Big Data & Analytics - Thinks and Links | July 8, 2023

Big Data & Analytics - Thinks and Links | News and insights at the intersection of cybersecurity, data, and AI

Happy Friday!

Last month, Optiv’s Source Zero Con provided three days of exceptional thought leadership for the cybersecurity community. This week, I’m excited to share some of my favorite talks from that conference involving data, AI, and security. The three talks below are a master class in AI/ML – opportunities for cybersecurity, vulnerabilities for exploit, and approaches towards defenses.

Ghost in the Machine: Adversarial AI Attacks

An excellent primer to how Machine Learning and AI work as well as how these models can be exploited. A detailed discussion of how AI can be (and has been) used for accomplishing malicious ends. This talk explores different types of machine learning attacks, real-world case studies, and advancements in defensive strategies including:

No alt text provided for this image

How to Use AI for Decision Making for Vulnerability Remediation Planning

This video describes how artificial intelligence within expert systems can accelerate vulnerability remediation planning within businesses. An expert system uses a knowledge base plus an AI model to determine the best plan to solve a problem. In this instance, an expert system analyzes data from vulnerabilities identified through software scanners and agents and assists in decision-making for effective vulnerability remediation. It considers the severity and exploitability of the vulnerabilities and plays a role in automating steps involved to resolve them.

No alt text provided for this image

A striking example: a large proportion of 2020’s cyber attacks were linked to vulnerabilities reported three years prior. Patching new issues is important, but a reliable remediation plan and a human-supervised, automated system can emulate a human expert and provide efficient, cost-effective solutions.

The video describes the high-level design for a system that could ingest client vulnerability data, generates plans, coordinate with human oversight, and determine the best course of action for remediation. It could also take automated action to significantly cut down on consultation time and cost, at the expense of an initial investment into the creation of inference rules.

AI For Red Teamers

This video discusses the use of AI for red teaming and penetration testing. It covers topics such as the use of ChatGPT and related models for script development, code analysis, phishing email generation, and summarizing reports.

Red teamers are also able to clone a voice and have a real-time conversation with people to perform social engineering. With 15 minutes of audio, the model can be trained to allow a real-time conversation as that person. This video shared the example of Jeff Bezos calling in to offer free Amazon Prime membership to anyone who listens. The team will be at Blackhat in a few weeks showing how easy (and scary) this capability is.

Future uses of AI in offensive security are likely to include rapid data analytics, automation of many security tasks, and conducting more sophisticated attacks.


Windows Copilot is Coming

https://blogs.windows.com/windows-insider/2023/06/29/announcing-windows-11-insider-preview-build-23493/

Windows Copilot is a new feature introduced by Microsoft earlier this year. It is now available as an early preview for Windows Insiders and developers. Soon Windows users will be able to use text (or voice) to perform actions such as changing settings, taking screenshots, and summarizing websites. Microsoft plans to add more AI features and expand the preview to other Windows early-adopters soon.

Copyright Law, Fair Use, and Generative AI

https://www.oodaloop.com/archive/2023/07/05/the-future-of-copyright-law-fair-use-and-generative-ai/

This article excellently covers the current state of legal and ethical considerations around Generative AI including models like ChatGPT. It includes a summary of recent lawsuits that have been filed concerning issues relating to artificial intelligence as well as additional resources and the most recent assessments of copyright, fair use, and generative AI performed by various organizations.

Practical considerations for bias audits under NYC Local Law 144

https://iapp.org/news/a/practical-considerations-for-bias-audits-under-nyc-local-law-144/

New York City’s Local Law 144 went into effect this week. The law requires employers to perform bias audits on AI systems used in hiring. The law doesn’t specify strict dataset requirements, so organizations have some flexibility in preparing their data for audit. It will be interesting to see how the disclosures by organizations of any detected bias begins to shape the debate around AI regulation. On one hand, the ability of a model to drive real harm is important to monitor. On the other hand, the evaluations will only be as good as the data they’re based on – and there are some real gaps. Other regulations of AI will likely be informed by the successes and failures we’re about to see play out in NYC.

Event-Driven Architecture - Great Explainer from Splunk

https://www.splunk.com/en_us/blog/learn/eda-event-driven-architecture.html

If the only thing you think of when you hear Kafka cockroaches or bureaucratic nightmares, this article is for you. It is a great primer on why we build Event-Driven Architectures for security and log analytics. It also explains some of the challenges of these systems that our team faces every day. Go deeper into the links in the article and you’ll find lots of useful blog posts about security, data management, and root cause analysis.

🦜🔗 Awesome LangChain

https://github.com/kyrolabs/awesome-langchain

LangChain is a very popular framework that is being used in many Language Learning Machine (LLM) projects. It provides a number of accelerators to developers and data scientists looking to build LLM capabilities. The concept of a chain – e.g. a sequence of queries to the model for various purposes – unlocks powerful capabilities such as sophisticated text summarization and autonomous AI Agents. Its ecosystem is rapidly expanding, which highlights its growing popularity and utility.

Code, Low-Code, or No-Code – there are some really cool projects, tools, videos, and resources linked here. It is… awesome.


Have a Great Weekend!

No alt text provided for this image