AI vs. ML
By Vincent Torres
Artificial Intelligence (AI) and Machine Learning (ML) are hot topics in the world of cybersecurity today. As technological literacy becomes more common and people begin to rely on the technological domains of the 21st century, cybersecurity becomes increasingly important.
However, the debate over the best way to fight cyber crime starts with understanding both Artificial Intelligence and Machine Learning. This includes their implementation and the impacts they have in the cybersecurity world.
Artificial Intelligence (AI)
Artificial Intelligence is when machines take note of their environment and take action based on their desired goal. They also carry out tasks that are not already embedded into their system.
For example, if a computer is playing a game of chess, it might already have hundreds of moves pre-programmed into its system to help it win the game.
On the contrary, a machine is artificially intelligent when it calculates the moves ahead and reviews all possible outcomes — no longer taking commands, but thinking on its own.
"The Achilles heel is the program, no matter how complex you build the system,” says Martin Minnich, program manager of the California Cybersecurity Institute in San Luis Obispo. This means that the program will always have fault, even when the system is free-thinking; AI is prone to error.
Machine Learning (ML)
Machine learning is an algorithm, and when it is fed enough data, it is able to recognize patterns in the system of new data and as a result, learns to classify that new data based on prior information that it has already gathered.
Take, for example, a smartphone. Auto-fill on our text messages, search engines and chat applications wouldn’t be possible without Machine Learning. This is because the machine suggests what your next word is likely to be based off of patterns you create when you frequently type in certain phrases or words together.
However, according to Pieter Arntz, a Malware Intelligence researcher, “If the machine is allowed to accept its own assumptions to be true, it may stray from the path the developers envisioned.” This can be seen when our phones generate sentences that make no sense by suggesting words based off of patterns in our texts.
To sum it up, Artificial Intelligence focuses on the creation and operation of free-thinking machines, while Machine Learning focuses on analyzing patterns that allow machines to learn from experience.
Which is Better?
There is no definitive answer as to which system is more efficient when it comes to cybersecurity. The world of technology is ever-changing, and with the innovation of new tech comes the innovation of new hacking techniques. This means that our cybersecurity systems must adapt to the changing landscape of the electronic world.
If attackers can figure out how an algorithm is set up, or where it draws its training data from, they can figure out ways to introduce misleading data that builds a counter-narrative about what content or traffic is legitimate versus malicious (Newman, 2018).
According to Minnich, the most powerful cybersecurity resource is outside the machines. “The critical flaw in all systems is the human," he says. "Train the human to be cyber fluent and digitally literate, have basic policies and procedures in place, and actually do your normal workflow with an awareness towards cybersecurity would eliminate a huge amount of simple vulnerabilities.”
"The amounts of new data coming in every day are too much for cost-effective human processing,” argues Arntz. “Machines are less error-prone if trained properly.”