From Deep Blue to Xbox and beyond: deep learning and the implications for cyber security
Aingaran Pillai, CTO and founder of Zaizi
If you want to play chess against a computer, the stakes have recently got significantly higher. Giraffe, an artificial intelligence machine created by researchers at Imperial College, London, has taught itself to play. Using deep learning algorithms, the new machine evaluates the board and understands the context of the game in just the same the way that humans do.
Chess-playing computers are obviously not new. There are even smartphone chess apps to alleviate the boredom of the morning commute. The daddy of them all, of course, was IBM’s Deep Blue, which in 1996 challenged Grand Master Gary Kasparov, much to the champion’s displeasure.
But whereas Deep Blue relied on brute computer power to search through all possible future moves at great speed, Giraffe can learn the rules of the game. If the Deep Blue’s developers had not programmed the Sicilian Defence or the Queen’s Gambit, Deep Blue may not have used them as opening moves. On the other hand, if Giraffe doesn’t know what the Stonewall Attack is – it can soon teach itself.
In other words, despite its enormous processing power, Deep Blue could only understand chess as far as its programmers understood it. Giraffe could have been programmed by people whose knowledge of chess stopped at the musical.
Beyond pattern recognition
Deep learning algorithms are filtering through to all kinds of areas. Facebook uses them to tag photos without any human input. Amazon and Netflix use them to make more accurate suggestions for books, films and music. LinkedIn finds possible contacts with disquieting levels of accuracy – all because of deep learning. Given all this, it should be no real surprise that Google spent more than $400 million to acquire a dozen deep-learning researchers working at a London-based start-up, DeepMind Technologies, at the end of 2014. Indeed, Sergey Brin is on record saying he would like to build a benign version of the sentient computer HAL from 2001: A Space Odyssey.
These are the most obvious examples of deep learning in play today. But this is just the start – and there are plenty of innovations where deep learning will play a central role. Self-driving cars, for example, require deep learning algorithms that can distinguish between a tree and a traffic light. Since a human being cannot realistically programme the car to recognise every type of tree in every season and at every light level, the car has to learn as a human does. That means deep learning algorithms that, through sophisticated classification of data and context, can understand the concept of a tree, and then identify one in real life.
What separates deep learning from pattern recognition and previous analytic capabilities is its ability to learn, understand and apply context. Deep learning is a way of generating software, using statistics and data to produce programs that have the capacity to do more than their initial developers are capable of. Deep learning techniques can be used towards the development of machines that emulate human intelligence (artificial intelligence). As a result, we will get machines that can teach it to read, write, and speak Chinese, but which is built by an individual with no knowledge of linguistics in general or Chinese Hanzi in particular. Deep learning can also be used in data mining where users wish to extract specific insights from broad datasets.
Deep learning, security and fraud
Given this, deep learning offers plenty of opportunity in the field of security. Consider the cat-and-mouse game of malware development and detection as an example. As hackers and fraudsters continue to evolve and develop their malware, their techniques become ever more sophisticated, and harder for security solutions to detect. The time lag between a new form of malware being developed and a corresponding solution being implemented can be extremely costly.
But a deep learning algorithm that is fed vast quantities of data about malware, can find the connections and characteristics in the malware, find the significant identifiers and so learn what malware looks like. This is what Israeli company, Deep Instinct, is working on. By loading decomposed examples of every piece of malware it can find into deep learning software, it hopes to determine the common features of a wide range of malware, and so identify future incidences. It’s the equivalent of teaching a self-driving car to identify a tree from a picture of apple blossom, or a gnarled tree trunk.
The ability to go far deeper than traditional pattern recognition also has positive implications for fraud detection and customer protection. The best current fraud detection and prevention systems will use analysis of standard customer activity to identify and flag up anomalous behaviour, but the false positive rate can still be prohibitive. Deep learning is more dynamic and, again, can respond to changing fraud techniques for better results.
The paradox, of course, is that although deep learning can enhance security capabilities, it is also driving the demand for them. That Gartner’s recent report on its top strategic predictions for 2016 and beyond was titled The Future Is a Digital Thing is an indication of the direction of business development over the next few years. The dramatic rise of smart machines and autonomous devices that Gartner discusses, coinciding as it does with the connectivity of billions more devices to the Internet of Things, suggests a growing need for security solutions that can protect data and devices during radical shifts in business practices and individual behaviours.
For example, the much-anticipated death of the password is, according to Gartner, almost upon us, with personal images acting as a digital signature instead. Microsoft’s Xbox One and Sony’s PS4 already have the ability to identify, recognise and sign in players when they enter a room, all through facial recognition. We can expect similar solutions for everything from desktop computing to the remote management of the industrial plant.
While deep learning will almost certainly increase demand for advanced programmers and data scientists, cyber security experts can expect a similar increase in demand. Any residual reluctance to embrace deep learning seems likely to evaporate in the march of the machines and the corresponding need to protect all kinds of physical and virtual infrastructure from digital vandalism.