National Academies Press: OpenBook
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R1
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R2
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R3
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R4
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R5
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R6
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R7
Page viii Cite
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R8
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R9
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R10
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R11
Suggested Citation:"Front Matter." National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25488.
×
Page R12

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Prepublication Copy – Subject to Further Editorial Correction Implications of Artificial Intelligence for Cybersecurity PROCEEDINGS OF A WORKSHOP Anne Johnson and Emily Grumbling, Rapporteurs Computer Science and Telecommunications Board Intelligence Community Studies Board Division on Engineering and Physical Sciences PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION

THE NATIONAL ACADEMIES PRESS 500 Fifth Street, NW Washington, DC 20001 This project was supported by Award Number 2014-14041100003-021 with the Office of the Director of National Intelligence. Any opinions, findings, conclusions, or recommendations expressed in this publication do not necessarily reflect the views of any organization or agency that provided support for this project. International Standard Book Number-13: 978-0-309-XXXXX-X International Standard Book Number-10: 0-309-XXXXX-X Digital Object Identifier: https://doi.org/10.17226/25488 Additional copies of this summary are available from the National Academies Press, 500 Fifth Street NW, Keck 360, Washington, DC 20001; (800) 624-6242 or (202) 334-3313; http://www.nap.edu/. Copyright 2019 by the National Academy of Sciences. All rights reserved. Printed in the United States of America National Academies of Sciences, Engineering, and Medicine. 2019. Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: https://doi.org/10.17226/25488. PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION

The National Academy of Sciences was established in 1863 by an Act of Congress, signed by President Lincoln, as a private, nongovernmental institution to advise the nation on issues related to science and technology. Members are elected by their peers for outstanding contributions to research. Dr. Marcia McNutt is president. The National Academy of Engineering was established in 1964 under the charter of the National Academy of Sciences to bring the practices of engineering to advising the nation. Members are elected by their peers for extraordinary contributions to engineering. Dr. John L. Anderson, is president. The National Academy of Medicine (formerly the Institute of Medicine) was established in 1970 under the charter of the National Academy of Sciences to advise the nation on medical and health issues. Members are elected by their peers for distinguished contributions to medicine and health. Dr. Victor J. Dzau is president. The three Academies work together as the National Academies of Sciences, Engineering, and Medicine to provide independent, objective analysis and advice to the nation and conduct other activities to solve complex problems and inform public policy decisions. The Academies also encourage education and research, recognize outstanding contributions to knowledge, and increase public understanding in matters of science, engineering, and medicine. Learn more about the National Academies of Sciences, Engineering, and Medicine at www.national-academies.org. PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION

Consensus Study Reports published by the National Academies of Sciences, Engineering, and Medicine document the evidence-based consensus on the study’s statement of task by an authoring committee of experts. Reports typically include findings, conclusions, and recommendations based on information gathered by the committee and the committee’s deliberations. Each report has been subjected to a rigorous and independent peer-review process and it represents the position of the National Academies on the statement of task. Proceedings published by the National Academies of Sciences, Engineering, and Medicine chronicle the presentations and discussions at a workshop, symposium, or other event convened by the National Academies. The statements and opinions contained in proceedings are those of the participants and are not endorsed by other participants, the planning committee, or the National Academies. For information about other products and activities of the National Academies, please visit www.nationalacademies.org/about/whatwedo. PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION

PLANNING COMMITTEE FOR A WORKSHOP ON IMPLICATIONS OF ARTIFICIAL INTELLIGENCE FOR CYBERSECURITY FREDERICK R. CHANG, NAE,1 Southern Methodist University, Chair KATHLEEN FISHER, Tufts University ERIC HORVITZ, NAE, Microsoft Corporation SUBBARAO KAMBHAMPATI, Arizona State University WENKE LEE, Georgia Institute of Technology JOHN MANFERDELLI, Northeastern University PHIL VENABLES, Goldman Sachs Staff EMILY GRUMBLING, Program Officer, Workshop Director KATIRIA ORTIZ, Associate Program Officer JON EISENBERG, Senior Board Director SHENAE BRADLEY, Administrative Assistant 1 Member, National Academy of Engineering. PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION v

COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD FARNAM JAHANIAN, Carnegie Mellon University, Chair LUIZ ANDRÉ BARROSO, Google, Inc. STEVEN M. BELLOVIN, NAE,1 Columbia University ROBERT F. BRAMMER, Brammer Technology, LLC DAVID CULLER, NAE, University of California, Berkeley EDWARD FRANK, NAE, Cloud Parity, Inc. LAURA HAAS, NAE, University of Massachusetts, Amherst MARK HOROWITZ, NAE, Stanford University ERIC HORVITZ, NAE, Microsoft Corporation VIJAY KUMAR, NAE, University of Pennsylvania BETH MYNATT, Georgia Institute of Technology CRAIG PARTRIDGE, Colorado State University DANIELA RUS, NAE, Massachusetts Institute of Technology FRED B. SCHNEIDER, NAE, Cornell University MARGO SELTZER, NAE, University of British Columbia MOSHE VARDI, NAS2/NAE, Rice University Staff JON EISENBERG, Senior Director LYNETTE I. MILLETT, Associate Director SHENAE BRADLEY, Administrative Assistant EMILY GRUMBLING, Program Officer RENEE HAWKINS, Financial and Administrative Manager KATIRIA ORTIZ, Associate Program Officer For more information on CSTB, see its website at http://www.cstb.org, write to CSTB, National Academies of Sciences, Engineering, and Medicine, 500 Fifth Street, NW, Washington, DC 20001, call (202) 334-2605, or e-mail the CSTB at cstb@nas.edu. 1 Member, National Academy of Engineering. 2 Member, National Academy of Sciences. PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION vi

INTELLIGENCE COMMUNITY STUDIES BOARD FREDERICK R. CHANG, NAE,1 Southern Methodist University, Co-Chair ROBERT C. DYNES, NAS,2 University of California, San Diego, Co-Chair JOEL F. BRENNER, MIT/Joel Brenner, LLC ROBERT A. BRODOWSKI, The MITRE Corporation ROBERT T. CARDILLO, The Cardillo Group, LLC TOMÁS DÍAZ DE LA RUBIA, Purdue University Discovery Park ROBERT A. FEIN, McLean Hospital/Harvard Medical School MIRIAM E. JOHN, Independent Consultant ANITA K. JONES, NAE, University of Virginia STEVEN E. KOONIN, New York University ROBERT H. LATIFF, R. Latiff Associates RICHARD H. LEDGETT, JR., Institute for Defense Analyses MARK M. LOWENTHAL, Intelligence & Security Academy, LLC MICHAEL A. MARLETTA, NAS/NAM,3 University of California, Berkeley L. ROGER MASON, JR., Peraton JASON G. MATHENY, Georgetown University CARMEN L. MIDDLETON, Common Table Consulting WILLIAM C. OSTENDORFF, United States Naval Academy DAVID A. RELMAN, Stanford University ELIZABETH RINDSKOPF PARKER, Retired, State Bar of California SAMUEL S. VISNER, The MITRE Corporation DAVID A. WHELAN, University of California, San Diego Staff ALAN SHAW, Director CARYN LESLIE, Senior Program Officer CHRIS JONES, Financial Manager MARGUERITE SCHNEIDER, Administrative Coordinator DIONNA ALI, Research Associate NATHANIEL DEBEVOISE, Senior Program Assistant 1 Member, National Academy of Engineering. 2 Member, National Academy of Sciences. 3 Member, National Academy of Medicine. PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION vii

Acknowledgment of Reviewers This Proceedings of a Workshop has been reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making its published proceedings as sound as possible and to ensure that the proceedings meets institutional standards for clarity, objectivity and responsiveness to the charge. The review comments and draft manuscript remain confidential to protect the integrity of the process. We wish to thank the following individuals for their review of this proceedings: Kathleen Fisher, Tufts University, Eric Grosse, Independent Consultant, Eric Horvitz, NAE,1 Microsoft Corporation, and Una-May O’Reilly, Massachusetts Institute of Technology. Although the reviewers listed above have provided many constructive comments and suggestions, they did not see the final draft of the Proceedings of a Workshop before its release. The review of this proceedings was overseen by Steven M. Bellovin, NAE, Columbia University. He was responsible for making certain that an independent examination of this proceedings was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this proceedings rests entirely with the rapporteurs and the National Academies. 1 Member, National Academy of Engineering. PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION ix

Contents 1 INTRODUCTION AND CONTEXT 1-1 Opening Remarks, 1-2 The State of Artificial Intelligence, 1-4 2 ARTIFICIAL INTELLIGENCE AND THE LANDSCAPE OF CYBER ENGAGEMENTS 2-1 Introduction and Context, 2-1 Artificial Intelligence and Machine Learning in Cyberattacks: Insights from Hacking Competitions, 2-3 Some Thoughts on the Use of AI/ML in Cyberattacks: Economic and Practical Considerations, 2-6 Artificial Intelligence and Cyber Strategy, 2-8 Panel Discussion, 2-11 3 CURRENTLY DEPLOYED ARTIFICIAL INTELLIGENCE/MACHINE LEARNING TOOLS FOR CYBER DEFENSE OPERATIONS 3-1 AI/ML in Anomaly Detection, 3-2 AI for Identifying Novel Phishing Attacks, 3-4 Selected ML Applications at CrowdStrike, 3-6 Panel Discussion, 3-8 4 ADVERSARIAL ARTIFICIAL INTELLIGENCE FOR CYBERSECURITY: R&D AND EMERGING AREAS 4-1 Adversarial Attacks on Machine Learning, 4-1 Emerging Areas at the Intersection of AI and Cybersecurity, 4-2 Is Robust ML Really Robust?, 4-6 Artificial Adversarial Intelligence for Cybersecurity, 4-8 Panel Discussion, 4-10 5 SECURITY RISKS OF ARTIFICIAL INTELLIGENCE-ENABLED SYSTEMS 5-1 Security and Privacy in Machine Learning, 5-1 Secure Learning in Adversarial Physical Environments, 5-5 Working Toward Formally Robust ML, 5-7 Panel Discussion, 5-9 6 DEEP FAKES 6-1 Deep Fakes: Where Are We?, 6-2 Detection of Forged/Synthetic Content: Visual, Audio, and Text, 6-4 Panel Discussion, 6-6 PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION xi

7 WRAP-UP DISCUSSION: IDENTIFYING KEY IMPLICATIONS AND OPEN QUESTIONS 7-1 Workshop Takeaways, 7-9 Concluding Remarks, 7-10 APPENDIXES A Workshop Agenda A-1 B Additional Discussion Questions from Sponsor B-1 C Steering Committee and Staff Biographies C-1 D Speaker Biographies D-1 E Abbreviations and Acronyms E-1 PREPUBLICATION COPY – SUBJECT TO FURTHER EDITORIAL CORRECTION xii

Next: 1 Introduction and Context »
Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop Get This Book
×
Buy Paperback | $45.00
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

In recent years, interest and progress in the area of artificial intelligence (AI) and machine learning (ML) have boomed, with new applications vigorously pursued across many sectors. At the same time, the computing and communications technologies on which we have come to rely present serious security concerns: cyberattacks have escalated in number, frequency, and impact, drawing increased attention to the vulnerabilities of cyber systems and the need to increase their security. In the face of this changing landscape, there is significant concern and interest among policymakers, security practitioners, technologists, researchers, and the public about the potential implications of AI and ML for cybersecurity.

The National Academies of Sciences, Engineering, and Medicine convened a workshop on March 12-13, 2019 to discuss and explore these concerns. This publication summarizes the presentations and discussions from the workshop.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  6. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  7. ×

    View our suggested citation for this chapter.

    « Back Next »
  8. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!