Security researchers discussed ways to utilize artificial intelligence in enhancing security in a three-day workshop. The Workshop on Dependable and Secure Computing (WDSC) 2024 was organized by the Korean Institute of Information Scientists and Engineers (KIISE), taking place from August 19 to August 21.
According to Choi Yoon-ho, a professor specializing in software and system security at Pusan National University, AI can be leveraged in cybersecurity for Intrusion Detection System (IDS) and malware detection. He explained that the rapid increase in known vulnerabilities has made it nearly impossible for humans to identify all potential threats. Additionally, with security solutions that must operate 24 hours a day, it is impractical for humans to thoroughly examine every detail. AI can assist by handling these tasks, allowing people to focus on more critical responsibilities.
AI for IDS is currently being used and researched both within South Korea and internationally. In South Korea, research on AI for IDS is being conducted by organizations such as the Electronics and Telecommunications Research Institute (ETRI), the Korea Internet and Security Agency (KISA), and various other laboratories. These institutes focus on creating databases for IDS and exploring different systems. Internationally, the Center for Education and Research in Information Assurance and Security (CERIAS) and the Symbiosis Centre for Applied Artificial Intelligence (SCAAI) have published papers on the use of AI in IDS.
Choi also noted that using AI for malware detection can significantly reduce the time required to analyze systems and the amount of background knowledge needed for the task. As the number of malware incidents has steadily increased over the past few decades, more time is needed to thoroughly analyze systems for potential threats. However, AI trained to detect known malware can perform this task with high accuracy, streamlining the process.
Other applications of AI in the security industry include spam filtering and user authentication. Spam emails often contain phishing attempts, which pose a security threat by attempting to extort sensitive data from victims. AI is employed to identify spam emails and filter them from legitimate correspondence. Furthermore, AI plays a role in authentication, where systems analyze user behavior to detect anomalies and verify identities.
While several AI methods have proven effective in enhancing security, concerns about the technology remain. Some of the critical issues include bias, jailbreak, and hallucination. Bias can arise in AI models due to insufficient or unbalanced training data, leading to skewed or unfair outcomes. Jailbreaking refers to a situation where an AI model escapes its designed limitations after receiving an overwhelming input, potentially causing it to behave unpredictably or even dangerously. Hallucination occurs when an AI model generates incorrect or nonsensical information. Despite the high accuracy of current models in detecting security flaws, these defects highlight the ongoing challenge of minimizing false negatives and false positives.
Despite the downsides of AI, Kwon Taekyoung, Chairman of AI Security Research Group under the Korea Institute of Information Security & Cryptology (KIISC) and a professor of information security and AI at Yonsei University, urged people to view these challenges as a “global safety issue, not just a concern for the security industry.” He acknowledged that some issues, like hallucination and jailbreak, are unavoidable at this stage. However, he emphasized that abandoning the technology is not the solution; instead, efforts should be focused on continuously improving it.
Editor’s note: The Readable follows AP style, which dictates that Korean names be presented in the order of family name followed by given name. The given name is hyphenated with a lowercase letter after the hyphen. However, some of the sources’ names in this article are indicated in a way that they requested, such as Kwon Taekyoung, instead of Kwon Tae-kyoung, for academic reference.
Related article: AI security draws unprecedented attention, pulling top brains together in three-day workshop
Hongcheon, Gangwon―Released in 1966, the movie The Good, the Bad and the Ugly depicts an uneasy alliance and struggle among three men on a quest for hidden treasure. Echoing the film’s themes, a group of experts in artificial intelligence security recently held a workshop titled “The Good, The Bad, and The Ugly of AI Security.” This theme reflects the current uneasy relationship between humans and AI, particularly heightened by security concerns.
Kwon Taekyoung, a professor of information security and AI at Yonsei University, has been leading the AI Security Research Group since the beginning of this year. The group, established in 2019, operates under the Korea Institute of Information Security & Cryptology (KIISC), South Korea’s leading academic organization in cybersecurity. It organizes annual events, including the AI Security Workshop. READ MORE
