Whether in the newly launched European Cloud project Gaia-X, the latest smartphone or IT security, nothing can be done without artificial intelligence (AI). In the meantime, it is no longer a simple matter to separate useful applications from marketing slogans, as an expert explains in detail in this it-sa interview. Attempts to use AI in desktops or laptops often fail due to the lack of suitable resources on these devices. In the Cloud this is a different matter, as a lot of security products are used in the background. Samples uploaded to the Cloud can be compared with existing malware analyses of other customers or investigated using AI methods. Since all major Cloud providers like Google, Amazon or Microsoft have meanwhile integrated AI algorithms into their service packages, even start-ups or smaller companies can incorporate corresponding technologies into their products. The initial results are already on the market, but whether they can live up to their promises remains to be seen. Because the other side never sleeps: Cyber-criminals are also accessing Cloud services with AI algorithms and analysing standard software there to discover security gaps and develop exploits for them. However, in many cases this effort is not even necessary, as a lot of AI-based malware scanners can be very easily outsmarted by wrapping the malware in a loader then encrypting the package and giving it a new header.
However, the Cloud doesn’t just offer companies new opportunities. It also exposes them to new risks, for example if data wanders into Dropbox or BYO mobile devices automatically set up connections or send data. Cloud Access Security Brokers (CASB) are intended to provide a remedy for these problems. This software is usually installed at the interface between company network and internet, where it monitors access to Cloud services and ensures that customisable security guidelines are being observed. In addition, the software identifies any conspicuous or unusual Cloud activities on the part of employees. Naturally, AI is often used in this context. Frequently, it is only through CASB that companies discover which Cloud services they are actually using at all.
An interesting new technology going under the designations ‘bot mitigation’ and ‘fraud detection’ is dedicated to resolving another Cloud problem. Its objective is to identify and block unwanted or malicious bot traffic before it reaches a company’s web applications. This technology is focusing on the kinds of bots that target web applications fully automatically and try out login data, for example. But it also includes measures against web scraping bots that search through the websites of competing companies, for example, to detect and extract prices and product data. This security software does not so much analyse what is entered into a web front-end but rather how the inputs are made, to then be able to identify automated queries.
Munich-based start-up IDEE is also working on the access interface, in particular the authentication process. The young company’s approach is the generation and management of digital identities to make passwords superfluous in login processes. IDEE’s concept is based on the smartphone that can create a unique user profile using the integrated sensors and recognise individuals again. One of the company’s founders explains how it works: “If a user has already registered with a service e.g. in an app, and would now like to register with a second app or service, they can simply transfer their identity from the first service. We check in the background whether the data are authentic and ensure that they have already been verified before.” The concept won IDEE this year’s it-sa start-up prize, the UP19@it-sa Award.
You will also find news about all aspects of it-sa and the world of IT security in the it-sa Security Newsletter.