Who’s the Boss? Teaming Up With AI in Security

Feb 14, 2024
7 minutes
1389 views

Billy Hewlett - AI in Security

00:00 00:00

“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, consulting, engineering and more. Our objective is to present different viewpoints and predictions on how artificial intelligence is impacting the current threat landscape, how Palo Alto Networks protects itself and its customers, as well as implications for the future of cybersecurity. In our interview with Billy Hewlett, he emphasizes the vital role AI plays in modern security as traditional methods and legacy models struggle with the sheer volume and complexity of threats.

Hewlett, a senior director and AI research lead at Palo Alto Networks, has spent a decade tackling complex security problems with artificial intelligence. Some of his projects over the years have included programming AI systems to protect innocent players from trolls in popular video games, like World of Warcraft®. Today, his work focuses on applying machine learning to identify and stop malicious activities, such as malware, phishing and other cyberthreats, ensuring the safety of Palo Alto Networks customers.

He cites examples, like deep learning applications, that detect phishing websites by analyzing visual cues and textual patterns. Hewlett explains deep learning in a security context a bit further:

"One of them is trying to figure out if a webpage is phishing you or not… [H]umans are very good at figuring out that something looks like a bank, but they're not actually very good at figuring out that something is a bank. Computers are very good at figuring out something is a bank. There are a limited number of banks out there, and they have very, very certain behaviors, but they're not very good at figuring out what a bank looks like. So we can use machine learning here and say, ‘okay, if it has an image of a bank, if it looks like your Chase login account, but it's not your Chase login account.’ So that's an example of using a sort of deep learning technique in image processing in order to solve a security problem."

The Rise of Large Language Models

While acknowledging the limitations of current large language models (LLMs), such as hallucinations and high costs, Hewlett believes they hold immense potential. AI hallucinations are not intentionally produced by AI models, but are instead a consequence of the models trying to generate content based on patterns they have learned from larger datasets. He envisions LLMs being connected to logic systems to improve reasoning and address challenges they currently struggle with.

A concerning forecast Hewlett makes is the emergence of personalized cyberattacks powered by LLMs. Imagine attackers crafting highly targeted phishing campaigns based on a victim's digital footprint, including details like past conversations and affiliations. This, Hewlett warns, could become a reality as LLMs become more sophisticated.

Prediction: Despite current challenges, such as hallucinations and high costs, Hewlett predicts that LLMs will undergo significant improvements, making them more effective for various applications.

Beyond Imagination — AI and Creativity

When the discussion turns to AI's ability to imagine, Hewlett draws a distinction between true imagination and mimicking human behavior. LLMs may generate seemingly imaginative outputs, but they're not "thinking" in the same way humans do. However, he acknowledges that their ability to combine and transform information is impressive, leading to novel ideas and potentially even to discoveries. For example, in the data loss prevention (DLP) product, we use LLMs to help us create hard to find data (like examples of Liechtenstein Passports). We use deep learning classifiers on this synthetic data to make better detections on real traffic.

Prediction: Hewlett anticipates the integration of logic systems with LLMs to enhance reasoning capabilities. This integration aims to address the current limitations of LLMs in handling complex problems.

Democratizing AI

The issue of accessibility is addressed, with Hewlett highlighting the need to reduce the cost and energy consumption of LLMs. He compares the potential to Moore's Law, predicting advancements in hardware and software will gradually make AI more accessible. In addition, he emphasizes the importance of optimizing models for efficiency, allowing them to do more with less.

Prediction: Hewlett anticipates advancements in hardware and software that will make AI more accessible and cost-effective over time.

General Intelligence vs Artificial Intelligence

Hewlett clarifies the distinction between general intelligence and artificial intelligence. AI encompasses any intelligence not originating from humans or animals, whereas general intelligence refers to the ability to perform diverse tasks at a human-like level. Achieving true general AI remains a goal of the field, with current AI falling under the umbrella of specific intelligence, focused on particular tasks.

Prediction: Hewlett believes that as artificial intelligence progresses it will excel in specific tasks, but achieving true general intelligence comparable to humans will remain a significant challenge, requiring interdisciplinary efforts and ethical considerations.

Data Privacy and AI

Balancing data privacy with the benefits of AI analytics is a crucial challenge. Hewlett describes techniques like converting sensitive data into privacy-preserving feature vectors, allowing for analysis without revealing original information. This includes methods like adding randomness to data points and stripping out identifying details. Using these techniques of differential privacy, we can safely use information in AI without leaking any private information about our data.

Prediction: As AI becomes more commonplace and academic privacy work becomes more mainstream, Hewlett believes practitioners and policy makers will come up with frameworks that allow us to safely enjoy the benefits of both privacy and AI.

The Future of AI and Security

Looking ahead, Hewlett predicts several exciting developments in AI and security. He expects continued advancements in LLM technology, including improved reasoning abilities and personalized attack detection. Additionally, he anticipates collaborations between humans and AI, leveraging each other's strengths to tackle complex security challenges. Hewlett explains further:

"I think that large language models right now, while awkward for many things, will improve. We'll start connecting logic systems to them for better reasoning. And for AI and security, we're in an area where everyone's got these new tools with large language models. There's a lot of exciting stuff going on, using LLMs to improve traditional machine learning and construct datasets. But, I think soon the attackers are going to start using LLMs. One thing I'm very worried about is personalized attacks against humans. In many ways humans are the weakest part of security, and our adversary will create AI to exploit this."

The interview concludes with a discussion on homomorphic encryption, a technique for performing computations on encrypted data, but is more restrictive for machine learning applications. Hewlett acknowledges its potential for data privacy, but highlights limitations compared to privacy-preserving feature vectors in the context of machine learning:

"For data privacy, we transform original data into privacy-preserving feature vectors, making it difficult to reverse-engineer the original data. We can't see the personal information; we just see that this data is related to a certain category, like health information."

Billy Hewlett's insights paint a picture of a future where AI plays an increasingly prominent and more positive role in security, stating, "I want to focus on a happier vision of AI, where it's working alongside us, making it a better place and making people happier and more productive."

While challenges and uncertainty remain, the potential for improved defense against sophisticated cyberattacks and enhanced data privacy is undeniable. The collaboration between humans and AI will be critical in navigating this ever-evolving landscape, ensuring a safer and more secure digital future.

Hear more of Hewlett’s thoughts around AI and Cybersecurity. Watch “From Phishing to Firewalls: Solving Security with AI | This Is How We Do It Ep 3


Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.