We ought to change our attitude to computer security risk, says Google’s Adrian Ludwig. Instead of trying to eliminate risk, we should aim to manage it. In the same way that credits cards do, we should be using data to build a different risk profile for each individual user. The most effective way to do this is by applying Artificial Intelligence. And while this may still sound a little sci-fi (though decidedly less and less so), Google’s Android is already starting to use machine learning to plug security holes. Ludwig suggests that we shouldn’t code hard-and-fast digital rules that aim to stop all online attacks. As the internet grows more complex and reaches more people, this would eventually end up restricting online movement and the exchange of data. Instead, we should build systems that constantly analyse and identify potential problems.
Google does not yet have a problem, but they are planning ahead. Their idea is to deploy a team of AI “security guards” to identify cyber threats and sieve out harmful signals from the general good-natured chatter and data flow. For the time being, however security expertise cannot be replaced by a machine learning algorithm. So stay in school, kids!
Read the full story at https://www.wired.com/2016/06/googles-android-security-team-turns-machine-learning/