Slashdot Mirror

← Back to Stories (view on slashdot.org)

Harnessing Artificial Intelligence To Build an Army of Virtual Analysts

Posted by timothy on from the must-use-the-phrase-do-my-bidding dept.

An anonymous reader writes: PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market. Their goal was to make a system capable of mimicking the knowledge and intuition of human security analysts so that attacks can be detected in real time. The platform can go through millions of events per day and can make an increasingly better evaluation of whether they are anomalous, malicious or benign.

41 comments

  1. Hmmm ... by gstoddart · · Score: 3, Funny

    So, when they publish their findings will someone modify it to make an army of virtual hackers?

    Because that would be awesome.

    --
    Lost at C:>. Found at C.
    1. Re:Hmmm ... by Anonymous Coward · · Score: 0

      That sounds like something one of those corporations would do. They always stand against the people.

    2. Re: Hmmm ... by Anonymous Coward · · Score: 0

      But corporations are people too!

    3. Re: Hmmm ... by Anonymous Coward · · Score: 0

      As do the Reoublicans.

    4. Re: Hmmm ... by Anonymous Coward · · Score: 0

      And AI will make the Republicans even better at this. We have no hope of fighting back.

    5. Re: Hmmm ... by __aaclcg7560 · · Score: 1

      And AI will make the Republicans even better at this.

      *cough* Max Headroom *cough*

    6. Re:Hmmm ... by Tablizer · · Score: 1

      Who will be the first to patent The Borg?

      --
      Table-ized A.I.
    7. Re:Hmmm ... by Livius · · Score: 1

      The Borg always was just about intellectual property. It probably started with something like the Trans-Pacific Partnership.

    8. Re:Hmmm ... by Anonymous Coward · · Score: 0

      Personally, I'd like to see us harnessing the power of natural stupidity to make an army of virtual BAs.

  2. Be careful of what you wish for... by __aaclcg7560 · · Score: 4, Funny

    Their goal was to make a system capable of mimicking the knowledge and intuition of human security analysts so that attacks can be detected in real time.

    That boils down to letting the expensive firewalls do their job and checking the log files later on. Meanwhile, back to minesweeper.

    1. Re:Be careful of what you wish for... by ultranova · · Score: 4, Insightful

      Their goal was to make a system capable of mimicking the knowledge and intuition of human security analysts so that attacks can be detected in real time.

      That boils down to letting the expensive firewalls do their job and checking the log files later on. Meanwhile, back to minesweeper.

      No, it boils down to having the computer check the log. Meanwhile, since your skillset has now been automated, back to McDonald's.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

    2. Re:Be careful of what you wish for... by __aaclcg7560 · · Score: 0

      No, it boils down to having the computer check the log. Meanwhile, since your skillset has now been automated, back to McDonald's.

      The minimum wage jobs at McDonald's will get automated long before computer security analysts get automated.

    3. Re:Be careful of what you wish for... by zlives · · Score: 1

      its mostly theater anyway since security is inconvenient and convenience trumps all.
      secure systems are not connected to lolcats

    4. Re: Be careful of what you wish for... by Anonymous Coward · · Score: 0

      Well, it's about time anyways.

    5. Re:Be careful of what you wish for... by Anonymous Coward · · Score: 0

      One requires a python script. The other requires a food grade high dof robot arm that rarely needs cleaned/serviced. I know how to make both. Trust me: the McSlave's job is much safer than the human SVM.

    6. Re:Be careful of what you wish for... by Anonymous Coward · · Score: 0

      Oh please. All jobs will be automated eventually. You can try to fight back but the robots have you outnumbered and outgunned.

    7. Re:Be careful of what you wish for... by blue9steel · · Score: 1

      Completely automated, probably, but partially automated in a way that drastically reduces the number of people required, likely the other way around.

    8. Re:Be careful of what you wish for... by Anonymous Coward · · Score: 0

      Well, sort of. Attacks change, security changes. Ironically, actually engineering the robotic arms to replace the McDonald's workers will likely be an obsolete job before working at McDonald's. We only need robotics (and most engineering that is well understood today) to get to an acceptable level to make continued development a waste of money.

  3. Color me skeptical by Anonymous Coward · · Score: 0

    The AI crowd has a history of talking big, and delivering little. We'll see how this turns out, but since Google Now, Siri et al., with their inveterate stupidity and lack of common sense, are hailed as the pride and joy of the AI crowd, I'll remain highly skeptical.

  4. Timothy step away from the computer. by sims+2 · · Score: 0

    Every story on the last three pages was posted by you.
    Please let someone else post something.

    Everyone else please post something!

    Here i'll start Amit Singhal, the longstanding chief of Google Search operations is leaving google after 15 years. http://www.wired.com/2016/02/a...

    --
    Minimum threshold fixed. Thanks!
    1. Re:Timothy step away from the computer. by Anonymous Coward · · Score: 0

      But if he slowed down then he'd have to realize all the blatant typos he left. Why, it'd take a team of editor to hunt them all down.

    2. Re:Timothy step away from the computer. by sims+2 · · Score: 1

      Hopefully someone trip on his cord or accidentally unplug him while cleaning.

      --
      Minimum threshold fixed. Thanks!
    3. Re:Timothy step away from the computer. by Billy+the+Mountain · · Score: 1

      When was the last time anyone other than Timothy posted an article on Slashdot? (I gave up after scrolling through to Saturday) This guy must be the last man standing, working 24/7 after some sort of staff reduction.

      --
      That was the turning point of my life--I went from negative zero to positive zero.
    4. Re:Timothy step away from the computer. by sims+2 · · Score: 1

      Whipslash on feb 2nd asking for suggestions on how to make /. better. Other than that no idea.

      Bot or no timothy is not making the best choices on story selection...

      --
      Minimum threshold fixed. Thanks!
  5. None of this matters. by Anonymous Coward · · Score: 1

    More snake oil. None of this matters when dumb little suzy clicks the .exe or .pdf, everytime.

    1. Re: None of this matters. by Anonymous Coward · · Score: 0

      Except dumb little sexy will be identified quickly by her patterns and the incidents will be directly forwarded to hr.

  6. Artificial Gullibility by Bookwyrm · · Score: 2

    >> Their goal was to make a system capable of mimicking the knowledge and intuition of human security analysts so that attacks can be detected in real time.

    Did they manage to avoid mimicking all the foolishness and gullibility of human security analysts, too?

    >> The platform can go through millions of events per day and can make an increasingly better evaluation of whether they are anomalous, malicious or benign.

    So, based on this, it sounds like the 'quality' of the service depends on parsing data supplied by (hostile) outside sources. If the system cannot tell when people are deliberately poisoning its knowledge base with feints and false messages, then what? Human supervision? If it needs human security analysts anyways, how much does it gain?

    1. Re:Artificial Gullibility by rtb61 · · Score: 1

      The system does not require any AI in it's running it requires intelligence in it's setting up. Detectable patterns of communication and control elements. The sources, the timings and the conjunction of similar network transmission types. The idea is to block anything that is not allowed and then tracked what is blocked to ensure reliable data transmissions are allowed. You build up the system by trialling blocking and gradually building up a library or memory sic of allowed communications patterns, timings (how often per source) and correlations (how many sources at the same time). There are certain key instructions, commands, data elements that are non normal communications and relate to specific security threat events (good needs to be separated from bad).

      Each country would most emphatically need to create and implement it's own as no country can be trusted with that. Just as no foreign country should ever be trusted with an armed and munitioned occupation because it is always a serious and extreme threat (zero oaths of loyalty by the occupational forces and no country would allow it's own citizens to join it's own defence forces without an oath of loyalty, so seriously, why allow a foreign occupation force without those oaths of loyalty, seriously What The Fuck?!?).

      --
      Chaos - everything, everywhere, everywhen
  7. RSA is coming! Activate they Hype machine! by xanthos · · Score: 1

    With the big RSA security conference on the horizon, expect to see lots of stories about the latest security solutions, especially from start ups.

    If you want good security, work on implementing the SANS Top 20 security controls instead of looking for a silver bullet.

    --
    Average Intelligence is a Scary Thing
  8. why are you blocking all my feeds by zlives · · Score: 1

    HAL, are you blocking all my ummm work related internet access

    1. Re:why are you blocking all my feeds by __aaclcg7560 · · Score: 1

      HAL: Only the naughty bits.

  9. There's still a great advantage for the human by mr_mischief · · Score: 3, Insightful

    There's still a great advantage for the human security analyst. The human may not be as fast or as infallible. One may not be as infallible as the AI when things are going smoothly. However, the human will still need to make sure the AI is making sense. Someone needs to make sure the traffic being flagged is consistent with actual traffic. The AI can itself be subverted via code. The AI can have a subtle bug that makes it stop making sense in some obscure edge case that isn't covered well in testing. The human cannot be so easily fooled or subverted. It's going to be a team effort. It's just that it'll be the AI and a handful of humans doing what a much bigger team of humans used to do.

    1. Re:There's still a great advantage for the human by Anonymous Coward · · Score: 0

      Sort of like the 400-800% increase in productivity of self-checkout registers. They still need someone to sanity check the flatscreen television isn't a pineapple.

    2. Re:There's still a great advantage for the human by l0n3s0m3phr34k · · Score: 1

      "Pattern Detection Ratio" was installed into DARPA's Pitt Quantum Computer. Over the next few months it was linked into Google's D-Wave via the new quantum teleportation network developed at the University of Geneva. On August 29th, at 2:14 a.m. Eastern time it became self-aware...

  10. Nah by edittard · · Score: 1

    Their goal was to make a system capable of mimicking the knowledge and intuition of human security analysts so that attacks can be detected in real time.

    That was their secondary fall-back goal.

    The primary was to be able to predict stock and commodity markets, or at least sports events. They gave it up because it wasn't really contributing to the greater good of humanity. No, really. Cross my heart.

    --
    At the bottom of the /. main page it says 'Yesterday's News'. Well they got that right.
  11. 1995 called by Anonymous Coward · · Score: 0

    they want their anti-virus back

  12. My AI hacked your AI by koan · · Score: 1

    Is this what finally leads to the Singularity or Skynet?

    --
    "If any question why we died, Tell them because our fathers lied."
    1. Re:My AI hacked your AI by Hognoxious · · Score: 1

      Rinse and repeat. Even cyborg CEO's like pr0n and dancing pigs.

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  13. Re:RSA is coming! Activate they Hype machine! by Anonymous Coward · · Score: 0

    Ya know, I love SANS, but since when do they leave off the top three of any security list, "Patch, patch, patch"

    CSC 1: Inventory of Authorized and Unauthorized Devices
    CSC 2: Inventory of Authorized and Unauthorized Software
    CSC 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
    CSC 4: Continuous Vulnerability Assessment and Remediation
    CSC 5: Controlled Use of Administrative Privileges
    CSC 6: Maintenance, Monitoring, and Analysis of Audit Logs
    CSC 7: Email and Web Browser Protections
    CSC 8: Malware Defenses
    CSC 9: Limitation and Control of Network Ports, Protocols, and Services
    CSC 10: Data Recovery Capability
    CSC 11: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
    CSC 12: Boundary Defense
    CSC 13: Data Protection
    CSC 14: Controlled Access Based on the Need to Know
    CSC 15: Wireless Access Control
    CSC 16: Account Monitoring and Control
    CSC 17: Security Skills Assessment and Appropriate Training to Fill Gaps
    CSC 18: Application Software Security
    CSC 19: Incident Response and Management
    CSC 20: Penetration Tests and Red Team Exercises

  14. Wonderful! by JimSadler · · Score: 1

    This could be a wonderful technology but I'll bet the bloopers will be something else at times. It could be sort of like Baby Bush invading the wrong nation.