-
Operational Client
Full graphical user interface for daily operator activities.
-
Configuration Client
Enjoy custom configuration with our Config Client.
-
WEB Client
Provides remote web access to our core services.
-
GIS Integrations
Intuitive visualization of mobile units and alarms.
-
Incident Manager
Helps you handle incoming notifications efficiently.
-
IP-Matrix
With our IP-Matrix, you can control your video walls.
Download Product Ebook
View all our solutions
Sky-Walker Architecture
View all our integrations
Book Protocol workshop
Our Company
Contact Us
View All Our Case Studies
English
Français
NederlandsMachine Learning: opportunity or threat?
In the light of the upcoming VBN Security Summit held in Amersfoort, we tackle the topic of Machine Learning and its implication in the security management field. On the 18th of November, the first lecture given will be about Artificial Intelligence as an advantage or a danger for the security environment. Regardless of the conclusion, it is clear that Artificial Intelligence and Machine Learning will shape the future of security. Therefore, it seemed natural to give a few insights on this topic ourselves as many major companies moved from a purely “signature-based” system to machine learning systems used to anticipate and to detect malware. If you want to learn more, keep on reading.
1. First and foremost, what is Machine Learning?
While machine learning has been around for quite some time now, the growing availability of large amounts of data and advances in computing power have created an environment that has allowed for significant technological progress in recent years. Even though terms are sometimes misused and misunderstood, machine learning can be viewed as a sub-field of today’s very important field of artificial intelligence, which has actually existed since the 1950s.
Machine learning is all about building statistical models that make predictions from data without hard-coded rules and have the ability to improve their performance over time with further data exposure. A machine learning algorithm makes a prediction about a property of interest given a sufficient number of instances from a data source, known as training data, and a property of interest when given a fresh, unseen example. This can be accomplished by calibrating internal parameters using known examples or by using alternative techniques.
Therefore, the concept of machine learning can be clearly defined as “the ability for computers to learn without being explicitly programmed”. Machine learning algorithms essentially develop models of behaviors and utilize those models as a basis for making future predictions based on new input data using mathematical techniques used across large datasets.
Machine learning is often interlinked with the development of self-driving cars. They would use the data gathered by car to anticipate various scenarios along the way such as bad traffic or crossing paths. However, a much more common and vastly utilized example can be identified: Netflix. The platforms constantly suggest new shows to watch based on the previously viewed ones. This constant update available on the platform is a form of machine learning through Netflix algorithm. But these examples are far from being the only ones. Various fields such as medical diagnostics, commerce or finance are also benefiting from this recent development. Regarding the security field, machine learning intends at helping businesses to better analyze threats and to improve the response to attacks and security incidents.
2. Opportunities
Threat anticipation
As mentioned earlier, one of the key features of machine learning is the ability of machine learning models to analyse large amounts of data - both structured or unstructured. This can radically improve analytical capabilities in risk management and compliance by allowing risk managers in various kinds of institutions to identify risks more effectively and timely, make more informed decisions, and reduce the risk of incidents. Machine learning algorithms will help businesses to detect malicious activities faster and stop attacks before they even get started.
Enhance human learning
At the heart of machine learning in security, there is the belief that it helps human analysts with all aspects of the job, including detecting malicious attacks, analyzing networks, and vulnerability assessment. By that, we mean that the human brain will be pushing its analysis further thanks to machine learning, as the model will provide pre-analyzed data. Therefore, the human learning process will be starting a few steps ahead than it usually does.
Automation of tasks
The real benefit of using machine learning is that it could automate repetitive and boring tasks, enabling the security staff to focus on more important work. The Machine Learning process should ultimately be aiming at removing the need for humans to do repetitive, law-value decision-making activities. Let the machine handle the repetitive work such as opening doors so that the humans can free up time to deal with strategic and crucial issues instead.
3. Threats
Adversarial attacks
A classic adversarial attack targets a trained machine learning model by incorporating inputs to the model intentionally designed to cause it to make a mistake. It consists of subtly modifying an original image in such a way that the changes are almost undetectable to the human eye. They are like optical illusions for machines. The modified image is called an adversarial image, and when submitted to a classifier is misclassified, while the original one is correctly classified.
Adversarial attacks raise important security concerns as such attacks could be performed on different systems such as footage retrieved from CCTV cameras. Simply by adding a level of noise of the images, incidents could remain undetected as they would not be correctly classified. Its risk is also aggravated by the fact that they can be performed even if the even if the attacker has no access to the underlying model. A possible defense against them is to use adversarial training, i.e. generating many adversarial examples and explicitly training the model not to be fooled by them.
Data poisoning
Unlike classic adversarial attacks, data poisoning targets the data used to train machine learning. Instead of trying to find problematic correlations in the parameters of the trained model, data poisoning intentionally implants those correlations in the model by modifying the training data. As Machine Learning is often dealing with very large chunks of data, it would be very difficult to notice right away a few poisoned data within the sets which would to misinterpretation of the data.
While data poisoning sounds dangerous, it presents some challenges, the most important being that the attacker must have access to the training pipeline of the machine learning model.
In conclusion, as many arising new technologies, machine learning presents both positive and negative aspects depending on how it is used and by whom. Regardless, the development and the adaption of the technology is bound to be drastically increasing in the next few years. Therefore, rather than denying it, training in order to avoid a vast majority of potential threats might be the best option for the future of security businesses.
