Artificial Reality | The PatternEx Blog

Labels in AI: Where The Human Meets the Machine

  1. A song streams from your Pandora app, and you click “thumbs up!”
  2. A parent reads a book to a baby, taps an image of a Labrador and says, “dog!”
  3. A student looks at the results of a Google search and clicks the fourth link.

What do all three of these things have in common with a data scientist's work? And why should an InfoSec professional care?

Topics: Artificial Intelligence Labels

Bending the Boundaries of Normal

Supervised Learning is a vital component of an Artificial Intelligence strategy. As InfoSec specialists, our job is to reduce both false positives and false negatives simultaneously in order to pinpoint real attacks. Without Supervised Learning, this task would be extremely difficult. With it, we can train a system to identify certain attacks with high levels of precision. And what's more, this system is working 24x7x365 and can review far more data than an army of humans could.

To illustrate the power of Supervised Learning, let us consider a simple example: a malware attack. We know that—despite all of our anti-malware, perimeter defenses, sandboxes, and security policies—malware gets into your systems. Once inside your organization, malware will seek to communicate with its controller to receive instructions. Let's compare using rules versus using Supervised Learning to detect malware.

Topics: Ignacio Arnaldo Supervised Learning

Attacks in the Abstract: Detecting New Attacks with AI

Consider Funshion malware. Sometimes classified as "aggressive malware," the base code is over four years old and is still bypassing endpoint protections. Funshion makes minor modifications to itself, rendering it invisible to the rules or signatures designed to catch it. Today there are well over a dozen variants in the wild, each designed to beat static rules. Each variant is essentially a new attack that rules cannot stop.

The good news is that AI has been able to do what rules cannot: understand that subtle variations of malware are still malware. This means AI can detect known attacks as well as attacks it has never seen before. This distinction alone puts it well beyond the capabilities of rules. So how does it work?

Topics: Artificial Intelligence Funshion Abstractions