Cyber attacks are at an all time high! Each day, hundreds of people fall victim to a breach in security that causes their personal information to be compromised. Not only is it inconvenient, it is conconcerning, given that you can never be quite sure who has access to your private data. Thanks to Dr. Salvatore Stolfo and the team at Allure Security, it is possible to be several steps ahead of people who seek to ruin your day. Using AI technology to be proactive rather than reactive and create decoys that confuse hackers, Allure can potentially prevent an attack before it even occurs. Salvatore is helping customers around the world to rest easy.
Tamara: Can you share a story that inspired you to get involved in AI?
Salvatore: When I was just a kid, it was natural to be enthralled with the Apollo missions and space flight. When looking at star maps, it was natural as well to wonder where all those points of light came from. How the heck did our minds get here, and how could the universe ask questions about itself? In college, I learned about a conference held in Dartmouth well over a decade earlier where scientists were talking about “Artificial Intelligence.” The luminaries then, McCarthy, Newell, Simon, Minsky, were true inspirations. When I arrived at NYU Courant Institute, I spent considerable time learning about and doing research in Mathematical Logic, thinking that was the answer to the question of “What is Thinking?” I’ve been pondering AI ever since. In the mid-1990’s, however, I also studied security problems including transaction fraud and was amazed at how clever thieves were at stealing money. I then realized that machines had to be a lot smarter at defending and protecting themselves. I pitched the idea to DARPA to fund my lab to work on behavior-based security, which in essence was Machine Learning for computer security. My IDS lab at Columbia has focused on applying AI to security ever since.
Tamara: Describe your company and the AI/predictive analytics/data analytics products/services you offer.
Salvatore: Allure Security has developed products that detect and respond to advanced cyber threats, malware, and malicious insider activity before sensitive data is stolen. Much of the security technologies available today have focused on prevention. Those products that focus on detection do so by analyzing network, endpoint, application or user behavior. This is only natural and has been my focus for quite some time as well in my early research. Some years ago, I realized that the true answer to the problem of stopping data loss needed to focus on the data, the quarry attackers are after. Data and data flows also have behaviors that can be modeled by AI methods. Allure’s Data-loss Detection and Response (DDR) platform accomplishes this by using patented beaconing and decoy technologies to track and protect documents inside and outside enterprise walls. Organizations can deploy Allure DDR in hours, accurately detect breaches that bypass other security controls, and reduce the cost and time of post-incident investigations. We use AI to create authentic-looking, highly convincing decoy documents that make a would-be adversary believe they have stolen something of value. We also use machine learning that determines what is normal behavior for a company’s documents: who typically accesses them, where in the world they travel, and in particular document flows that are clearly malicious.
Tamara: How do you see the AI/data analytics/predictive analysis industry evolving in the future?
Salvatore: The success of AI driven applications is dependent upon experts who are knowledgeable and capable of developing AI infrastructures, but also have deep expertise in the application domain where hard problems haven’t been solved in scale. There will undoubtedly be numerous “general purpose infrastructures” that support AI applications, but these will only be successfully applied when human subject matter experts engineer solutions to problems they understand deeply. One can expect an ever increasing supply of such general purpose tools and systems that handle huge amounts of data streaming from arbitrary sources, and process that data intelligently and quickly to solve problems that no human has ever tackled.
Tamara: What is the biggest challenge facing the industry today in your opinion?
Salvatore: There are a number of challenges: probably “brittleness” and “robustness” of the AI systems. These issues are affected by the quality and breath of data available. There is a growing need to prepare data to be used and modeled in AI ensuring that any missed “corner” cases doing have an adverse impact on the outcome of the analytics. While there are plenty of off-the-shelf products and services that include AI or ML functionality, or will soon do so, some of the best results will be at organizations that use their own data to train their own AI systems, or augment third-party ones that ensures not only accurate results in the lab, but accurate results in the real work context in which they are deployed. Mitigating error is an open issue. Real-world data is dirty, especially when multiple disparate sources are culled together. Linking data together about the same entities will get more complicated with more sources and larger stores of information will have to be processed. Probably the most difficult problem to solve is defining the high value use cases for the analyses. For this, AI expertise is necessary to do the job effectively, but business savvy and industry knowledge are also required to get the best value from the high cost of the analytics.
Tamara: How do you see your products/services evolving going forward?
Salvatore: In the mid-1980’s, a fast growing AI field was quickly and prematurely commercialized. These “Expert Systems” encapsulated domain expertise intended, as standalone applications provided machine experts. There were many artifacts of the Knowledge-Based Expert Systems technology of the day including “Automated Cable Expertise,” a system used by the telephone company to predict local failures in the local phone loop. There were infectious disease diagnosis and treatment to automate services one would expect of their internist, and various applications too numerous to enumerate. These failed in the marketplace because they were expensive to update and grow their “expertise” requiring programming and teaching by human experts. These products and their underlying technology weren’t capable of sustaining any real businesses. Machine Learning technology has changed everything, making AI practical, scalable, and effective largely due to the enormous data resources that are now available from other technical developments of the past decade.
Tamara: What is your favorite AI movie and why?
Salvatore: 2001: A Space Odyssey, of course! For its time, it was amazingly accurate in what the future could be (most having occurred by now), but also because Hal’s inconsistent theory (remember I was driven to Mathematical Logic) led to plausible outcomes. Talk about brittleness.
Tamara: What type of advice would you give my readers about AI?
Salvatore: Do not confuse “Hollywood AI”, with “Computer Science (real-world) AI”. There is as large a gulf between the two as there is between “Hollywood Physics” and “Physics Physics”.
Tamara: How does AI, particularly your product/service, bring goodness to the world? Can you explain how you help people?
Salvatore: Everyone’s lives are directly impacted by the internet. There is nothing surprising about that statement. However, with the huge advantage the internet provides all of us, it is also not a surprise that this technology comes along with dangers we all know too well. It is hard to know anyone whose personal data hasn’t been lost by some large enterprise. There are too many examples to enumerate. Adversaries attacking our computer systems have always had the advantage over defenders, and I want to change that by employing AI machine learning techniques to change this asymmetry in favor of the defender. The core of our technology is to detect when adversaries have penetrated and bypassed deployed defenses, and when they do, to confound and confuse them with bogus data they may think has value, but doesn’t. This “knowledge attacks”, an active defense hack back, now for the first time makes the adversary pay a cost for their attacks and exfiltration. They must expend time and effort to figure out what is real and what is fake, making their effort no longer free. Creating highly believable decoys and deceptive material is now achievable with AI Machine Learning techniques.
Tamara: What would be the funniest or most interesting story that occurred to you during your company’s evolution?
Salvatore: When the company grew its sales and marketing team, we had a company outing to an F-1 racing car track. I made it clear my driving skills were learned in the mean streets of Brooklyn, New York, not Brookline, MA. Unbeknownst to me and the rest of the team, one of our sales engineers was a semi-pro F-1 driver who knew how to clear the road for himself. I didn’t flip my car, but I did flip at his car as it routinely blew past me.
Tamara: What are the 3-5 things that most excite you about AI? Why? (industry specific)
Salvatore: CyberSecurity based upon AI will change the battlefield in favor of defenders. I am looking forward to this new challenge to see how adversaries will react. I am certain they will attempt to use AI against AI, but that too will come as a cost to them.
Tamara: What are the 3-5 things worry you about AI? Why? (industry specific)
Salvatore: First, I worry about the brittleness of deployments that don’t account for “corner cases” since there was insufficient training data could lead to significant negative consequences. I also worry about product developers who deploy in critical applications who do not account that the lack of robustness of these systems could be responsible for harm.
Tamara: Over the next three years, name at least one thing that we can expect in the future related to AI?
Salvatore: Soon, very sophisticated (probably nation-state) adversaries will employ AI methods to attack our computer systems in very sophisticated ways.