Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

AI isn't just for the good guys anymore

Maria Korolov | Feb. 2, 2017
Criminals are beginning to use artificial intelligence and machine learning to get around defenses

The clever part isn't so much the automated conversation that the bot has with the victim, but the way that the profiles are created in the first place.

"It needs to create a profile dynamically, with a very attractive picture from Facebook, and an attractive occupation, like flight attendant or school teacher," said Omri Iluz, CEO and co-founder at PerimeterX.

Each profile is unique, yet appealing, he said.

"We know that it's not just automation because it's really hard," he said. "We ruled out manual processes just by sheer volume. And we also don't think they're rolling out millions of profiles and doing natural selection because it would be identified by the dating platform. These are very smart pieces of software."

Scalpers do something similar when they automatically buy tickets to resell at a profit.

"They need to pick the item that they know will get them a high value on the secondary market," he said. "And they can't do it manually because there's no time. And it can't be a numbers game because they can't simply buy all the inventories because then they'll be losing money. There's intelligence behind it."

The profits from these activities more than pay for the research and development, he said.

"When we look at the revenues these fraudsters generated, it's bigger than many real companies," he said. "And they don't need to kill anyone, or do something risky like deal drugs."

Getting ready for the Turing Test

In limited, specific applications, computers are already passing the Turing Test -- the classic thought experiment in which humans try to decide whether they're talking to another human, or to a machine.

The best defense against these kinds of attacks, said Intel's Grobman, is a focus on fundamentals.

"Most companies are still struggling with even moderate attack scenarios," he said. "Right now, the most important thing that companies can do is ensure they have a strong technical infrastructure and continue practicing simulations and red team attacks."

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.