• February 21, 2017

Short Circuit: The Vulnerable Security of Machine Learning

The rapid development of artificial intelligence could be leaving the enterprise—and its customers—at risk. 

What do the image-tagging feature on Facebook and self-driving cars have in common? Both are actually more similar than you think. The way Facebook familiarizes and collects facial recognition data on previously tagged members to offer suggestions to you is much like how self-driving cars “memorize” maps and terrain for a smooth, bump-free ride. Both of these scenarios are also examples of practical machine learning.

And while practical application is just one of the many ways enterprise brands use this powerful technique, machine learning is also leveraged in email clients, web services, online agent systems, and virus detection, to name a few applications.

“By 2020, smart machines will be a top five investment priority for more than 30 percent of CIOs,” states Gartner. With more and more enterprises investing in machine learning, this type of artificial intelligence (AI) is starting to play a strategic role in the business.

According to Forbes, “Machine learning algorithms are iterative in nature, constantly learning and seeking to optimize outcomes. Every time a miscalculation is made, machine learning algorithms correct the error and begin another iteration of the data analysis. These calculations happen in milliseconds, which makes machine learning exceptionally efficient at optimizing decisions and predicting outcomes.”

With this incredible system and flexible usage comes the need for security. So, what are the key factors for enterprise security with machine learning?

  • Manipulation: Taking control over a learning system to enable a specific attack. An example would be if an attacker utilized knowledge about the automatic processing of incoming messages used by a spam filter to bypass the learning system.
  • Confusion: Creating disorder or chaos in machine-learning technology, forcing IT to disable any intrusion detection and prevention systems. By degrading or unlearning the rule, the system may reject otherwise valid requests.
  • Exploitation: Disrupting the system by misusing elements of the machine learning to throw the system into disarray. For example, an attacker can overthrow spam filters, completely disturbing the entire system.

The issue of machine learning security goes beyond spam email filters and intrusion detection systems. Machine learning is a compelling technique used across a variety of applications that deal with dynamically changing data patterns. In order to protect the business, as well as the integrity of the data, enterprise security must remain on the cutting edge of this powerful technology.

Finding the balance between control and realizing benefits is crucial as we move toward an AI-driven future.

Learn more about the potential of machine learning with “Will AI Beat Humans at the Game of Being Human?