Proactive Security Auditing against AI-enhanced Cyberthreats: from Clouds to Internet of Things (IoT)

针对人工智能增强型网络威胁的主动安全审核：从云到物联网 (IoT)

• 批准号: RGPIN-2021-04106
• 负责人: Majumdar, Suryadipta
• 金额: $ 2.11万
• 依托单位: Concordia University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2022
• 资助国家: 加拿大
• 起止时间: 2022-01-01 至 2023-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=750649
• 关键词: Proactive; Security; Auditing; against; AI

Artificial intelligence (AI) has ushered in many revolutionary changes in our lives, especially through its direct impacts on emerging technologies, such as cloud computing and Internet of Things (IoT). This digital transformation has also been rapidly changing the cybersecurity landscape. For instance, today's complex cloud and IoT systems reportedly suffer from various implementation flaws and misconfigurations, and adversaries frequently exploit those vulnerabilities to craft sophisticated and powerful cyberattacks by weaponizing the power of AI. As a result, the transparency and accountability of those systems often become questionable. To that end, security auditing (which verifies the security of a system), might be a promising solution, as it has been a popular choice in the industry for years. However, the traditional retroactive approach to security auditing has become insufficient against AI-enhanced cyberthreats to emerging technologies mainly due to: the lack of readily available security rules or models for auditing, need for a continuous security guarantee for the dynamic nature of those technologies, privacy concerns associated with data sharing, and resource constraints for conducting auditing in several technologies (e.g., IoT). The proposed research program seeks to defend against this new paradigm of AI-enhanced cyberthreats and build proactive security auditing solutions that can be applied to cloud and IoT systems. Our short-term objectives are to build techniques to: (i) derive actionable security rules and models for auditing by understanding AI-enhanced threats, (ii) proactively prepare for potential security breaches so that our auditing solution can prevent a breach at runtime, and (iii) overcome resource constraint and privacy concerns by distributing the auditing workload. In pursuit of these objectives, the proposed research will first build an automated technique to learn security rules from both high-level security standards and AI-enhanced cyberthreats. Second, it will develop a proactive approach that conducts auditing on predicted future changes as well as derived capabilities (i.e., what actions a component can perform) of each component in a system. Finally, it will devise a distributed and lightweight auditing technique that clusters similar components and then locally conducts auditing on each cluster. In summary, the proposed research will help advance the field of cybersecurity for cloud and IoT systems, especially against newer and stronger adversaries with AI capabilities, and provide the Canadian industry with implementable solutions in the near future with the ultimate aim of ensuring proactive security for emerging technologies.

人工智能（AI）给我们的生活带来了许多革命性的变化，特别是通过它对云计算和物联网（IoT）等新兴技术的直接影响，这种数字化转型也迅速改变了网络安全格局。据报道，当今复杂的云和物联网系统存在各种实施缺陷和错误配置，对手经常利用这些漏洞，通过将人工智能的力量武器化来发动复杂而强大的网络攻击，因此，这些系统的透明度和问责制往往会受到影响。为此，安全审计（验证系统的安全性）可能是一个有前途的解决方案，因为它多年来一直是业界的流行选择，但是，传统的安全审计追溯方法已经不够了。针对新兴技术的人工智能增强型网络威胁，主要是由于：缺乏现成的安全规则或审计模型、需要为这些技术的动态性质提供持续的安全保证、与数据共享相关的隐私问题以及进行操作的资源限制。多种技术的审计（例如，物联网）。拟议的研究计划旨在防御这种人工智能增强的网络威胁的新范式，并构建可应用于云和物联网系统的主动安全审计解决方案。我们的短期目标是构建以下技术：（ i) 通过了解人工智能增强的威胁，得出可操作的安全规则和审计模型，(ii) 主动为潜在的安全漏洞做好准备，以便我们的审计解决方案可以在运行时防止漏洞，以及 (iii) 克服资源限制和隐私问题为了实现这些目标，拟议的研究将首先构建一种自动化技术，从高级安全标准和人工智能增强的网络威胁中学习安全规则，其次，它将开发一种主动的方法来进行审计。预测系统中每个组件的未来变化以及派生功能（即组件可以执行哪些操作）最后，它将设计一种分布式轻量级审核技术，将相似的组件聚集在一起，然后在本地对每个组件进行审核。总之，拟议的研究将有助于推进云和物联网系统的网络安全领域，特别是针对具有人工智能能力的更新和更强大的对手，并在不久的将来为加拿大行业提供可实施的解决方案，最终目标是确保积极主动。新兴技术的安全。