Computer networks and the services they provide have become indispensable tools these days. Consequently, they are also a popular target for attacks that are constantly increasing in complexity and sophistication. Although there are a variety of effective systems to counter such attacks, like firewalls or intrusion detection systems, the immense diversity and number of threats make it difficult for system administrators to keep pace with the alerts triggered and respond within adequate time limits.

This problem will intensify in the future. There are signs that attacks will become more and more automated, as, for instance, indicated by the 2016 DARPA Cyber Grand Challenge in which automation of attacks was a main focus and its basic feasibility was demonstrated. Another indication of a higher degree of automation is advanced malware like Emotet that crafts highly sophisticated phishing emails based on texts found in the Inbox of infected computers to target contacts of victims. Experts already foresee that more and more AI mechanisms will find their way into such malware. This leads us and others to the conclusion that we will soon face a situation in which malware and attacks will become more and more automated, intelligent, and AI-powered.

As a consequence, today’s threat response systems will become more and more inadequate, esp. where they rely on manual intervention of security experts and analysts. So, defenders need to consider whether automation and AI can also give a strategic advantage to them. Usage of AI mechanisms is already the case in some security mechanisms like anomaly-detecting IDSs or virus scanners. But one could imagine substantially higher degrees of AI-based automation in system defense. However, automated defense is a double edged sword as it could be misused by attackers to trigger counterproductive responses.

In this Dagstuhl Seminar, we will therefore assess the state of the art and potentials that AI advances create for both attackers and defenders because we believe it is crucial to consider both sides when discussing the relation between AI and security. In particular, we pursue the following objectives:

1. We will investigate various attack scenarios and attacker models of AI-based malware and attacks.
2. We will map the space of AI-based security countermeasures going beyond the usual anomaly-based intrusion detection systems, discussing also where else AI-based methods are or could be employed.
3. We want to foster a discussion on how to estimate and predict the impact of countermeasures and possible side effects?
4. Based on the outcome of objectives (1) – (3), we will develop the vision of AI-based self-defending networks, defining the requirements and outline their limits.

As the agenda is planned in a highly integrated way, we strongly encourage the participants to join the full five days of the seminars.

Creative Commons BY 4.0

Marc C. Dacier, Sven Dietrich, Frank Kargl, and Hartmut König