ABSTRACTOn one side, the security industry has successfully adopted someAI-based techniques. Use varies from mitigating denial of serviceattacks, forensics, intrusion detection systems, homeland security,critical infrastructures protection, sensitive information leakage,access control, and malware detection. On the other side, we see therise of Adversarial AI. Here the core idea is to subvert AI systemsfor fun and profit. The methods utilized for the production of AIsystems are systematically vulnerable to a new class of vulnera-bilities. Adversaries are exploiting these vulnerabilities to alter AIsystem behavior to serve a malicious end goal. This panel discussessome of these aspects.
ACM Reference Format:Elisa Bertino, Murat Kantarcioglu, Cuneyt Gurcan Akcora, Sagar Samtani,Sudip Mittal, and Maanak Gupta. 2021. AI for Security and Security forAI. In Proceedings of the Eleventh ACM Conference on Data and ApplicationSecurity and Privacy (CODASPY ’21), April 26–28, 2021, Virtual Event, USA.ACM, New York, NY, USA, 2 pages. https://doi.org/10.1145/3422337.3450357
Statement of Elisa BertinoCyberattacks with different goals, such as data ransoms, denial
of service, sabotage, data theft, are on a dramatic increase. To makedefenses more effective, recent solutions leverage AI techniques.However, a major problem is that the application of AI techniques tocybersecurity is not trivial. For example, if one would like to applyreinforcement learning, one has to understand how to properlydesign reward functions. In addition different security tasks mayneed different AI techniques. Thus an effective AI-enhanced defensein depth must be based on a comprehensive cybersecurity lifecycleand an analysis of adversarial tactics and techniques. Also, AI-based cybersecurity approaches have been intensely scrutinizedwith respect to ethics. Thus, for AI to be effectively and quicklyadopted in cybersecurity, AI security and ethics need also to beassured. AI security requires assurance processes for data used inAI training as well as systematic approaches to AI security testing.
With respect to ethics, we need to develop technical approaches toembed ethics principles in intelligent systems.
Elisa Bertino is the Samuel D. Conte Professor of ComputerScience at Purdue University. She serves as Director of the PurdueCyberspace Security Lab (Cyber2Slab). In her role as Director of Cy-ber2SLab she leads multi-disciplinary research in data security andprivacy. Prior to joining Purdue, shewas a professor and departmenthead at the Department of Computer Science and Communicationof the University of Milan. She has been a visiting researcher at theIBM Research Laboratory (now Almaden) in San Jose, at the Mi-croelectronics and Computer Technology Corporation, at TelcordiaTechnologies, and visiting professor at the Singapore ManagementUniversity and the National University of Singapore. Her recentresearch focuses on cybersecurity and privacy of cellular networksand IoT systems, and edge analytics and machine learning for cy-bersecurity. Elisa Bertino is a Fellow member of IEEE, ACM, andAAAS. She received the 2002 IEEE Computer Society TechnicalAchievement Award for “For outstanding contributions to databasesystems and database security and advanced data managementsystems”, the 2005 IEEE Computer Society Tsutomu Kanai Awardfor “Pioneering and innovative research contributions to securedistributed systems”, the 2014 ACM SIGSAC Outstanding Contribu-tions Award with citation “For her seminal research contributionsand outstanding leadership to data security and privacy for the past25 years”, and the 2019-2020 ACM Athena Lecturer Award.Statement of Murat Kantarcioglu
Direct application of AI techniques to cyber security domainmay be misguided. Unlike most other application domains, cybersecurity applications often face adversaries who actively modifytheir strategies to launch new and unexpected attacks. Thus AI tech-niques for cyber security need to be resilient against the adaptivebehaviors of the adversaries, and are able to quickly detect previ-ously unknown new attack instances. Recently, various adversarialAI techniques (including our proposed techniques developed usingArmy Research Office funding) have been developed to counteradversaries’ adaptive behaviors. For example, in our earlier work,we developed a game theoretic framework to discover an optimalset of attributes to build machine learning models against activeadversaries. In another work, we modified an existing, and popularmachine learning tool named Support Vector Machine to be moreresistant against adversarial attacks. The attack models are definedin terms of the adversaries’ capabilities of modifying data. Oursolutions minimize the worst-case loss corresponding to the attack
Panel CODASPY '21, April 26–28, 2021, Virtual Event, USA
CODASPY ’21, April 26–28, 2021, Virtual Event, USA
models, and show that such tailored tools could be more resistantto adversarial behavior compared to existing SVM alternatives.
Murat Kantarcioglu is a Professor in the Computer ScienceDepartment and Director of the Data Security and Privacy Labat The University of Texas at Dallas (UTD). He received a PhDin Computer Science from Purdue University in 2005 where hereceived the Purdue CERIAS Diamond Award for Academic excel-lence. He is also a visiting scholar at Harvard Data Privacy Lab. Dr.Kantarcioglu’s research focuses on the integration of cyber secu-rity, machine learning, data science and blockchains for creatingtechnologies that can efficiently and securely store, analyze andshare data and machine learning results. His research has beensupported by grants including from NSF, AFOSR, ARO, ONR, NSA,and NIH. He has published over 170 peer reviewed papers in toptier venues such as ACM KDD, SIGMOD, ICDM, ICDE, PVLDB,NDSS, USENIX Security and several IEEE/ACM Transactions aswell as served as program co-chair for conferences such as IEEEICDE, ACM SACMAT, IEEE Cloud, ACM CODASPY. He is the re-cipient of various awards including NSF CAREER award, the AMIA(American Medical Informatics Association) 2014 Homer R WarnerAward and the IEEE ISI (Intelligence and Security Informatics) 2017Technical Achievement Award presented jointly by IEEE SMC andIEEE ITS societies for his research in data security and privacy.Statement of Cuneyt Gurcan Akcora
Recent years have seen increased user participation in digitaltechnologies. In the past, social networks had been the primaryvenue for a user to reach a global audience. Nowadays a user hasmany devices that collect data and share on the web. From self-driving cars to mobile and smart home devices, users connect to awider audience through popular applications. This increased con-nection has not always been a boon. Data collected from otherusers without proper auditing is used to train ML models and makedecisions with them. Companies seem to be most interested in in-creasing their revenues by using the data - any data. Suddenly, wehave found ourselves governed by decisions that are conditioned onother people’s preferences and actions. Well-documented cases ofbias and racism seeping into machine learning models have causedoutrage. With these harmful effects, it is imperative to learn howMachine Learning models use data to make decisions that affectusers’ lives. Governments have joined efforts as well and passedlegislation that forces companies to explain their ML models’ deci-sions. AI and ML researchers have responded to this growing issuewith novel directions called Interpretable (IAI) and Explainable(XAI) AI. Interpretability attempts to explain the cause and effectobserved within a system, whereas Explainability deconstructs amachine learning system to explain it in human terms. Both areasare developing tools that wrap around existing ML models and ex-plain algorithm decisions and predictions. ML research must notethe growing fields of IAI and XAI, and attempt to explain their MLmodels before model deployment. The benefits can be far-reachingas we believe that this practice will speed up ML adoption in society.
Cuneyt Gurcan Akcora is an Assistant Professor of ComputerScience and Statistics at the University of Manitoba, Canada. Hereceived his Ph.D. from the University of Insubria, Italy. His primaryresearch interests are Data Science on complex networks and large-scale graph analysis, with applications in social, biological, IoT
and Blockchain networks. He has worked at and collaborated withQatar Computing Research Institute, Yahoo Research Barcelona,and Huawei Research in Istanbul. He is a Fulbright Scholarshiprecipient, and his research works have been published in leadingconferences and journals such as IEEEtran, VLDB, ICDM, SDM,IJCAI, and ICDE.Statement of Sagar Samtani
Modern society’s irreversible dependence on information tech-nology has placed a significant impetus on cybersecurity analysts toenhance the confidentiality, integrity, and availability of their ever-increasing asset-bases from a rapidly evolving threat landscape. Inparticular, methodologies such as deep learning, machine learning,network science, text analytics, and others can help human analystssift through large quantities of heterogeneous cybersecurity datawith unprecedented efficiency and effectiveness to detect patternsmissed by conventional approaches. To date, AI for cybersecurityhas been leveraged in four major cybersecurity applications areas:(1) cyber threat intelligence (CTI) to create, manage, and leverageinformation about emerging threats and key threat actors to enableeffective cybersecurity decision making, (2) security operations cen-ters (SOCs) to assist human analysts in tactical tasks such as alertmanagement, vulnerability management, security orchestration,and others, (3) disinformation and computational propaganda toidentify how fake content can sway public actions and perceptions,and (4) adversarial machine learning (AML) that relies on tech-niques such as generative adversarial networks (GANs) to generatefake or synthesized content to enhance offensive and defensivecybersecurity postures. Despite significant advancements in theseareas from both industry and academia alike, key challenges remainthat require significant attention. First, many practitioners and aca-demics often work in siloes. Second, there is currently a dearth ofpublicly accessible datasets that accurately depict the nuances andcomplexities of production environments. Third, many AI-basedmodels deployed in cybersecurity contexts often lack interpretabil-ity. Finally, many students and faculty may lack the resources tostart and/or execute their AI for cybersecurity research.
Sagar Samtani is an Assistant Professor and Grant ThorntonScholar in the Department of Operations and Decision Technolo-gies at the Kelley School of Business at Indiana University (IU).He is also a Fellow within the Center for Applied CybersecurityResearch at IU. Samtani graduated with his Ph.D. in May 2018 fromthe Artificial Intelligence Lab in University of Arizona’s Manage-ment Information Systems (MIS) department at the University ofArizona. From 2014 – 2017, Samtani served as a National ScienceFoundation (NSF) Scholarship-for-Service (SFS) Fellow. Samtani’sresearch centers around Explainable Artificial Intelligence for Cy-bersecurity and cyber threat intelligence. Samtani has publishedover three dozen journal and conference papers on these topicsin leading venues such as MIS Quarterly, Journal of ManagementInformation Systems, ACM Transactions on Privacy and Security,IEEE Intelligent Systems, Computers and Security, IEEE S&P, IEEEICDM, and others. His research has received nearly $1.8M (in PIand Co-PI roles) from the NSF CICI, CRII, and SaTC-EDU programs.Samtani has won several awards for his research, including theACM SIGMIS Doctoral Dissertation award in 2019.
Panel CODASPY '21, April 26–28, 2021, Virtual Event, USA
