Connect with us

Politics

Defending AI With AI: The AI-Enabled Solutions to Next-Gen Cyberthreats – ReadWrite

Published

on

Defending AI With AI: The AI-Enabled Solutions to Next-Gen Cyberthreats - ReadWrite


The intersection of AI and cybersecurity is a subject of growing concern in the industry, particularly on how AI can be used to mitigate attacks and neutralize threats. Many stakeholders are coming to terms with the fact that AI can be a force of evil too. According to BCG, over 90% of cybersecurity professionals in the US and Japan expect attackers to start using AI to launch attacks. And this is, in fact, becoming a reality already.

AI presents big opportunities for cyber attackers, allowing them to increase attacks in terms of speed, volume, and sophistication to massive proportions. According to Alejandro Correa Bahnsen of Cyxtera, AI-based attacks can bypass traditional detection systems more than 15% of the time — whereas an average phishing attack (without AI) can only detect the attacks 0.3% of the time. An example is #SNAP_R.

Defending AI With AI: The AI-Enabled Solutions to Next-Gen Cyberthreats

In addressing this growing threat, it’s important to note that AI-based offensive requires AI-based defenses. That is, where deepfakes can trick security systems and higher AI-backed authentication should be applied. Et cetera.

Organizations are only just coming to terms with the risks of artificial intelligence. It is pertinent for businesses to act as quickly as possible to protect their systems against these attacks. WannaCry introduced a whole different level of sophistication to cyber-attacks — and now plus AI? That shouldn’t be allowed to happen.

Risks of AI in conducting cyber attacks

1. Scalability

At the 2016 Black Hat Conference, senior researchers debuted an automated spear-phishing program. Spear phishing, ordinarily, is tasking and time-consuming; depending on the scope of the attack. The attacker most likely has to collect large amounts of information about their targets for effective social engineering. Those researchers demonstrated how data science and machine learning can be used to automate and scale spear phishing attacks.

2. Impersonation

Months ago, experts at the Dawes Centre for Future Crime ranked deepfakes as the most serious AI crime threat. It’s not hard to see why. Deepfakes are a tool of disinformation, political manipulation, and deceit. Moreso, malicious actors can use deepfakes to impersonate trusted contacts and compromise business emails (voice phishing) to conduct financial fraud. And the worst is that they are hard to detect.

The possibility of deepfake ridicules voice biometrics and authentication. And these deepfakes will lead people to distrust audio and visual evidence, which have for long been tamper-proof sources of substantiation.

3. Detection-evasion

One way that AI can be used for evading detection is data poisoning. By targeting and compromising the data used to train and configure intelligent threat detection systems, say, making the system label obviously spam emails as safe, attackers can move more stealthily, and more dangerously.

Research shows that poisoning just 3% of a data set can raise error possibility by up to 91%. AI can be used to both evade attacks and adapt to defensive mechanisms.

4. Sophistication

All the points above underscore how AI enhances attacks. AI attacks are worse off because of automation and machine learning. Automation breaks the limit of human effort while machine learning makes the attack algorithms to improve from experience and become more efficient, notwithstanding if attacks are successful or not.

The adaptability means that AI-based attacks will only get stronger and more dangerous unless stronger counter innovations for resistance are developed.

Using AI to defend against AI

A. Machine learning for threat detection

In defending AI with AI, machine learning comes to play to help automate threat detection, especially with new threats that traditional antivirus and firewall systems are not equipped to defend against. Machine learning can significantly reduce instances of false positives, a serious menace in traditional threat detection, by 50% to 90% (cybersecurity intelligencedotcom).

Unlike the detection tools of the previous generation, which are signature-based, machine learning can monitor and log network usage patterns among employees in an organization and alert supervisors when it observes anomalous behavior.

Apparently, 93% of SOCs now use AI and machine learning tools in threat detection. The more data generated and the more sophisticated cyber-attacks get, security professionals will have to enhance their defense and detection capabilities with supervised and unsupervised machine learning.

B. Enhancing authentication via AI

Weak authentication is the most common way by which malicious actors gain unauthorized access to endpoints. And as seen with deepfakes, even biometric authentication no longer seems fail-proof. AI increases the sophistication of defenses by adding context to authentication requirements.

Risk-Based Authentication tools use AI-backed behavioral biometrics to identify suspicious activity and prevent endpoint compromise. Then, authentication extends beyond user verification to real-time intelligence. RBA, which is also called adaptive intelligence, assesses details such as location info, IP address, device info, data sensitivity, etc. to calculate a risk score and grant or restrict access.

For instance, if a person always logs in through a computer at work on workday mornings and on one occasion, tries to log in through a mobile device at a restaurant on a weekend, that may be a sign of compromise and the system will duly flag it.

With a smart RBA security model, merely knowing the password to a system is not enough for an attacker.

In addition to this, AI-powered authentication systems will start implementing continuous authentication, while still using behavioral analytics. Instead of a single login per session, which may be attacked midway, the system works continuously in the background authenticating the user by analyzing user environment and behavior for suspicious patterns.

C. AI in phishing prevention

Enhancing threat detection is one way by which AI can be used to prevent email phishing attacks and also enable safety when using torrenting websites for downloading media contents. It can as well do so with simple behavioral analysis. Say you receive an email purportedly from the CEO, AI can analyze the message to spot patterns that are inconsistent with the manner of communication from the actual CEO.

Features such as writing style, syntax, and word choice can reveal contrarieties, prevent you from falling into the trap and browse and download safely.

AI can also scan email metadata to detect altered signatures, even if the email address looks okay. It also scans links and images to verify their authenticity. Unlike traditional anti-phishing tools which block malicious emails through filters that can be easily bypassed, AI takes up the challenge directly against the core of phishing emails: social engineering.

What makes social engineering attacks difficult to overcome is that they are psychological, rather than technological. Hitherto, sheer human cleverness and skepticism had been tools for overcoming them. Now, AI has upped prevention, extending apprehension beyond human limits.

By recognizing patterns that are not immediately obvious to human beings, AI can determine when an email is malicious even if it does not contain any suspicious links or code. And it does this at scale using automation.

D. Predictive Analytics

The ultimate benefit of AI in cybersecurity is the ability to predict and build up defenses against attacks before they occur. AI can help human overseers to maintain comprehensive visibility over the entire network infrastructure of an organization and analyze endpoints to detect possible vulnerabilities. In this age of remote working and BYOD policies where IT departments increasingly find endpoint security difficult, AI can make their work much easier.

AI is our best bet against zero-day vulnerabilities, allowing us to quickly build smart defenses before those vulnerabilities are exploited by malicious actors. AI cybersecurity is becoming a sort of digital immune system for our organizations similar to how antibodies in the human are becoming system launch offensives against alien substances.

Conclusion

Last year, some Australian Researchers bypassed the famed Cylance AI antivirus without using the common method of dataset poisoning. They simply studied how the antivirus worked and created a universal bypass solution. The exercise called to question the practice of leaving computers to determine what should be trusted and also caused eyebrows to be raised concerning how effective AI is for cybersecurity.

However, more importantly, that research underscores the fact that AI is not a silver bullet and that human oversight remains necessary for combating advanced cyber threats. What we do know is that human effort alone with legacy cybersecurity tools is not enough to overcome the next generation of cyber threats, powered by AI.

We must use AI as the best offense and defense against AI.

Joseph Chukwube

Entrepreneur, Digital Marketer, Blogger

Digital Marketer and PR Specialist, Joseph Chukwube is the Founder of Digitage, a digital marketing agency for Startups, Growth Companies and SMEs. He discusses Cybersecurity, E-commerce and Lifestyle and he’s a published writer on TripWire, Business 2 Community, Infosecurity Magazine, Techopedia, Search Engine Watch and more. To say hey or discuss a project, proposal or idea, reach him via joseph@digitage.net

Politics

Application Dependencies: Are They Holding Back Software Innovation?

Published

on

Application Dependencies


In software development, a dependency is a piece of software that another piece of software relies on in order to function. An application’s dependencies are the external components that the application needs in order to work. These can include libraries, frameworks, and other software packages that the application uses.

For example, if an application is written in Python and uses the Django web framework, then Django would be a dependency of the application. In order to run the application, the Django library would need to be installed on the system.

Managing Dependencies in Software Development

Managing dependencies is an important part of software development, as it helps to ensure that an application has all the necessary components it needs to run correctly. This can be especially important when deploying an application to a new environment, as all of the dependencies will need to be installed and configured correctly in order for the application to work.

While dependencies make it possible to develop applications faster and add advanced functionality quickly without having to build them from scratch, they also introduce serious risks that can bring software development projects to a halt. I’ll describe what types of dependencies commonly exist in software projects and how they impact software innovation.

Application Dependencies — Are they holding up software innovation? Image Credit: Vecteezy; Thank you!

Types of Software Dependencies

Functional

Functional dependencies are components or resources that are necessary for an application to function. They result from the tasks that enable businesses to achieve their desired outcomes. It is important to identify and map these dependencies to detect and address issues, removing redundant dependencies.

Sometimes, you might need an unavailable dependency, such as one still in development. Mocking is a technique used in software development to create simulated versions of components or dependencies for testing purposes. Mocking allows developers to test the behavior of a piece of code in isolation by replacing its dependencies with mock objects that mimic the behavior of the real dependencies.

Developmental

Developmental dependencies, on the other hand, are dependencies that are only needed during the development and testing phase of a software application. These dependencies might include tools for testing, debugging, or building the application and are not necessary for the application to run in production.

For example, an application may depend on a testing framework such as JUnit or PyTest during development in order to run automated tests. Still, the testing framework would not be required when the application is deployed.

Similarly, an application may depend on a build tool such as Gradle or Maven during development in order to compile and package the code, but the build tool would not be needed when the application is running.

Non-Functional and Operational

Non-functional dependencies are dependencies that relate to the overall behavior and performance of a software application rather than its specific functionalities. Examples of non-functional dependencies might include dependencies on particular hardware or software configurations or dependencies on system-level services such as networking or security.

Operational requirements can be hidden in functional requirements, so they only become apparent later in the project. To resolve an issue with such dependencies, it is important to establish policies, identify the root cause of the issue, and determine the appropriate resolution.

Dangers and Risks of Application Dependencies

There are several risks associated with application dependencies, and the danger increases with greater reliance on external software components:

  • Security vulnerabilities: Dependencies can contain bugs or flaws that can be exploited by attackers. It is important to keep dependencies up-to-date and to regularly check for and install any available security patches.
  • Compatibility issues: Dependencies are not always compatible with the version of the software they are being used with, or they might rely on other dependencies that are not present.
  • License issues: Dependencies may be subject to different licenses, and using them in an application may create legal issues if the terms of the license are not followed. It is important to carefully review the licenses of any dependencies before using them in an application.
  • Maintenance and updates: These are essential in order to stay current and secure. If a dependency is no longer maintained or supported, it can become a liability for the application that relies on it.
  • Complexity: An application with a large number of dependencies can be more complex to maintain and deploy, as all of the dependencies will need to be managed and kept up-to-date. This can result in something called dependency hell.

How Application Dependencies Impact Software Projects

Application dependencies are an important aspect of software development that can significantly impact the success of a software project. Understanding and managing these dependencies is crucial for building and maintaining high-quality software systems that are resilient, scalable, and easy to maintain:

Application dependencies can make the software more complex to build and maintain.

For example, if a software system has many dependencies on external libraries or frameworks, it may require more coordination between different teams and systems to ensure that these dependencies are properly managed. This can increase the time and effort required to deliver the project, and it can make it more difficult to make changes to the system in the future.

Application dependencies can affect software stability and reliability

If a change is made to a dependent component of the system, it can have unintended consequences on other parts of the system that rely on that component. This can make it more difficult to ensure that new features or changes are safe and reliable, and it can increase the risk of regressions or other issues.

Application dependencies can impact the scalability and performance of a software system

If dependencies are not properly managed or optimized, they can become bottlenecks or points of failure that limit the ability of the system to handle high levels of traffic or workload. This can impact the usability and reliability of the system, and it can reduce the value that it delivers to stakeholders.

Therefore, it is important for software teams to carefully understand and manage application dependencies in order to ensure that their projects are successful. This may require using tools and practices such as dependency mapping, automated testing, and continuous monitoring to track and manage dependencies effectively.

Conclusion

In conclusion, application dependencies can have a significant impact on software development projects. While dependencies can provide valuable functionality and save developers time and effort, they can also increase the complexity of a project, introduce security vulnerabilities, impact performance, and cause conflicts.

It’s important for developers to carefully consider the dependencies that their applications rely on and to try to minimize the number of dependencies as much as possible in order to keep the project simple and maintainable.

By keeping your project simple and maintainable — developers can help ensure that their applications are able to take advantage of the latest innovations and technologies and are able to adapt and evolve over time.

Featured Image Credit: Photo by Mikhail Nilov; Pexels; Thank you!

Gilad Maayan

Technology writer

I’m a technology writer with 20 years of experience working with leading technology brands including SAP, Imperva, CheckPoint, and NetApp. I am a three-time winner of the International Technical Communication Award. Today I lead Agile SEO, the leading marketing and content agency in the technology industry.

Continue Reading

Politics

Leveraging Social Media To Grow Your Career In 2023

Published

on

ValueWalk


Employees are ready to change their jobs, with nearly half of American workers planning to look for a new job in the coming six months. According to a new Robert Half report, which surveyed 2,500 professionals, around 46% of them said they plan on making a career or job change in the first half of the year.

Job-hopping has become a workplace trend among young working professionals in the post-pandemic labor market. A recent Gallup study found that 60% of surveyed millennials – ages 27 to 40 years – are more likely to look for different opportunities this year. The percentage of non-millennials workers looking to switch jobs is roughly 15% lower.

A majority of Generation Z candidates have also claimed that they are likely to make a job change this year. In a 2022 Lever Great Resignation report, around 65% of Gen Z professionals said that they are likely to leave their job by the end of the year. Moreover, 13% of them are twice as likely to quit their jobs in the next month.

Job-hopping has become almost synonymous in the post-COVID workforce, and younger professionals are fueling this trend by leaving unfulfilling roles and moving on to greener pastures.

Yet, with so many professionals changing jobs, or looking to switch careers, even against the backdrop of a looming recession, many of them have geared themselves towards social media as a way to build a professional brand and market themselves to potential employers.

Using Social Media For Career Growth

Keeping your social media professional can be a hard ball to juggle. In a 2020 Harris Poll survey, around 70% of employers said that every company should screen candidates’ social media throughout the hiring process. Additionally, the majority of employers – 78% – believe that all their current employees should adhere to a work–appropriate social media profile.

Employees should care about what they share and post on social media. Although the debate over whether social media screening during the hiring process is ethical is still ongoing, candidates willing to leverage social media to develop or boost their careers will need to set up a social media strategy that can help them land the job they want.

Much of our digital identity is pinned to our social media accounts, and a lot of what we share, like and the people we interact with via these channels can speak a great deal of the types of person we are outside of the workplace.

Aside from employees using these platforms to grow their network, or search for possible job opportunities, employers and recruiters are using it to look for any possible red or green flags that you might bring to the workplace.

Social media has moved beyond its traditional form, and today it’s become a digital ecosystem that helps to connect like-minded professionals and their potential employers.

How To Use Social Media To Boost Career Opportunities

Searching for a job is more than browsing through recruitment websites and job listings on LinkedIn or Google. The internet, and social media is a vast place, with near-endless possibilities, and when it comes to growing your career through social media, you will need to know a few things first.

Have A Social Strategy

It might sound strange at first, but having a social media strategy will help you come in contact with the right people faster. Your social media strategy should include building an online identity that reflects your professional and personal side.

You can use different platforms for different connections or networks, it’s all about how you present yourself through your brand. Think of the type of content you share regularly, does it reflect who you are as a professional? How often do you post, or reply to comments and messages? Are there any areas where you can improve or update the information to help you grow your network of contacts?

Write some questions down to get you started, and start working on building an online identity that can get noticed by like-minded individuals in the same industry.

Network With Industry Professionals

Nowadays it’s easier than ever before to reach out to a company or recruiter through their social media, and the same goes for connecting with professionals working in the same industry.

Instead of using social media to only share insightful content, or engage with your friends, try to grow your professional network. On top of this, it’s important to engage with these people as well, even if it’s simply exchanging a few words now and again.

Be active in your mission to get to know the people that are out there, and spend a bit of time researching their profiles to better understand the type of skills and qualifications these people may have. Networking is one of the best possible ways to move around your industry without putting in much effort.

Grow Your Skills

Looking at other people’s social media profiles, whether it’s Twitter or Indeed.com, or even Instagram will give a better idea of the type of skills you might need to develop to help grow and make the next big career jump.

Often professionals will share their skills, and what they’re experts in at the top of their social media accounts, this way it is easier for recruiters to know who the person is, and for like-minded professionals to engage with them.

If you compare the skills of several professionals already working in the field you’re interested in, you will get a better idea of where you might need to upskill yourself by completing some courses or doing a bit of reading.

When we say advertise, we don’t necessarily mean flashy and colorful digital adverts that you’d hope will get the attention of your potential employer.

Instead try and convey your expertise through the type of content you can share such as blog posts, news articles, industry research, or even projects you’ve worked on. Additionally, you can also share your job title and relevant experience in the bio section of your profile.

The better you are at showing people your expertise in a professional, yet unpretentious way, the faster your feed will fill up with similar content and other experienced individuals.

Update Your Profiles

This is relevant to almost every social media profile you have, regardless of what you use it for. People often neglect social media platforms they don’t use anymore, and while it can be tedious to spend so much time updating photos or replying to messages, decide on a couple of platforms you’d like to use and stick to them.

Make sure that the platforms you end up using have a recent photo, and that all other relevant personal information has been updated such as your job title, industry experience, and your current city. You don’t need to do this every week, only when needed, or when you’ve changed jobs or moved.

The better you curate your social media, the easier it will be for employers and recruiters to notice you as you actively begin to network.

Final Words

Social media can be a professional tool, despite it receiving so much negative clout in recent years. Although it’s hard to determine whether possible employers or recruiters will screen your social media accounts before or during the hiring process, it’s best to always keep a well-groomed online identity – especially if you’re looking to make progress in your career.

Make well-informed decisions, and think about the type of content you’re sharing. Remember to engage with like-minded professionals, and have conversations online through the information you share with your followers.

The better you are at curating one or two social media platforms for career purposes, the quicker you’ll be able to expand your network, and grow your professional skills. Don’t think too much about it, try and have a balance as much as possible, as this will help you to enjoy your social media experience while maintaining a professional, yet fun digital identity.

Published First on ValueWalk. Read Here.

Featured Image Credit: Photo by Fauxels; Pexels; Thank you!

Continue Reading

Politics

Have You Heard of These 6 Amazing Ways to Use AI in Construction?

Published

on

How Are Smart Thermostats Making Homes Greener? - ReadWrite


Artificial intelligence might have started as the fictional villain of sci-fi stories, but it’s quickly becoming indispensable in many industries. The construction industry is one among many beginning to adopt this new technology. How can companies and contractors start employing AI in construction? How could this industry 4.0 technology change the industry in the coming years?

1. Programming an Extra Set of Eyes

Drone cameras have already become invaluable for contractors, especially for site surveying and inspections. While they can help keep inspectors and workers safe, they still require a live person behind the camera and the controls. In the future, users could train AI to see, analyze and understand the images they’re observing, reducing or eliminating the need for a human operator or drone pilot.

Human inspectors will still be necessary, but if programmers can teach an extra set of AI-powered eyes to recognize when something is incorrect or missing, it could help streamline these processes.

As a bonus, these AI eyes could potentially recognize or identify errors and safety issues human inspectors might overlook. Observational AI systems rely on pattern recognition and spend most of their time observing hundreds of thousands of images to ensure they can correctly identify their targets.

They don’t experience the problem of familiarity. It’s like editing a piece of text. The more often the author reads it, the more likely they are to overlook errors rather than fix them. AI observational systems don’t have that problem, making them more efficient for safety applications.

2. Turning Data into Actionable Insights

Construction might be one of the slowest industries to adopt new technologies. Nonetheless, that hasn’t stopped the slow introduction of smart building. Incorporating devices into a construction project generates massive amounts of data. Without an AI or machine learning system, that information languishes in digital limbo. Skilled analysts may be able to make heads or tails of it, but putting it to use requires additional tools.

In construction, AI can sort through massive amounts of data, find patterns and deliver actionable insights that can improve productivity and worksite efficiency. It can use equipment maintenance data to create a better care schedule, preventing costly downtime due to equipment failure. With enough information, it can even predict when these maintenance cycles should occur based on past data.

3. Adopting Virtual Assistants

Alexa or Siri might seem like something users only need after their shift ends, but these virtual assistants and many others can help improve outcomes. Digital helpers designed for construction applications can manage communication, bolster inter-team coordination, schedule and track appointments, and more. Advanced assistants can access data generated by the above technology and help with budgeting and estimation.

Modern helpers may take time to customize to a company’s specific needs, but their benefits vastly outweigh the time investment. Utilizing natural language processing (NLP) can make these virtual tools even more powerful.  NLP allows users to speak to their virtual assistants as they would to the person next to them.

4. Incorporating AI Into Wearable Technologies

Like virtual assistants, wearable technology might not seem like it has much of a place in the construction industry, but that couldn’t be further from the truth. Fitbits and Apple Watches might not offer much, but they are far from the only wearable devices available in the construction industry.

Monitoring an employee’s heart rate and other vital statistics can indicate when they might be in distress. Fatigue monitors can prevent on-the-job accidents by alerting supervisors when someone is operating heavy equipment while not adequately rested. Impact sensors can detect when someone experiences a fall. Connecting these wearable sensors to a centralized AI  in construction sites allows the system to monitor employees in real-time and send alerts as needed.

5. Procuring and Supply Chains

Supply chains across industries took a significant hit during the COVID-19 pandemic. The price of some construction supplies skyrocketed, and the supply chains for other materials slowed to a crawl — if they were still available. Incorporating AI into procurement and supply chain systems can help improve efficiency and reduce the chance an upset like the pandemic could derail these supply chains again.

There are applications for AI and related technologies throughout the supply chain, from manufacturing and harvesting to those last-mile deliveries. Sensors can collect information about everything from location to distance traveled. They can monitor temperature and humidity for materials requiring more climate control, making it easier to protect all necessary supplies while in transit. Pairing these sensors with an AI system can make sense of data while generating actionable insights.

6. Integrating Robotics and Automation

Contrary to the story popular media tries to spin, robots aren’t appearing in workplaces intending to steal jobs. Instead, they could help improve workplace efficiency and reduce on-the-job injuries by completing mundane, repetitive, or dangerous tasks. Introducing robotics and automation can lower the potential for stress injuries since construction workers are most frequently diagnosed with this type of ailment.

When it comes to dangerous tasks, AI-powered robotics or automation are ideal. These applications can include everything from cleaning tanks or operating in low-oxygen environments to completing tasks in situations that would otherwise be unsafe for human life. While it is currently possible to use these robots manually via remote control, adding AI to the mix would free up workers for more critical or complex tasks employers can’t automate.

Looking to the Future of AI in Construction

There are so many amazing applications for AI construction that it’s easy to forget it’s still novel technology. It will take some time before the industry is ready to adopt this technology and capitalize on all its benefits. AI could make all the difference for companies looking to differentiate themselves in this competitive field.

Featured Image Credit: Provided by the Author; Photo by Sam Moghadam Khamseh; Unsplash; Thank you!

Emily Newton

Emily Newton is a technical and industrial journalist. She regularly covers stories about how technology is changing the industrial sector.

Continue Reading

Copyright © 2021 Seminole Press.