Machine learning and artificial intelligence (AI) are becoming core technologies for some threat detection and response tools. Its ability to learn on the fly and automatically adapt to cyber threat dynamics empowers security teams.
However, some malicious hackers will also use machine learning and AI to expand their network attacks, circumvent security controls, and find new vulnerabilities at an unprecedented speed with devastating consequences. Common ways hackers exploit these two technologies are as follows.
1. Spam
Omida analyst Fernando Montenegro said that epidemic prevention personnel use machine learning technology Detecting spam has been around for decades. “Spam prevention is the most successful initial use case for machine learning.” You can adjust your behavior. They use legitimate tools to make their attacks more successful. "With enough submissions, you can recover what the model is, and then you can tailor your attack to bypass that model."
It's not just spam filters that are vulnerable . Any security vendor that provides a score or some other output is open to abuse. "Not everyone has this problem, but if you're not careful, someone will take advantage of this output."
2. More sophisticated phishing emails
Attackers don’t just use machine learning security tools to test whether their emails can pass spam filters. They also use machine learning to craft these emails. "They advertise these services on criminal forums. They use these techniques to generate more sophisticated phishing emails and create false personas to advance their scams," said Adam Malone, a partner at Ernst & Young's technology consulting firm.
#The use of machine learning is highlighted when advertising these services, and it may not just be marketing rhetoric, but reality. “You’ll know if you try it,” Malone said. “The effect is really good.”
Attackers can use machine learning to creatively customize phishing emails to prevent them from being Mark your email as spam to give targeted users a chance to click through. They customize more than just email text. Attackers will use AI to generate realistic-looking photos, social media profiles and other materials to make communications appear as authentic and trustworthy as possible.
3. More efficient password guessing
Cybercriminals also use machine learning to guess passwords. "We have evidence that they are using password guessing engines more frequently and with higher success rates." Cybercriminals are creating better dictionaries to crack stolen hashes.
They also use machine learning to identify security controls so that they can guess passwords with fewer attempts, increasing the probability of successfully breaching a system.
4. Deepfakes
The most alarming misuse of artificial intelligence is deepfake tools: generating video or audio that can look fake tool. "Being able to imitate other people's voices or looks is very effective in deceiving people." Montenegro said, "If someone pretends to be my voice, you will probably be tricked as well."
In fact, in the past few years, A series of major cases disclosed here show that fake audio can cost companies hundreds, thousands or even millions of dollars. "People will get calls from their bosses — and it's fake," said Murat Kantarcioglu, a professor of computer science at the University of Texas. More commonly, scammers use AI generates photos, user profiles, and phishing emails that look authentic, making their emails look more trustworthy. This is big business. According to an FBI report, business email fraud has resulted in losses of more than $43 billion since 2016. Last fall, media reported that a bank in Hong Kong was defrauded into transferring $35 million to a criminal gang simply because a bank employee received a call from a company director whom he knew. He recognized the director's voice and authorized the transfer without question.
5. Neutralize off-the-shelf security tools
Many security tools commonly used today have some form of artificial intelligence or machine learning built into them. For example, antivirus software relies on more than basic signatures when looking for suspicious behavior. "Anything available on the Internet, especially open source, can be exploited by bad actors."
Attackers can use these tools, not to defend against attacks, but to adjust themselves of malware until detection can be bypassed. "AI models have many blind spots." Kantarcioglu said, "You can adjust it by changing the characteristics of the attack, such as the number of packets sent, the resources of the attack, etc."
Moreover, attackers are leveraging more than just AI-powered security tools. AI is just one of a bunch of different technologies. For example, users can often learn to identify phishing emails by looking for grammatical errors. And AI-powered grammar checkers, like Grammarly, can help attackers improve their writing.
6. Reconnaissance
Machine learning can be used for reconnaissance, allowing attackers to view a target’s traffic patterns, defenses, and potential vulnerabilities. Reconnaissance is not an easy task and is beyond the reach of ordinary cybercriminals. "If you want to use AI for reconnaissance, you have to have certain skills. So, I think that only advanced state hackers will use these technologies."
However, once to a certain extent, Once it is commercialized and this technology is provided as a service through the underground black market, many people can take advantage of it. “This could also happen if a hacker nation-state develops a toolkit that uses machine learning and releases it to the criminal community,” Mellen said. “But cybercriminals still need to understand the role and effectiveness of machine learning applications. The method of exploitation, this is the threshold for exploitation."
7. Autonomous Agent
If the enterprise finds that it is under attack, disconnect the affected system's Internet connection, the malware may not be able to connect back to its command and control (C2) server to receive further instructions. "An attacker may want to develop an intelligent model that can persist for a long time even if it cannot be directly controlled." Kantarcioglu said, "But for ordinary cybercrime, I don't think this is particularly important."
8. AI Poisoning
An attacker can trick a machine learning model by feeding it new information. Alexey Rubtsov, senior associate researcher at the Global Risk Institute, said: "Adversaries can manipulate training data sets. For example, they deliberately bias the model so that the machine learns the wrong way."
For example For example, a hacker can manipulate a hijacked user account to log in to the system at 2 a.m. every day to perform harmless work, causing the system to think that there is nothing suspicious about working at 2 a.m., thus reducing the security levels that users must pass.
The Microsoft Tay chatbot was taught to be racist in 2016 for a similar reason. The same approach can be used to train a system to think that a specific type of malware is safe, or that a specific crawler behavior is completely normal.
9. AI Fuzz Testing
Legitimate software developers and penetration testers use fuzz testing software to generate random sample inputs in an attempt to crash the application program or find loopholes. Enhanced versions of this type of software use machine learning to generate input in a more targeted and organized manner, such as prioritizing text strings most likely to cause problems. This type of fuzz testing tool can achieve better testing results when used by enterprises, but it is also more deadly in the hands of attackers.
These techniques are among the reasons why cybersecurity approaches such as security patches, anti-phishing education, and micro-segmentation remain vital. "That's one of the reasons why defense in depth is so important," said Forrester's Mellen. "You have to put up multiple roadblocks, not just the one that attackers can use against you."
Lack of expertise hinders malicious hackers from exploiting machine learning and AI
Investing in machine learning requires a lot of expertise, and machine learning-related expertise is currently scarce Skill. And, because many vulnerabilities remain unpatched, there are many easy ways for attackers to break through corporate defenses.
“There are a lot of low-hanging fruit, and there are a lot of other ways to make money without using machine learning and artificial intelligence to launch attacks.” Mellen said, “In my experience, "In the vast majority of cases, attackers do not utilize these techniques." However, as enterprise defenses improve and cybercriminals and hacker nations continue to invest in attack development, the balance may soon begin to shift.
The above is the detailed content of Nine ways to use machine learning to launch attacks. For more information, please follow other related articles on the PHP Chinese website!

译者 | 布加迪审校 | 孙淑娟目前,没有用于构建和管理机器学习(ML)应用程序的标准实践。机器学习项目组织得不好,缺乏可重复性,而且从长远来看容易彻底失败。因此,我们需要一套流程来帮助自己在整个机器学习生命周期中保持质量、可持续性、稳健性和成本管理。图1. 机器学习开发生命周期流程使用质量保证方法开发机器学习应用程序的跨行业标准流程(CRISP-ML(Q))是CRISP-DM的升级版,以确保机器学习产品的质量。CRISP-ML(Q)有六个单独的阶段:1. 业务和数据理解2. 数据准备3. 模型

机器学习是一个不断发展的学科,一直在创造新的想法和技术。本文罗列了2023年机器学习的十大概念和技术。 本文罗列了2023年机器学习的十大概念和技术。2023年机器学习的十大概念和技术是一个教计算机从数据中学习的过程,无需明确的编程。机器学习是一个不断发展的学科,一直在创造新的想法和技术。为了保持领先,数据科学家应该关注其中一些网站,以跟上最新的发展。这将有助于了解机器学习中的技术如何在实践中使用,并为自己的业务或工作领域中的可能应用提供想法。2023年机器学习的十大概念和技术:1. 深度神经网

译者 | 朱先忠审校 | 孙淑娟在我之前的博客中,我们已经了解了如何使用因果树来评估政策的异质处理效应。如果你还没有阅读过,我建议你在阅读本文前先读一遍,因为我们在本文中认为你已经了解了此文中的部分与本文相关的内容。为什么是异质处理效应(HTE:heterogenous treatment effects)呢?首先,对异质处理效应的估计允许我们根据它们的预期结果(疾病、公司收入、客户满意度等)选择提供处理(药物、广告、产品等)的用户(患者、用户、客户等)。换句话说,估计HTE有助于我

近年来,基于深度学习的模型在目标检测和图像识别等任务中表现出色。像ImageNet这样具有挑战性的图像分类数据集,包含1000种不同的对象分类,现在一些模型已经超过了人类水平上。但是这些模型依赖于监督训练流程,标记训练数据的可用性对它们有重大影响,并且模型能够检测到的类别也仅限于它们接受训练的类。由于在训练过程中没有足够的标记图像用于所有类,这些模型在现实环境中可能不太有用。并且我们希望的模型能够识别它在训练期间没有见到过的类,因为几乎不可能在所有潜在对象的图像上进行训练。我们将从几个样本中学习

本文讨论使用LazyPredict来创建简单的ML模型。LazyPredict创建机器学习模型的特点是不需要大量的代码,同时在不修改参数的情况下进行多模型拟合,从而在众多模型中选出性能最佳的一个。 摘要本文讨论使用LazyPredict来创建简单的ML模型。LazyPredict创建机器学习模型的特点是不需要大量的代码,同时在不修改参数的情况下进行多模型拟合,从而在众多模型中选出性能最佳的一个。本文包括的内容如下:简介LazyPredict模块的安装在分类模型中实施LazyPredict

译者 | 朱先忠审校 | 孙淑娟引言模型超参数(或模型设置)的优化可能是训练机器学习算法中最重要的一步,因为它可以找到最小化模型损失函数的最佳参数。这一步对于构建不易过拟合的泛化模型也是必不可少的。优化模型超参数的最著名技术是穷举网格搜索和随机网格搜索。在第一种方法中,搜索空间被定义为跨越每个模型超参数的域的网格。通过在网格的每个点上训练模型来获得最优超参数。尽管网格搜索非常容易实现,但它在计算上变得昂贵,尤其是当要优化的变量数量很大时。另一方面,随机网格搜索是一种更快的优化方法,可以提供更好的

实现自我完善的过程是“机器学习”。机器学习是人工智能核心,是使计算机具有智能的根本途径;它使计算机能模拟人的学习行为,自动地通过学习来获取知识和技能,不断改善性能,实现自我完善。机器学习主要研究三方面问题:1、学习机理,人类获取知识、技能和抽象概念的天赋能力;2、学习方法,对生物学习机理进行简化的基础上,用计算的方法进行再现;3、学习系统,能够在一定程度上实现机器学习的系统。

本文将详细介绍用来提高机器学习效果的最常见的超参数优化方法。 译者 | 朱先忠审校 | 孙淑娟简介通常,在尝试改进机器学习模型时,人们首先想到的解决方案是添加更多的训练数据。额外的数据通常是有帮助(在某些情况下除外)的,但生成高质量的数据可能非常昂贵。通过使用现有数据获得最佳模型性能,超参数优化可以节省我们的时间和资源。顾名思义,超参数优化是为机器学习模型确定最佳超参数组合以满足优化函数(即,给定研究中的数据集,最大化模型的性能)的过程。换句话说,每个模型都会提供多个有关选项的调整“按钮


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

AI Hentai Generator
Generate AI Hentai for free.

Hot Article

Hot Tools

PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool

Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

SublimeText3 English version
Recommended: Win version, supports code prompts!

Dreamweaver CS6
Visual web development tools

SublimeText3 Mac version
God-level code editing software (SublimeText3)
