Читать книгу Intelligent Network Management and Control - Badr Benmammar - Страница 13

Artificial intelligence (AI) and machine learning have rapidly progressed in recent years, facilitating the development of a broad range of applications. For example, AI is an essential component of widely used technologies such as automatic speech recognition, machine translation, spam filters and facial recognition. Promising technologies are currently the object of research or small-scale pilot projects, among which it is worth mentioning self-driving cars, digital assistants and drones activated by AI. Looking further into the future, advanced AI may reduce the need for human labor and improve governance quality.

A wide variety of tasks are automated using AI. Games, car driving and image classification are some of the tasks commonly studied by AI researchers. A broad set of tasks can be transformed by AI. At the very least, every task requiring human intelligence is a potential target for AI innovation. While the field of AI dates back to 1950, several years of rapid progress and growth have recently led to higher reliability. Sudden performance gains have been accomplished by researchers in a number of fields. Figure 1.1 illustrates this trend in the case of image recognition, where over the past few years AI systems have increased their performance in terms of classification accuracy from about 70% to nearly perfect classification accuracy (98%), which surpasses the human reference (95%) (Brundage et al. 2018).

Figure 1.1. Progress in image recognition (benchmark ImageNet), “Electronic Frontier Foundation’s AI Progress Measurement” (August 2017)

From a security perspective, a number of AI developments are worth mentioning. For example, target-face recognition and space navigation capacities are applicable to autonomous weapons systems. Similarly, image, text and voice generation possibilities could be used online to imitate other persons or influence public opinion by disseminating AI-generated content via social networks. These technical developments can also be considered early indicators of the potential of AI. Unsurprisingly, AI systems may soon qualify for an even wider range of security related tasks.

Information security is defined as the protection of computer systems against any unauthorized access, use, disruption, modification or destruction in order to provide confidentiality, integrity and availability (Peltier 2010). Information security does not refer to any particular security technology, but rather to a strategy involving persons, processes, rules and tools required in order to detect, prevent, document and mitigate current threats. With increasingly interconnected networks, security services are becoming ever more important. Connectivity is no longer an option in the commercial world, and its potential risks do not outweigh its advantages. Consequently, cybersecurity services should offer adequate protection to companies operating in a relatively open environment. Compared to classical approaches to computer security, several new hypotheses related to current computer networks should be formulated:

 – modern networks are very large and further interconnected, and they are more accessible; consequently, potential attackers can easily connect and access these networks remotely;

 – network interconnection increases the probability of attacks directed at large size networks such as the Internet by means of a set of widely known and open protocols.

The complexity of computer systems and applications is steadily growing. Consequently, it has become increasingly difficult to correctly analyze, secure and test computer system security. When these systems and their applications are connected to large networks, the risk of threats significantly increases. In view of adequate protection of computer networks, the deployed procedures and technologies must ensure (Khidzir et al. 2018):

 – confidentiality: due to data confidentiality, only authorized users have access to sensitive information;

 – integrity: due to data integrity, only authorized users can modify sensitive information; integrity could also ensure data authenticity;

 – availability: due to system and data availability, authorized users have uninterrupted access to resources and important data.

The confidentiality, integrity and availability triad is a fundamental concept of information security. Each organization strives to ensure these three elements of the information system. Confidentiality prevents unauthorized disclosure of sensitive information (Kumar et al. 2018). Integrity prevents any unauthorized modification of information, thus ensuring information accuracy. Cryptographic hashing functions (such as SHA-1 or SHA-2) can be used to ensure data integrity. Availability prevents loss of access to resources and information (Kumar et al. 2018).