Me too ��
Warm regards
Antonio
This email is confidential and any unauthorised use, dissemination of the information, or copying of this message is prohibited. If you are not an intended recipient, please notify the sender immediately by return e-mail and delete this message. It is the responsibility of the recipient to ensure that this email and any attachments are virus free and no responsibility is accepted by Prudential for any loss or damage from receipt or use thereof. Please note that all e-mail messages may be subject to interception for lawful business purposes. Prudential cannot accept liability for statements made which are clearly the sender's own and not made on behalf of Prudential.
Prudential plc, incorporated and registered in England and Wales. Registered office: 1 Angel Court, London, EC2R 7AG. Registered number 1397169. Prudential plc is a holding company, some of whose subsidiaries are authorised and regulated, as applicable, by the Hong Kong Insurance Authority and other regulatory authorities. Prudential plc is not affiliated in any manner with Prudential Financial, Inc., a company whose principal place of business is in the United States of America or The Prudential Assurance Company Limited, a subsidiary of M&G plc, a company incorporated in England and Wales.
Sent: 3/15/2021 7:04:00 PM
From: alex jayakumar jayaraj
Subject: RE: AI and ML attack surface: A summary of recently completed training
Team ,
I recently joined in this group . I want to be working group. Can you please forward me the calendar invite.
Regards,
Alex
Original Message:
Sent: 3/11/2021 1:03:00 PM
From: Nicholas Grove
Subject: RE: AI and ML attack surface: A summary of recently completed training
Wow this was a really great teaser overview, and (new-to-me) course suggestion – thanks so much Mark.
------------------------------
CISSP, CCSP, CASP+, et al. | Cybersecurity • Supply Chain • Education | www.linkedin.com/in/nicholasgrove/
------------------------------
Original Message:
Sent: Mar 09, 2021 11:38:00 AM
From: Mark Yanalitis
Subject: AI and ML attack surface: A summary of recently completed training
I had a chance to take in AL and ML in INFOSEC training. In summary, the high-level goals for AI and ML use in INFOSEC were,
- Predict the future (Supervised, labeled numeric data, regression analysis to map input variables to output variables)
- If X happens, the probability of Y occurring is ...
- Categorize data (Supervised, labeled data, classification analysis to split new data into existing categories)
- Find new patterns of behavior (Unsupervised, unlabeled data, clustering analysis to find relationships in the data)
- Low and slow pattern detection vs. anomaly detection
- General adversarial network (GAN) synthetic training data (Unsupervised, unlabeled data, generative analysis)
- Deep fake image and deep fake record detection
Go forward risks of using AI and ML in information security products
- The host company, or vendor, has a poor AI implementation
- Attacks against the host company implementation to skew or amplify an existing bias in the data (e.g. affecting model error, affecting model bias, affecting richness of data, influencing auto-correlation)
- Attackers using AI and ML to increase the precision of targets, and accuracy of effects by attacking at scale utilizing data sets, modeling, classification, and process automation
- Human bias relying on probabilistic models that lack domain knowledge context of the relationship between elements like the business model, the IT network, and business process rules governing customer/application interactions
The course offering is on LinkedIn Learning. The author is Sam Sehgal. If you have access to that knowledge base through your employer consider checking it out.
Mark Y.
------------------------------
Mark Yanalitis
------------------------------