Artificial intelligence – AI – and cybersecurity are two technologies that have become increasingly important as our society has become more digitised. But is it possible to combine these technologies, and if so, what are the benefits? We asked Shahid Raza and Daniel Gillblad, two real RISE experts in their respective fields, to explain further and tell us how artificial intelligence and cybersecurity can benefit from and strengthen one another.
As more and more everyday devices are connected, the need for us to rely on external providers and suppliers is also increasing. Providers of cloud services, providers of Internet of Things services and hardware suppliers could all constitute potential security risks.
– A cloud service provider might use data unlawfully, or a smart speaker might be listening when it is not supposed to be,” says Shahid Raza, head of cybersecurity at RISE.
Faster and more secure with distributed analysis
New AI technology can help detect and prevent attacks of this kind and enhance security in a new, distributed way.
– “We sometimes talk about moving AI and machine learning to ‘the edge’ the edge of the network, that is,” says Daniel Gillblad. “In practice, this means that we do not need to send all data to a central device for analysis. Instead, we can perform the analysis a lot closer to the device that is at risk of attack, for example. This allows the analysis to be performed more quickly, as well as making it more secure because we do not need to send potentially sensitive data.
– We can then use this distributed technology to resolve security problems in an Internet of Things environment,” says Shahid Raza.
Easier to identify discrepancies
Artificial intelligence is also used to identify and prevent attacks and hacking attempts in traditional IT systems. While it is difficult for humans to predict all conceivable situations that could arise, a security system can be trained to identify what is normal behaviour and take action when behaviour deviates from the norm.
– “AI is a fantastic shortcut when it comes to managing large data volumes,” says Daniel Gillblad. “As more and more data-driven systems are developed, security will also become even more important than it has been to date.
– “It is particularly critical to secure systems where attacks could cause a lot of damage, such as essential services like power and water supplies, or defence and security,” adds Shahid Raza. “But AI can be used for security purposes up to a national level, where technology can be used to identify fake news campaigns on social media.
Correct data needed for training
Just as artificial intelligence can create better cybersecurity solutions, cybersecurity is key to the development of AI services. When large data volumes are used to train artificial intelligence, the data has to be correct and not manipulated.
– “In fact, it is relatively easy to trick AI or machine learning solutions,” says Shahid Raza. “Tiny, tiny changes to the training data are all you need for the system to eventually identify a hacking attempt as normal behaviour.”
Data as decision support makes more stringent demands of security
Making sure that data is managed securely is nothing new: this has been an important issue for a long time. The difference is that when AI services start to be used to provide decision data for security and law and order, for example, it has to be possible to rely on these services, to rely on the fact that the decisions made are based on data that originates from a verified source and that the data in itself is not incorrect.
– “Regardless of whether humans or AI lay the foundation for decisions, incorrect data may of course lead to incorrect decisions. But when decisions made relate to medical treatments or automated vehicles, for example, mistakes must simply not be made,” concludes Daniel Gillblad.