Rendered at 16:38:18 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
juancn 22 hours ago [-]
I wonder if at some point someone will build a SciFi style countermeasure agent.
Essentially, when intrusion detection triggers, an offensive AI is unleashed against the attacker, trying in turn to hack it back.
It would be fun and interesting (in the ancient Chinese curse sense).
maxbond 20 hours ago [-]
Every defensive primitive you deploy is a potential offensive primitive for an attacker. Like the perennial denial of service issues in fail2ban type tools. You want to ban bots scanning your service, but that becomes a way for attackers to ban you from your service.
An AI which can respond offensively to a perceived attack will be abused by adversaries to reflect attacks onto their target. They will find a way to spoof attacks as seeming to come from their target and you will attack an innocent target.
juancn 4 hours ago [-]
But it could be a third party with no access other than the intrusion signal.
You run the intrusion detection, and then your hired goons start attacking the attacker.
notgenerated 6 hours ago [-]
Cyber security is always a cat and mouse game. Always was and always will, just with AI now as another tool in the arsenal of defenders and attackers. I think that we might see a shift though where the winner will be the one with most compute advantage
helloplanets 21 hours ago [-]
That sort of countermeasure system could be done without AI as well. The problem is that it's illegal. No Castle Doctrine in cybersecurity afaik.
Interesting variation on that could be AI that builds out some sort of on the fly honeypot after identifying the attacker. Basically creating the "attack" within their own premises.
juancn 4 hours ago [-]
The illegal part could be fixed, there's "stand your ground" for humans, I would guess for software would be less controversial.
dwoosley 14 hours ago [-]
Calling vulnerabilities detected in code as part of a responsible disclosure program a "zero-day vulnerability" seems like marketing fluff. 0-days vulnerabilities would seem to imply this vulnerability is actively exploited in the wild, and if that's true, you weren't the first one to discover it...
notgenerated 6 hours ago [-]
The common definition of zero day vulnerability is:
A zero-day vulnerability is a software security flaw that is unknown to the vendor or developers responsible for fixing it. Because they have had "zero days" to address it, no patch or fix exists at the time the flaw becomes known to attackers.
Essentially, when intrusion detection triggers, an offensive AI is unleashed against the attacker, trying in turn to hack it back.
It would be fun and interesting (in the ancient Chinese curse sense).
An AI which can respond offensively to a perceived attack will be abused by adversaries to reflect attacks onto their target. They will find a way to spoof attacks as seeming to come from their target and you will attack an innocent target.
You run the intrusion detection, and then your hired goons start attacking the attacker.
Interesting variation on that could be AI that builds out some sort of on the fly honeypot after identifying the attacker. Basically creating the "attack" within their own premises.