There are three types of attacks in which an attacker can use AI:

1. AI-boosted/based cyber-attacks – In this case, the malware operates AI algorithms as an integral part of its business logic. For example, using AI-based anomaly detection algorithms to indicate irregular user and system activity patterns.

2. AI-based attack infrastructure and frameworks – in this case, the malicious code and malware running on the victim’s machine do not include AI algorithms, however, AI is used elsewhere in the attacker’s environment and infrastructure – on the server side, in the malware creation process etc.

3. Adversarial attacks – In this case, we use “malicious” AI algorithms to subvert the functionality of “benign” AI algorithms. This is done by using the same algorithms and techniques used in traditional machine learning, but this time it’s used to “break” or “reverse-engineer” the algorithm(s) of security products. Read More

#assurance, #cyber