Tag Archives: artificial intelligence

From the old to the new in tackling information security

Haydn Tarr
IT Service Development Manager
The University of Chichester
Report provided to colleagues at the University of Chichester’s IT, Library and Customer Service departments

InfoSecurity Europe Conference 2018


UCISA offer a bursary to attend conferences in fields relevant to HEI support staff. I have always held a strong interest in attending InfoSec Europe and the bursary presented a perfect opportunity to attend this year. InfoSec Europe is an annual conference which holds a strong focus on cyber security technology developments. This report will disseminate my findings from the conference and draw relevance to the University of Chichester.
InfoSec was split into two formats:
My visit to InfoSec Europe focussed on the sessions it offered and discussing these topics with other visitors concerned with cyber security. There were a number of themes which were touched on regularly.

Theme 1: Cyber security prevention and training

There are varying techniques used for protecting company data from cyber-attacks. I found at the conference that commercial organisations have mainly focussed on preventative measures, e.g. firewalls, email protection, blocking users, etc. These measures do help to mitigate the risk of data breach and infection, but paradoxically reduces this workforce’s awareness of the type of threats and techniques used by attackers to exfiltrate sensitive data.
Organisations are now becoming increasingly aware that this is no longer enough, and the focus is now on training and building awareness amongst the workforce in a bid to reduce the likelihood of a data breach by exposing potential threats to staff. A general message surfaced from the seminars I attended, which was that the workforce can be the biggest asset in preventing cyber-attacks. Some organisations harness this by raising awareness and sustaining a culture where staff are encouraged to report breaches. From the opposite end of this view, other antiquated strategies are in place to prevent the workforce from even coming into contact with potential viruses and untrusted emails in the first place.
A personal takeaway is that a balance needs to be struck between the two, in which I personally feel that the University has an advantage. I observed in other organisations that training initiatives tend to be a temporary notion. Both prevention and training are a continuous development, which will adapt with emerging security vulnerabilities.

Theme 2: Blockchain

Many tech vendors in attendance at InfoSec Europe are associating themselves with Blockchain, and building this into their research and development plans for future protection technologies. In recent months we have witnessed the rise and fall in media coverage (and value!) of Bitcoin. Blockchain, which Bitcoin transactions operate upon, is a transferrable technology which can be adapted to other types of digital transactions in making them more secure.
One technology I found interesting and could offer some value in the future was the use of Blockchain to provide an improved assurance of personal identity. By using Blockchain as a way of decentralising identity, more control can be put into the hands of the individual in how they share their information with other individuals and organisations. These parties can then have more confidence that the holder of this identity, is who they say they are. This could also offer the individual complete power in what specific information that they share throughout various online services, institutions, government portals, etc.

Theme 3: The old tricks still work

Traditional exploitation techniques such as email phishing, SQL Injection and other attacks have been used for almost two decades and are continuing to grow in adoption by adversaries. The rise of IoT (Internet of Things) is partially to blame for this as the surface area of potential vulnerabilities continues to grow. These vulnerabilities could be considered as older consumer electronics, connected to the internet but using old software and firmware, are unlikely to be updated. This becomes particularly problematic in the critical infrastructure industry where I witnessed a live hack on a maritime GPS navigation system. Bringing this back to the local environment, the necessity to maintain a patching programme across the University estate with a growing number of connected devices, has never been more critical.

The University is protected in every area on the network by various prevention solutions. Despite these, there is still a risk of infection or data loss due to persistent attacks which could circumnavigate these techniques such as email phishing or social engineering. These methods are still the oldest trick in the book, and at the University with a growing number of staff, this problem continues and is generally acknowledged throughout commercial and other organisations.

Theme 4: Artificial Intelligence and Machine Learning

These terminologies are often used to describe the next generation of learning ability in computer software. We are yet to reach the state where artificial intelligence achieves its true meaning. Machine learning, however has a big part to play in some of the advances in cyber security. Vast amounts of logging data is collected on a daily basis at the University and throughout other organisations. This logging data can be used for troubleshooting isolated technical issues and security events. Cyber security vendors are beginning to respond to this accumulation of logging data positively, by investing in machine learning R&D. Future developments could enable security technologies to learn behaviours and trends from the accumulation of collected logging data. This could help an organisation’s security posture to evolve in a more effective way to prevent and mitigate cyber-attacks. Vendors are advising that the sheer volume of data that is collected now, can be useful in the future – however, everyone needs to be mindful of GDPR.
Interviews with the keynote speakers from the conference are available along with presentations from the event.
Interested in finding out more about a UCISA bursary, then visit UCISA Bursary Scheme.

Is Jill Watson after your job?

She began work as a teaching assistant at Georgia Tech in January 2016, helping students on a masters level artificial intelligence course. At first, she needed help from her colleagues but she soon learnt and it wasn’t long before she was providing support to all students without assistance. Human assistance that is. “Jill” was the creation of course leader Ashok Goel – an artificial intelligence tutor developed using IBM’s Watson platform.

The course was entirely online and questions were submitted via an online forum. Initially the AI derived answers weren’t so good so the human tutors responded. But as time went on “Jill”’s answers improved so the tutors took the answers and posted them to the forum. Within a short space of time, the answers were near perfect and the AI instance was responding directly to the students. The students were not aware that they weren’t dealing with a real person – but then, do they really care if they are getting good advice?

This isn’t the only form of AI that I have seen applied in the education environment. At EDUCAUSE last year, I saw a demonstration of an AI based chat bot that guided an applicant through the process of identifying a suitable course at university and ultimately the application process itself. I was driving the questions, playing the role of the applicant – the responses were reassuring and at the end of the process, I felt satisfied that I had been given good advice.

In both instances, the AI instance will have had to learn from real life examples to build up its knowledge bank in order to make informed decisions. In the case of Jill Watson, that learning took little time; with the AI applications assistance there was more initial programming which was underpinned by some clear rules and expectations. But given that in both examples, the AI instance learnt from patterns of behaviour exhibited by real people, is there scope for using artificial intelligence at the service desk?

The answer has to be yes. The service desk system has a wealth of information about problems and their solutions that can be drawn upon and used to address submitted problems. There are many repetitive questions that get asked of a service desk which could easily be handled by an AI instance. Many service desks have identified these – password resets being an obvious example – and have sought to reduce the impact of these through FAQ sections and similar channels. But how effective are these mechanisms? Do they help deliver a one stop shop?

Could AI further aid service desk staff? It could – dealing with repetitive queries is one thing but artificial intelligence could be deployed to recognise similar questions from the bank of queries in the service management system and identify solutions. The service desk staff would then be able to give a quicker response rather than having to re-learn how to deal with a problem or seek out the expert that dealt with it last time around. Alternatively, the AI system might identify the person with the most expertise and route the query accordingly.

AI is far quicker at identifying patterns than people. As a result an artificial intelligence based system would give an earlier indication of an incident or bug and so help the service desk respond more quickly (perhaps before some realised there was a problem).

So where will that leave the service desk? Will the use of AI allow service desk staff to focus on the really meaty problems that are more satisfying to solve or will it give staff the opportunity to focus on new areas? Alternatively, will it lead to a deskilling of staff, an unrewarding role reduced to passing on solutions that are drawn down from a vast body of previous experience? Is Jill Watson going to take your job?