未准备好替代人类,但是通过使模式识别过程自动化,它可以增强人类的努力。 这里有一个不可否认的真相,因为机器学习在网络防御中有非常不同的用途。
Considering all usage areas, it is possible to evaluate the use of AI in cyberspace in two categories; the use of artificial intelligence for cyber defense and the use of artificial intelligence for the cyber offense.
考虑到所有使用领域,有可能在两类方面评估AI在网络空间中的使用: 人工智能在网络防御中的使用以及人工智能在网络犯罪中的使用。
In part II, we will talk about the use of artificial intelligence for cyber defense…
在第二部分中,我们将讨论如何将人工智能用于网络防御……
Sources
资料来源
[1] K.R. Chowdhary, “Fundamentals of Artificial Intelligence,” Springer India, 2020.
[1] KR Chowdhary,“人工智能基础”,印度Springer,2020年。
[2] K. Veeramachaneni, I. Arnaldo, A. Cuesta-Infante, V. Korrapati, C. Bassias, K. Li, “AI2: Training a Big Data Machine to Defend”, IEEE International Conference on Big Data Security in New York City, 2016.
[2] K. Veeramachaneni,I。Arnaldo,A。Cuesta-Infante,V。Korrapati,C。Bassias,K。Li,“ AI2:培训大数据机以捍卫”,IEEE国际大数据安全新会议纽约,2016。
ai人工智能的本质和未来
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
