in Cyber Security
Parallel Session 5.2
What is it today and what does the future hold?
- Opening keynotes
- Panel discussion
- Dr. Philippe Owezarski (LAAS-CNRS, France)
- Dr. Sebastian Schrittwieser (Josef Ressel Center for Unified Threat Intelligence on Targeted Attacks / University of applied Science St. Pölten)
- Markus Wurzenberger
- Matti Aksela (Artificial Intelligence / F-Secure Corporation, Finland)
The session will critically discuss the state of the art and true maturity of ML and AI based cyber security tools but as well as the limitations of AI based approaches. The implications for next generation of IT/OT-operation driven by ML/AI methodologies on skills, processes and system architectures will be elaborated in the context of the potential new risks posed by the use of AI.
We are experiencing a comprehensive digitization and simultaneous networking in all areas of our life resulting in an enormous complexity of our digital systems and at the same time generating a growing dependence of all our future applications on the underlying ICT infrastructures. The rising complexity of such ICT systems brings about an increasing number of vulnerabilities, which can be exploited for malicious activities. In addition to this the motivation of cyber attackers has moved from fun and fame to financial gain and an essential factor for competitiveness in a global market. Organized crime in the global context is investing considerable financial means in R&D activities to constantly find new methods to overcome security barriers. Worryingly, cyber attacks have increasingly turned into cyber terrorism and cyber war initiatives based on considerable personnel and financial resources.
The modern threat landscape is characterized by enhanced automation, vast numbers of services and touchpoints and enormous amounts of data and the ability to exploit human vulnerabilities. Traditional means of cyber security, such as antivirus and antimalware software, e-mail scan systems and spam-filters hold already an important place in the majority of networked IT systems, but only a portion of all malware attacks will be identified by such defense systems – and also they need to deal with the ever-increasing variation in attempts to bypass these defenses as well as entirely new types of automated and targeted attacks.
It is clearly necessary to develop new methodologies, tools and processes to implement efficient security and resilience mechanisms in growingly complex ICT systems that are ever connected and expose even more attack surface towards the internet. Technologies such as machine learning (ML) and Artificial Intelligence (AI) have reached already a maturity level where they can both enhance existing cyber security methodologies and also act as the foundation for new effective cyber security tools.
However, to get the full benefit as well as market acceptance for modern tools, there are several important topics to consider – one of which is awareness of the true current state of things; in many ways the current hype on AI is also making it more difficult to separate truly working solutions and valuable tools from marketing jargon just littered with buzzwords. This session will discuss:
- State of the art and true maturity of ML and AI based cyber security tools
- Limitations of AI based approaches
- Do we need new training data for next generation AI cyber security
- The implications for next generation of IT/OT-operation driven by ML/AI methodologies on skills, processes and system architectures
- A glimpse into the dark side
- Risks posed by the use of AI – are we generating new vulnerabilities
- AI in the hands of threat actors
- Future directions – what we expect to see from AI in Cyber Security in the years ahead
Matti Aksela, Vice President, Artificial Intelligence, heads the Artificial Intelligence Centre of Excellence at F-Secure. His responsibilities include leading artificial intelligence research and implementation work at F-Secure, as well as collaboration with both internal stakeholders and also universities and other partners in the domain. Prior to joining the F-Secure team, Matti has been working in various senior technical leadership roles in organizations such as Comptel, Verto Analytics and Xtract, building and delivering products and solutions that utilize big data, machine learning and artificial intelligence across industries. He received his Doctor of Science (Technology) degree from the Helsinki University of Technology.
Since 2009, Dr. Leopold is with the AIT Austrian Institute of Technology where he heads the Digital Safety and Security Center. Before AIT he was with Telekom Austria, the largest network operator in Austria. As acting CTO he was the driving force of the broadband product innovation program. He has always been actively involved in research projects at EU level, international standardization as well as various industry bodies. He holds a Masters’ degree in Computer Science from the Vienna University of Technology and a PhD from the University of Lancaster, UK.
Markus Wurzenberger, MSc, finished his Bachelor’s Degree in Mathematics in Science and Technology in 2013. In 2014 he joined AIT as a freelancer and finished his Master’s Degree in Technical Mathematics in 2015. In the end of 2015 he joined AIT’s Cyber Security research group as Junior Scientist and is working on national and international research projects. His primary research interest is log data analysis with focus on anomaly detection. In 2016 Markus started his PhD studies in Computer Science.