How to Bypass AI-Based Security Systems

It is not very difficult to bypass security systems which are based on Machine Learning and AI. Here attack-based scenario of how it could be done will be explained. Due to security reason and since the objective of this blog is only to show you risk and not teach hacking, we won’t explain everything in details but we just show you blueprint of attack to understand the risk. Firstly, let see how AI and Machine Learning based system are working. Basically, you need to send them very big amount of data and classify which one is safe and which one is harmful. Then keep doing this so the system get smarter (what they say) and it could figure out how classify the future and possible unknown data based on previous decisions and it is automated. This is simple to say but in background it required huge amount of data and required complex mathematical equation and large database to store and large processors to analyze them. Let say, we have a large sample of network package send to our Instruction Prevention System (IPS) and in this sample we classify these behaviors are harmful so it will block them and others which are safe and should be pass, then we send other samples and based on previous decisions, it will classify them. So the system will say I see this file in the past, so from its behavior, it seems to be harmful so block it and others consider safe and pass it. In this way, some safe packages incorrectly being blocked and we call them false positive and some harmful package will pass through it and we call them false negative. All experts in AI and Machine Learning just say these are false positive and they might either try define exception or get some bigger data or improve their algorithm to improve classification but still they are agreed, they are unable to stop false (positive or negative) and to improve their algorithm , they need to spend a lot of resources. But just imagine one and only one of package which is malicious manage to bypass the IPS and then this package could damage a system in a way to open backdoor for other malwares and take complete control of the system. Same issue will happen for Anti-Malware products which they incorrectly allow a harmful program to run and take a complete control of the system. Improving algorithm to stop such issue is so hard and time consuming and required heavy resources. But bypassing such systems is very easy, you just need to send some files (e.g. malware or malicious package) and based on block or not block figure out the algorithm and then design you malware or malicious package in a way so it classify it as a safe. You may also turn the security protection (IPS or Anti-Malware) into your friend, for example just send some safe package so it won’t be blocked by IPS and try change it a bit and send it so the system will learn about the package and then while you are sending this, add your malicious command inside it slowly, you may also send it encrypted so IPS won’t notice anything, just send some encrypt file along with safe package so IPS identify it as safe and bypass it and then once you did for a while and IPS detect it as safe , then send your malicious one. You may do the same for Anti-Malware software, send some safe file and once user get it just send some files and update it and when Anti-Virus trust it, then send malicious update in a way which Anti-Malware learned to classify as safe. Similar scenario is applicable in all other security products, you don’t need to be a great mathematician or have much knowledge or resource to bypass Machine Learning or Artificial Intelligence based security system but to build such system or change your existing algorithm you need to do a lot. This is why we keep calling security experts around the world to move from AI and ML to new ways which we could easily deal with cybercriminals. We don’t need AI or ML, we just need to see how to build weapon using our technology and analysis cyber-attacks and build strong counter-measure.

 

Advertisements

Comments are closed.

%d bloggers like this: