It Takes AI Village
In early August, security practitioners from around the world will descend upon Las Vegas for a week of talks, demos, and CTFs. The conference lineup of BSides Las Vegas, Black Hat, and DEF CON provides an excellent compendium of topics for novices and the experienced alike. Over the past three years, machine learning (ML) and artificial intelligence (AI) have grown in both discussion and application. Given the growing focus on AI and ML in infosec, it is only natural that a new village focused on AI would be introduced this year at DEF CON. DEF CON has a range of villages, including those on IoT, social engineering, and voting machine hacking, making it an ideal venue to launch something like AI Village.
The AI Village is a place where practitioners in AI and security (or both!) can come together to learn and discuss the use, and misuse, of artificial intelligence in information security. As AI becomes more common in security platforms, there will be an expectation of knowledge and understanding of how these platforms work and any security risks that AI may introduce. The village will address these issues, help bridge the gap between security practitioners and machine learning researchers, and provide a welcoming home for both at DEF CON.
The talks scheduled over the 2.5 days range from adversarial machine learning to using the latest deep learning techniques to identify phishing/exploits/ransomware. Additionally, the village will host two panel discussions on core infosec/ML topics: 1) Offensive Machine Learning; and 2) Malware Analysis and Machine Learning. Endgame’s Bobby Filar (@filar) will join other industry experts on the first panel to discuss what ethical boundaries and limits may be required for offensive use cases of ML and to prevent incidental damage. Endgame’s Amanda Rousseau (@malwareunicorn) and Hyrum Anderson (@drhyrum) will participate on the second panel to address challenges with ML in infosec by providing the practitioner and data science perspective, respectively.
The village also will be holding a Capture-the-Flag inspired event to teach attendees a wide range of ML/AI topics. The beginner challenges have walkthroughs to help hackers get started with adversarial AI and other machine learning topics at their own pace with volunteers standing by to help. The upper limits of the categories have tough questions that will test participants ability to understand and execute model attacks and defenses while working with security data. AI Village will draw on numerous open source security data sources, including the classifier and data set, Ember, which Endgame released this past spring.
If you’ll be attending, be sure to stop by the village and meet our team. We are very excited for the first of hopefully many AI Villages at DEF CON, and to have an opportunity to share our perspective on the numerous topics that must be explored as ML continues to redefine information security.