BIG BLUE IBM has developed a new attack called 'DeepLocker' that artificial intelligence (AI) to bypass cyber-security protections.
While this seems like it sets a dangerous precedent, there is method to IBM's madness, which claims that as cybercriminals are already working to weaponise AI, the best way to counter such a threat is to watch how it works.
While normal malware can be 'captured' and reverse-engineered to figure out what makes it tick (and thus build a vaccine), it's much more difficult to analyse how a neural network reaches its decisions.
The company built DeepLocker, described as "a new breed of highly targeted and evasive attack tools powered by AI", to understand how existing AI models can be combined with malware techniques to create a new type of attack. Its proof-of-concept tool hides itself in other applications until it identifies its victim: when that unlucky individual is tagged (through indicators like facial recognition, geolocation and voice recognition), the malware strikes.
The AI model will only 'unlock' the malware to begin the attack if it identifies certain criteria; these can be based on any number of attributes, including visual, audio, geolocation and system-level features. It's almost impossible to identify all possible triggers, making reverse-engineering the deep neural network (DNN) a difficult prospect.
To test DeepLocker, IBM hid the ransomware in a video conferencing application so that it couldn't be detected, and trained the AI model to unlock it based on facial recognition.
When the DNN saw the right person in front of their PC, through a webcam (remember, video conferencing), it provided the key to open the payload and lock down the victim's system.
The clever part of IBM's work is that it has turned a traditional weakness of black box AI - the fact that you can't see inside to understand how it reaches its decisions - into a strength.
"A simple ‘if this, then that' trigger condition is transformed into a deep convolutional network of the AI model that is very hard to decipher," wrote IBM's Marc Stoecklin. "In addition to that, it is able to convert the concealed trigger condition itself into a ‘password' or ‘key' that is required to unlock the attack payload."
IBM will be discussing its work at Black Hat USA 2018 on Thursday.
Flagship will launch a day early to avoid being 'overshadowed' by Apple
EC says merged entity will 'continue to face significant competition'
Alexa, give me a reason to be cheerful about the UK economy
No, it isn't 1 April