Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
• Double Content
Sub-copy to go here
Sub-copy to go here
Sub-copy to go here
Sub-copy to go here
Sub-copy to go here
Sub-c...
ONLY domain of AI where
there is a true adversary who
can also make use ofAI
BLACK HAT WHITE HAT
Security is AI’s Biggest ...
Most threats have very
short longevity; machines
can act muchfaster
VELOCITY SPEED
VARIETY ACCURACY
ML is also really good...
Come pit your AI skills
against a true adversary
4344
MACHINE
LEARNING
AVAST CLOUD ENGINE
MONTHLY
ENGAGEMEN
T
290M+
145M
+
MONTHLY
ENGAGEMENT
> 10,000 Servers
Across 10 Locatio...
Agenda for This Talk
6
• Malware Detection in the Cloud
• Network Detection for IoT
• Defense against Adversarial AI
Malware Detection
in the Cloud
Advanced Threat Detection and PreventionArchitecture:
No silverbullet
8
AVAST NEXT GENERATION AV PLATFORM
1. WEB SHIELD: p...
Avast Local Expert390 TB of Quality Data 3,000 Intelligently-Designed Clusters
Months of Processing... ... Completed Daily...
Using Neural Nets to Optimize the Engine
Published at ICLR2018
• Goal: augment our traditional handcrafted
models with mac...
Network Detection
for IoT Devices
Managing IoT Security
Problem Mitigation
✓ Every device isconnected
✓ Devices are built by non-security companies
whose mo...
POINT OF
INFECTION VIDEO CAMERA
URL
VIDEO CAMERA
DNS
Gateway
BEFORE MIRAI INFECTION DURING MIRAI INFECTION
VIDEO CAMERA
9....
HOW WHAT
How We Protect IoT Devices
Swarm
Behavior
Network
Type of
Data Sent
Infrastructure
Analysis
Amount of
Data Sent
D...
Detecting Anomalies on IoT Traffic
Router
Unknown
MalwareSpread
DataLeak
HVACTV PrinterMusic HomeAssistantCamera New
DoS
I...
ATTACK TYPE
May focus on a device
type, or servicetype
DEVICE TYPE
IoT devices have
very limitedbehavior
Identifying devic...
Defense Against
Adversarial AI
DeepFake: Human Beings are Easy to Fool
18
Source: Buzzfeed
AI generated video having President Obama “speak” fake words
Deep Learning Algorithms are also Easy to Fool
LabTest Summary
(Stationary)
Target Class: Speed Limit 45
Misclassify
Subtl...
DeepAttacks
Definition: Malicious Content Automatically Generated by AI Algorithms
Video
Audio
Images
URLs & Webpages
Bina...
Use the response
to learn about the
Classifier and
improve guess
Defense 1: Track the
queries and limit the
number of atte...
Conclusion
Come pit your AI skills
against a true adversary
23
Prochain SlideShare
Chargement dans…5
×

Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Security’s greatest opportunity

313 vues

Publié le

The progress of AI in the last decade has seemed almost magical. But we will discuss the unique challenges posed by Security and what makes this domain the biggest challenge for AI. Reporting from the frontlines, we will describe the deployment of large-scale production-grade AI systems to combat security breaches, using lessons learned at Avast from defending over 400 million consumers every single day. Topics will cover the recent AI advancements in file-based anti-malware solutions, behavior-based on-device solutions, and network-based IoT security solutions.

Publié dans : Technologie
  • Soyez le premier à commenter

Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Security’s greatest opportunity

  1. 1. • Double Content Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here • Double Content Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here Sub-copy to go here 1 Security is AI’s biggest challenge, AI is Security’s greatest opportunity Dr. Rajarshi Gupta | Head of AI, Avast | Sep 2018 Security is AI’s biggest challenge, AI is Security’s greatest opportunity Dr. Rajarshi Gupta | Head of AI, Avast | Nov 2018
  2. 2. ONLY domain of AI where there is a true adversary who can also make use ofAI BLACK HAT WHITE HAT Security is AI’s Biggest Challenge 2
  3. 3. Most threats have very short longevity; machines can act muchfaster VELOCITY SPEED VARIETY ACCURACY ML is also really good at taking into account large amounts of contextualdata VOLUME SCALABILITY Coping with the sheer volume of new threats would be impossible without ML AI is Security’s Greatest Opportunity 3
  4. 4. Come pit your AI skills against a true adversary 4344
  5. 5. MACHINE LEARNING AVAST CLOUD ENGINE MONTHLY ENGAGEMEN T 290M+ 145M + MONTHLY ENGAGEMENT > 10,000 Servers Across 10 Locations Worldwide, processing monthly: > 300M Files > 200Bn URLs Every Month, Avast: Handles 30+ million new executable files, 25 percent of which are usually malicious continuously sifts through 390TB of quality security data Every Month, Avast: Prevents +2 billion malware attacks Pushes 50 PB of data The World's Largest Consumer SecurityNetwork 5 1. WEB SHIELD 2. STATIC SCANNER 3. EMULATOR 4. DEEP SCREEN (SANDBOX) 5. CYBER CAPTURE 6. BEHAVIOUR SHIELD
  6. 6. Agenda for This Talk 6 • Malware Detection in the Cloud • Network Detection for IoT • Defense against Adversarial AI
  7. 7. Malware Detection in the Cloud
  8. 8. Advanced Threat Detection and PreventionArchitecture: No silverbullet 8 AVAST NEXT GENERATION AV PLATFORM 1. WEB SHIELD: protects at the entry level against network- based exploits, malicious URLs and anomalies 2. STATIC SCANNER: performs real-timesecurity assessments using cloud-based reputationdata and the local classificationengine 3. WEB SHIELD: protects at the entry level against network- based exploits, malicious URLs and anomalies 4. DEEPSCREEN (SANDBOX): secures ahypervisor-based virtual environment to test suspect files 5. CYBER CAPTURE: uses the full power ofAvast’s threat lab’s “clean room” to assess a file’s innermost workings 6. BEHAVIOR SHIELD: monitors each environment as programs run and protects against malicious behavior 1.WEBSHIELD 2.STATICSCANNER 3.EMULATOR 4.DEEPSCREEN(SANDBOX) 5.CYBERCAPTURE 6.CYBERCAPTURE
  9. 9. Avast Local Expert390 TB of Quality Data 3,000 Intelligently-Designed Clusters Months of Processing... ... Completed Daily in Real-Time COLLECTION EXTRACTION TRAINING EXECUTION Harness as much data as possible Deconstruct data into billions of artifacts Update models to understand the intention of a sample Precisely and quickly identify what is benign vs. malicious 6X more consumer PC users than the nearest competitor(1) Proprietary Local Expert architecture leverages over 500+ features (e.g. size, origin, age, and file entropy) New models can be trained on the entire historical dataset in less than 12 hours Endpoint-based models are updated 200+ times per day Goal: Avast Advantage: Training the Avast Machine LearningEngine 9 Purpose-built approach that takes < 12 hours to add new features, train, and deploy into production
  10. 10. Using Neural Nets to Optimize the Engine Published at ICLR2018 • Goal: augment our traditional handcrafted models with machine-generatedfeatures Train a Convolutional Neural Net using the raw sequence of bytes from the binary files Training set of 20 million Windows PE files • Results Raw model achieves comparable accuracy to hand crafted features Choosing machine-generated features makes it much harder to evade Enriched features model shows extra gain of using both sets of features 1 0
  11. 11. Network Detection for IoT Devices
  12. 12. Managing IoT Security Problem Mitigation ✓ Every device isconnected ✓ Devices are built by non-security companies whose motivations are lower prices and easier connectivity, notsecurity ✓ Rarely or neverpatched ✓ Mostly opaque/closed deviceswith no securitysoftware ✓ Need to observe from the network ✓ Each device is limited in its applications ✓ Structuredand repetitivebehavior– easyto model 19
  13. 13. POINT OF INFECTION VIDEO CAMERA URL VIDEO CAMERA DNS Gateway BEFORE MIRAI INFECTION DURING MIRAI INFECTION VIDEO CAMERA 9.0.91.38 9.0.0.125 9.0.0.185 9.0.0.245 9.0.1.82 9.0.100.68 9.0.102.77 9.0.105.66 9.0.108.148 9.0.109.16 9.0.110.172 9.0.113.202 9.0.115.171 9.0.118.154 MIRAI_BOT MIRAI_REPORT MIRAI_CNC 9.0.239.143 9.0.83.160 Detecting A SmartHome Security Breach 20
  14. 14. HOW WHAT How We Protect IoT Devices Swarm Behavior Network Type of Data Sent Infrastructure Analysis Amount of Data Sent Device Types Traffic Analysis Capabilities Vulnerabilities 14
  15. 15. Detecting Anomalies on IoT Traffic Router Unknown MalwareSpread DataLeak HVACTV PrinterMusic HomeAssistantCamera New DoS IoTSurface GameConsole Two parallel approaches Build an ensemble classifier in incremental steps, with models focused on known attacks Build a deep neural net that is broad enough to identify all the known attacks, and more 15
  16. 16. ATTACK TYPE May focus on a device type, or servicetype DEVICE TYPE IoT devices have very limitedbehavior Identifying devices allow us to model their behavior SERVICE TYPE Many devices plus internet makes up services, e.g.Netflix Multi-Level ModelInput: Flow statistics from millions of homes Deep Neural Net for IoT Traffic Benign Block access to this domain Block feed transmission Block communication between these devices Anomalies Device type Input device traffic information for many devices, in many homes over a long timeperiod Home Type Servic e Type DDos: Many devices attacking same domain Benign Unexpected destination for baby monitor feed Benign Unexpected traffic between devices within a home Output: Autonomously identify anomalous traffic Recognize unknown attacks Identify the device or service causing the attacks 16
  17. 17. Defense Against Adversarial AI
  18. 18. DeepFake: Human Beings are Easy to Fool 18 Source: Buzzfeed AI generated video having President Obama “speak” fake words
  19. 19. Deep Learning Algorithms are also Easy to Fool LabTest Summary (Stationary) Target Class: Speed Limit 45 Misclassify SubtlePoster SubtlePoster CamoGraffiti CamoArt CamoArt Evtimov, Ivan, Kevin Eykholt, Earlence Fernandes, Tadayoshi Kohno, Bo Li, Atul Prakash,Amir Rahmati, and Dawn Song. "Robust Physical-WorldAttacks on Machine Learning Models." arXiv preprint arXiv: 1707.08945 (2017). 19
  20. 20. DeepAttacks Definition: Malicious Content Automatically Generated by AI Algorithms Video Audio Images URLs & Webpages Binary Files Network Flows Upcoming Existing 20
  21. 21. Use the response to learn about the Classifier and improve guess Defense 1: Track the queries and limit the number of attempts CLASSIFIER 21 ATTACKER Defense 2: Train the Classifier simultaneously with own version of Attacker, in order to make it better at identifying generated examples ATTACKER DeepAttacks: Defenses in Security Try an example Response: Good/Bad Generative Adversarial Network (GAN) Defense 3: Build targeted models to identify the handiwork of such ML-based generators
  22. 22. Conclusion
  23. 23. Come pit your AI skills against a true adversary 23

×