生成式人工智能首次亮相時,企業(yè)紛紛啟動人工智能試驗。人們接受了很多不太理解或許也不完全信任的創(chuàng)新。然而對網(wǎng)絡安全專業(yè)人士來說,發(fā)揮人工智能的能力是多年宿愿,而且歷史性的里程碑即將出現(xiàn):預報攻擊的能力。
在網(wǎng)絡安全領域,事先預報一直是“至高核心”,但這一想法向來遭到質疑,而且確實有充分理由。有關“預報能力”的說法要么是營銷炒作,要么就為時過早。然而,如今人工智能正處于轉折點,更多數(shù)據(jù)訪問,運轉更流暢的模型以及數(shù)十年的經(jīng)驗積累為大規(guī)模預報鋪平了道路。
看到這里,讀者可能認為我馬上就要暗示聊天機器人會演變成網(wǎng)絡預言家,不會的,大伙可以松口氣了。新一代聊天機器人使用的生成式人工智能尚未達到最佳性能。這只是開始,當前技術為基礎模型和推理能力開辟道路,才能實現(xiàn)高度自信地判斷網(wǎng)絡攻擊的可能性,具體攻擊方式以及何時發(fā)生。
經(jīng)典人工智能模型
想要短期內掌握基礎模型可為安全團隊帶來的優(yōu)勢,必須首先了解這一領域人工智能發(fā)展的現(xiàn)狀。經(jīng)典人工智能模型利用針對特定用例的特定數(shù)據(jù)集訓練,快速準確地獲得特定結果,這是人工智能應用在網(wǎng)絡安全中的關鍵優(yōu)勢。時至今日,相關創(chuàng)新加上自動化,在管理威脅、保護用戶身份和數(shù)據(jù)隱私方面繼續(xù)發(fā)揮著重要作用。
如果經(jīng)典人工智能用Clop勒索軟件(對數(shù)百個組織造成嚴重破壞的變體)訓練,就能識別各種特征和細微線索,推斷出環(huán)境中存在勒索軟件,并優(yōu)先標記提示安全團隊。完成的速度和準確度都很高,明顯超過手動分析。
今天,威脅模式出現(xiàn)了變化。攻擊面逐漸擴大,對手跟企業(yè)一樣使用人工智能,安全技能仍然稀缺。傳統(tǒng)人工智能無法獨立覆蓋各種基礎。
自我訓練的人工智能模型
最近生成式人工智能興起將大型語言模型(LLM)推向了網(wǎng)絡安全領域的中心,因為大語言模型能利用自然語言為安全分析師快速獲取和總結各種形式的信息。這些模型為安全團隊提供類似人類的交互體驗,使復雜且技術含量很高的信息消化和分析更方便也更迅速。
我們開始發(fā)現(xiàn)大語言模型能幫團隊更快也更準確地做出決策。在某些情況下,以前需要數(shù)周的操作現(xiàn)在幾天甚至數(shù)小時就能完成。當然,速度和準確性仍然是新型創(chuàng)新的關鍵特征。比較知名的案例包括IBM Watson Assistant、微軟Copilot或Crowdstrike的Charlotte 人工智能聊天機器人等等技術突破。
安全市場當前的創(chuàng)新前沿在于:實現(xiàn)大語言模型的價值,主要途徑是作為安全分析師人工助理的聊天機器人。未來12至18個月內,創(chuàng)新將轉化應用并產(chǎn)生實質性影響。
由于行業(yè)人才短缺,安全人員每天面臨的威脅也不斷增加,各方面能爭取到的幫助都需要,而且聊天機器人可將能量成倍放大??紤]一下,網(wǎng)絡犯罪分子已將執(zhí)行勒索軟件攻擊的時間減少94%:既然犯罪分子將時間當成武器,防守方也必須盡可能縮短應對時間。
然而,在基礎模型對網(wǎng)絡安全影響方面,網(wǎng)絡聊天機器人只是前菜。
處于創(chuàng)新中心的基礎模型
大語言模型成熟后,我們將能充分利用基礎模型的潛力。基礎模型可在多模式數(shù)據(jù)上訓練——不僅包括文本,還有圖像、音頻、視頻、網(wǎng)絡數(shù)據(jù)、行為等??稍诖笳Z言模型簡單語言處理基礎上搭建,顯著增加或替代人工智能當前需要的大量參數(shù)。再加上基礎模型可自我監(jiān)督,本身比較直觀且適應性強。
具體什么意思?之前提到的勒索軟件案例中,基礎模型不必了解Clop勒索軟件,甚至不用了解任何勒索軟件,就能發(fā)現(xiàn)異??梢傻男袨?。基礎模型可以自行學習,不需要針對特定的場景訓練。因此在這種情況下,基礎模型能發(fā)現(xiàn)難以捉摸的、前所未有的威脅。這一能力可提高安全分析師的效率,加快調查和響應。
相關能力距離實現(xiàn)已不遠。大概一年前,我們在IBM啟動了一個試驗項目,為安全部門研發(fā)基礎模型,監(jiān)測之前無法發(fā)現(xiàn)的威脅并做出預報,在不損害數(shù)據(jù)隱私的前提下在企業(yè)安全堆棧中實現(xiàn)直觀通信和推理。
客戶一次試驗中,該模型的新功能在攻擊幾天之前就預報了55次攻擊。分析人士的證據(jù)顯示,55個預報中23次攻擊確實出現(xiàn),其他多次攻擊在被發(fā)現(xiàn)之前就已被阻止。其中包括多次分布式拒絕服務(DDoS),還有企圖配置不同惡意軟件的網(wǎng)絡釣魚攻擊。提前了解對手的意圖并為攻擊做好準備,防守方就能掌握難得的富裕時間。
基礎模型的訓練數(shù)據(jù)來自幾個相互影響的數(shù)據(jù)源——從API源、情報源、危害指標到行為和社交平臺指標等?;A模型能幫我們 "發(fā)現(xiàn) "對手利用客戶環(huán)境中已知漏洞的意圖,以及成功入侵后外泄數(shù)據(jù)的計劃。此外,該模型假設了300多種新攻擊模式,企業(yè)可利用相關信息強化安全防護。
相關知識給防守方爭取到富裕時間的重要性不言而喻。了解即將到來的攻擊后,安全團隊可以采取應對措施,防止造成嚴重后果(例如,修補漏洞和糾正錯誤配置),也能為主動威脅類攻擊做好準備。
如果說基礎模型能阻止網(wǎng)絡威脅,讓全世界網(wǎng)絡更安全,我會高興得難以言喻,然而實際情況并不一定如此。預報并不是預言,而是經(jīng)過證實的預測。(財富中文網(wǎng))
斯里達爾·穆皮迪(Sridhar Muppidi)是IBM研究員,也是IBM Security首席技術官。
譯者:梁宇
審校:夏林
生成式人工智能首次亮相時,企業(yè)紛紛啟動人工智能試驗。人們接受了很多不太理解或許也不完全信任的創(chuàng)新。然而對網(wǎng)絡安全專業(yè)人士來說,發(fā)揮人工智能的能力是多年宿愿,而且歷史性的里程碑即將出現(xiàn):預報攻擊的能力。
在網(wǎng)絡安全領域,事先預報一直是“至高核心”,但這一想法向來遭到質疑,而且確實有充分理由。有關“預報能力”的說法要么是營銷炒作,要么就為時過早。然而,如今人工智能正處于轉折點,更多數(shù)據(jù)訪問,運轉更流暢的模型以及數(shù)十年的經(jīng)驗積累為大規(guī)模預報鋪平了道路。
看到這里,讀者可能認為我馬上就要暗示聊天機器人會演變成網(wǎng)絡預言家,不會的,大伙可以松口氣了。新一代聊天機器人使用的生成式人工智能尚未達到最佳性能。這只是開始,當前技術為基礎模型和推理能力開辟道路,才能實現(xiàn)高度自信地判斷網(wǎng)絡攻擊的可能性,具體攻擊方式以及何時發(fā)生。
經(jīng)典人工智能模型
想要短期內掌握基礎模型可為安全團隊帶來的優(yōu)勢,必須首先了解這一領域人工智能發(fā)展的現(xiàn)狀。經(jīng)典人工智能模型利用針對特定用例的特定數(shù)據(jù)集訓練,快速準確地獲得特定結果,這是人工智能應用在網(wǎng)絡安全中的關鍵優(yōu)勢。時至今日,相關創(chuàng)新加上自動化,在管理威脅、保護用戶身份和數(shù)據(jù)隱私方面繼續(xù)發(fā)揮著重要作用。
如果經(jīng)典人工智能用Clop勒索軟件(對數(shù)百個組織造成嚴重破壞的變體)訓練,就能識別各種特征和細微線索,推斷出環(huán)境中存在勒索軟件,并優(yōu)先標記提示安全團隊。完成的速度和準確度都很高,明顯超過手動分析。
今天,威脅模式出現(xiàn)了變化。攻擊面逐漸擴大,對手跟企業(yè)一樣使用人工智能,安全技能仍然稀缺。傳統(tǒng)人工智能無法獨立覆蓋各種基礎。
自我訓練的人工智能模型
最近生成式人工智能興起將大型語言模型(LLM)推向了網(wǎng)絡安全領域的中心,因為大語言模型能利用自然語言為安全分析師快速獲取和總結各種形式的信息。這些模型為安全團隊提供類似人類的交互體驗,使復雜且技術含量很高的信息消化和分析更方便也更迅速。
我們開始發(fā)現(xiàn)大語言模型能幫團隊更快也更準確地做出決策。在某些情況下,以前需要數(shù)周的操作現(xiàn)在幾天甚至數(shù)小時就能完成。當然,速度和準確性仍然是新型創(chuàng)新的關鍵特征。比較知名的案例包括IBM Watson Assistant、微軟Copilot或Crowdstrike的Charlotte 人工智能聊天機器人等等技術突破。
安全市場當前的創(chuàng)新前沿在于:實現(xiàn)大語言模型的價值,主要途徑是作為安全分析師人工助理的聊天機器人。未來12至18個月內,創(chuàng)新將轉化應用并產(chǎn)生實質性影響。
由于行業(yè)人才短缺,安全人員每天面臨的威脅也不斷增加,各方面能爭取到的幫助都需要,而且聊天機器人可將能量成倍放大??紤]一下,網(wǎng)絡犯罪分子已將執(zhí)行勒索軟件攻擊的時間減少94%:既然犯罪分子將時間當成武器,防守方也必須盡可能縮短應對時間。
然而,在基礎模型對網(wǎng)絡安全影響方面,網(wǎng)絡聊天機器人只是前菜。
處于創(chuàng)新中心的基礎模型
大語言模型成熟后,我們將能充分利用基礎模型的潛力?;A模型可在多模式數(shù)據(jù)上訓練——不僅包括文本,還有圖像、音頻、視頻、網(wǎng)絡數(shù)據(jù)、行為等。可在大語言模型簡單語言處理基礎上搭建,顯著增加或替代人工智能當前需要的大量參數(shù)。再加上基礎模型可自我監(jiān)督,本身比較直觀且適應性強。
具體什么意思?之前提到的勒索軟件案例中,基礎模型不必了解Clop勒索軟件,甚至不用了解任何勒索軟件,就能發(fā)現(xiàn)異??梢傻男袨?。基礎模型可以自行學習,不需要針對特定的場景訓練。因此在這種情況下,基礎模型能發(fā)現(xiàn)難以捉摸的、前所未有的威脅。這一能力可提高安全分析師的效率,加快調查和響應。
相關能力距離實現(xiàn)已不遠。大概一年前,我們在IBM啟動了一個試驗項目,為安全部門研發(fā)基礎模型,監(jiān)測之前無法發(fā)現(xiàn)的威脅并做出預報,在不損害數(shù)據(jù)隱私的前提下在企業(yè)安全堆棧中實現(xiàn)直觀通信和推理。
客戶一次試驗中,該模型的新功能在攻擊幾天之前就預報了55次攻擊。分析人士的證據(jù)顯示,55個預報中23次攻擊確實出現(xiàn),其他多次攻擊在被發(fā)現(xiàn)之前就已被阻止。其中包括多次分布式拒絕服務(DDoS),還有企圖配置不同惡意軟件的網(wǎng)絡釣魚攻擊。提前了解對手的意圖并為攻擊做好準備,防守方就能掌握難得的富裕時間。
基礎模型的訓練數(shù)據(jù)來自幾個相互影響的數(shù)據(jù)源——從API源、情報源、危害指標到行為和社交平臺指標等。基礎模型能幫我們 "發(fā)現(xiàn) "對手利用客戶環(huán)境中已知漏洞的意圖,以及成功入侵后外泄數(shù)據(jù)的計劃。此外,該模型假設了300多種新攻擊模式,企業(yè)可利用相關信息強化安全防護。
相關知識給防守方爭取到富裕時間的重要性不言而喻。了解即將到來的攻擊后,安全團隊可以采取應對措施,防止造成嚴重后果(例如,修補漏洞和糾正錯誤配置),也能為主動威脅類攻擊做好準備。
如果說基礎模型能阻止網(wǎng)絡威脅,讓全世界網(wǎng)絡更安全,我會高興得難以言喻,然而實際情況并不一定如此。預報并不是預言,而是經(jīng)過證實的預測。(財富中文網(wǎng))
斯里達爾·穆皮迪(Sridhar Muppidi)是IBM研究員,也是IBM Security首席技術官。
譯者:梁宇
審校:夏林
When generative AI made its debut, businesses entered an AI experiment. They bought in on innovations that many of them don’t quite understand or, perhaps, fully trust. However, for cybersecurity professionals, harnessing the potential of AI has been the vision for years–and a historic milestone will soon be reached: the ability to predict attacks.
The idea of predicting anything has always been the “holy grail” in cybersecurity, and one met, for good reason, with significant skepticism. Any claim about “predictive capabilities” has turned out to be either marketing hype or a premature aspiration. However, AI is now at an inflection point where access to more data, better-tuned models, and decades of experience have carved a more straightforward path toward achieving prediction at scale.
By now, you might think I’m a few seconds away from suggesting chatbots will morph into cyber oracles, but no, you can sigh in relief. Generative AI has not reached its peak with next-gen chatbots. They’re only the beginning, blazing a trail for foundation models and their reasoning ability to evaluate with high confidence the likelihood of a cyberattack, and how and when it will occur.
Classical AI models
To grasp the advantage that foundation models can deliver to security teams in the near term, we must first understand the current state of AI in the field. Classical AI models are trained on specific data sets for specific use cases to drive specific outcomes with speed and precision, the key advantages of AI applications in cybersecurity. And to this day, these innovations, coupled with automation, continue to play a drastic role in managing threats and protecting users’ identity and data privacy.
With classical AI, if a model was trained on Clop ransomware (a variant that has wreaked havoc on hundreds of organizations), it would be able to identify various signatures and subtleties inferring that this ransomware is in your environment and flag it with priority to the security team. And it would do it with exceptional speed and precision that surpasses manual analysis.
Today, the threat model has changed. The attack surface is expanding, adversaries are leaning on AI just as much as enterprises are, and security skills are still scarce. Classical AI cannot cover all bases on its own.
Self-trained AI models
The recent boom of generative AI pushed Large Language Models (LLMs) to centerstage in the cybersecurity sector because of their ability to quickly fetch and summarize various forms of information for security analysts using natural language. These models deliver human-like interaction to security teams, making the digestion and analysis of complex, highly technical information significantly more accessible and much quicker.
We’re starting to see LLMs empower teams to make decisions faster and with greater accuracy. In some instances, actions that previously required weeks are now completed in days–and even hours. Again, speed and precision remain the critical characteristics of these recent innovations. Salient examples are breakthroughs introduced with IBM Watson Assistant, Microsoft Copilot, or Crowdstrike’s Charlotte AI chatbots.
In the security market, this is where innovation is right now: materializing the value of LLMs, mainly through chatbots positioned as artificial assistants to security analysts. We’ll see this innovation convert to adoption and drive material impact over the next 12 to 18 months.
Considering the industry talent shortage and rising volume of threats that security professionals face daily, they need all the helping hands they can get–and chatbots can act as a force multiplier there. Just consider that cybercriminals have been able to reduce the time required to execute a ransomware attack by 94%: they’re weaponizing time, making it essential for defenders to optimize their own time to the maximum extent possible.
However, cyber chatbots are just precursors to the impact that foundation models can have on cybersecurity.
Foundation models at the epicenter of innovation
The maturation of LLMs will allow us to harness the full potential of foundation models. Foundation models can be trained on multimodal data–not just text but image, audio, video, network data, behavior, and more. They can build on LLMs’ simple language processing and significantly augment or supersede the current volume of parameters that AI is bound to. Combined with their self-supervised nature, they become innately intuitive and adaptable.
What does this mean? In our previous ransomware example, a foundation model wouldn’t need to have ever seen Clop ransomware–or any ransomware for that matter–to pick up on anomalous, suspicious behavior. Foundation models are self-learning. They don’t need to be trained for a specific scenario. Therefore, in this case, they’d be able to detect an elusive, never-before-seen threat. This ability will augment security analysts’ productivity and accelerate their investigation and response.
These capabilities are close to materializing. About a year ago, we began running a trial project at IBM, pioneering a foundation model for security to detect previously unseen threats, foresee them, and empower intuitive communication and reasoning across an enterprise’s security stack without compromising data privacy.
In a client trial, the model’s nascent capabilities predicted 55 attacks several days before the attacks even occurred. Of those 55 predictions, the analysts have evidence that 23 of those attempts took place as expected, while many of the other attempts were blocked before they hit the radar. Amongst others, this included multiple Distributed Denial of Service (DDoS) attempts and phishing attacks intending to deploy different malware strains. Knowing adversaries’ intentions ahead of time and prepping for these attempts gave defenders a time surplus they don’t often.
The training data for this foundation model comes from several data sources that can interact with each other–from API feeds, intelligence feeds, and indicators of compromise to indicators of behavior and social platforms, etc. The foundation model allowed us to “see” adversaries’ intention to exploit known vulnerabilities in the client environment and their plans to exfiltrate data upon a successful compromise. Additionally, the model hypothesized over 300 new attack patterns, which is information organizations can use to harden their security posture.
The importance of the time surplus this knowledge gave defenders cannot be overstated. By knowing what specific attacks were coming, our security team could run mitigation actions to stop them from achieving impact (e.g., patching a vulnerability and correcting misconfigurations) and prepare its response for those manifesting into active threats.
While it would bring me no greater joy than to say foundation models will stop cyber threats and render the world cyber-secure, that’s not necessarily the case. Predictions aren’t prophecies–they are substantiated forecasts.
Sridhar Muppidi is an IBM fellow and CTO of IBM Security.