This talk isn’t a detailed technical talk and does not require prior knowledge of Machine Learning or Artificial Intelligence. AI based algorithms have proved to be very successful at learning to do very complicated tasks including playing games like Chess, Atari games from the 80’s and Go. It is only a matter of time before these same techniques get applied on the offensive side to attack and exploit applications. On the flip side, there are a number of solutions that claim to use AI and Machine learning to defend against those pesky hackers, let alone those persistent computer algorithms. The reality is that the odds are stacked against the defenders with the AI and machine learning problem more suited to offensive than defensive applications. This presentation takes a high-level look at the state of the art in machine learning and AI with respect to Application Security examining how these may be used in both offensive and defensive applications. The presentation will examine how clever algorithms including reinforcement learning and math hacks may be used to trivially evade state of the art defensive applications. We also look at what our defensive options are. The presentation finishes by predicting where all this may lead and the impact on application security.
Key takeaways from the presentation are:
- A very high-level understanding of key concepts
- An introduction to the new threat models that AI & ML may introduce
- Provide some insight to ask the right questions of your suppliers by hopefully imbuing a healthy level of scepticism around some outlandish claims
- Thoughts and practical examples on the type of problems AI & ML can solve
- Predictions on where I believe this is all going by drawing analogies to the Cybersecurity world
- A high-level roadmap on how to get up to speed with AI & ML as I believe this will become as core to most jobs as computing is today
- Make some suggestions for next steps every business should take
Warning: The presentation does contain gratuitous references and images of Zulus, cats, Zombies and Charlie Sheen.
