人工智能和區(qū)塊鏈塑造網(wǎng)絡(luò)安全的未來

尼克·哈斯特賴特爾

As we become increasingly dependent on technology in our daily lives we open ourselves up to an entirely new kind of threat， cyberattacks.

When we started thinking about cybersecurity and where its heading， one of the first issues brought up was the Internet of Things. Someone tampering with your computer while youre surfing the web is an inconvenience， but what about someone hacking into your car while youre driving down the highway？

So， in an effort to ease our fears and gain a better perspective we decided to ask a group of cybersecurity experts…

Whats the future of cybersecurity？

隨著我們在日常生活中愈加依賴科技，我們將面對一種全新的威脅：網(wǎng)絡(luò)攻擊。

我們開始思考網(wǎng)絡(luò)安全及其發(fā)展方向時，提出的第一個問題就是物聯(lián)網(wǎng)。在您上網(wǎng)時，有人竄改您的計算機會帶來不便，那您在路上行駛時，有人黑入您的汽車怎么辦？

因此，為了緩解我們的恐懼并獲得更好的認(rèn)知，我們決定咨詢一群網(wǎng)絡(luò)安全專家……

網(wǎng)絡(luò)安全的未來是什么樣的？

Ondrej Vlcek， CTO & GM of Consumer at Avast1

“In 10-15 years， we will be deep in a ‘war of the machines era with advances in artificial intelligence bringing fast and sophisticated execution of security defense and cybercrime. This will be a battle of AI vs AI.

“The availability of low cost computing and storage， off-the-shelf machine learning algorithms， AI code and open AI platforms will drive increased AI use by the good guys to defend and protect—but also increase deployment of AI by the bad guys. There will be sophisticated attacks launched on a grand scale， quickly and intelligently with little human intervention， that compromise our digital devices and web infrastructure.

“Cybercriminals will create fully autonomous， AI-based attacks that will operate completely independently， adapt， make decisions on their own and more. Security companies will counter this by developing and deploying AI-based defensive systems. Humans will simply supervise the process.”

翁德雷·弗爾切克，Avast首席技術(shù)官兼客戶總經(jīng)理

“10到15年內(nèi)，人工智能的進步會讓安全防御和網(wǎng)絡(luò)犯罪變得快速且復(fù)雜，我們將深陷‘機器戰(zhàn)時代。這將是一場人工智能對人工智能的戰(zhàn)斗。

“低成本計算及存儲、現(xiàn)成的機器學(xué)習(xí)算法、人工智能代碼和開放式人工智能平臺，將促使好人更多地使用人工智能來捍衛(wèi)安全，但也會讓壞人增加對人工智能的利用。幾乎無須人工干預(yù)，快速、智能且復(fù)雜的大規(guī)模攻擊將會危及我們的數(shù)碼設(shè)備和網(wǎng)絡(luò)基礎(chǔ)設(shè)施。

“網(wǎng)絡(luò)犯罪分子將基于人工智能制造完全自主的攻擊;這些攻擊將完全獨立運行、自行調(diào)節(jié)、自主決策等。安全公司將通過開發(fā)和部署基于人工智能的防御系統(tǒng)來應(yīng)對。人類僅需監(jiān)督該過程。”

Konstantinos Karagianni， CTO of BT

“Blockchains are moving from the realm of just fueling cryptocurrencies like Bitcoin to providing smart contracts， identity management， and multiple ways of proving integrity of data. They may also hold the key to defending against IoT attacks.

“Quantum computing will have possibly the biggest impact within 10 years. Most over-the-wire encrypted transmissions collected over the next decade will be readable， and even private keys will be reversible from public blockchains （for example， you can spend someone elses Bitcoin）. Post-quantum safe crypto will be a must.

“AI will be used to identify hacking flaws and patch them to stay ahead of malicious attackers.”

康斯坦丁諾斯·卡拉詹尼，英國電信集團首席技術(shù)官

“區(qū)塊鏈此前僅為比特幣等加密貨幣提供技術(shù)支撐，現(xiàn)正轉(zhuǎn)向其他領(lǐng)域，如提供智能合約、身份管理及多種證明數(shù)據(jù)完整性的方法。它們也可能是防御物聯(lián)網(wǎng)攻擊的關(guān)鍵。

“量子計算可能是10年內(nèi)最具影響力的技術(shù)。未來10年，大多數(shù)在線加密傳輸都是可讀的，甚至公共區(qū)塊鏈中的私鑰也是可逆的（譬如，您可以花別人的比特幣）。后量子安全加密將勢在必行。

“人工智能將用于主動識別并修補黑客漏洞，使惡意攻擊者無法得逞。”

Carl Herberger， VP of security at Radware2

“The top challenge for cybersecurity isnt preventing data breaches， stamping out ransomware， or preventing ever-more-massive DDoS attacks， it is securing our digital privacy. Digital threats have evolved quickly and can wreak havoc on our lives， endangering our personal privacy and the privacy of those around us.

“To tackle this important issue， we need the national government to take a stance on what our digital privacy is. Is it an immutable human right？ If so， there needs to be explicit legislation that goes beyond what is currently in place. It needs to protect each and every citizen and hold those who might put our privacy in jeopardy accountable for their actions. This will be the most important cybersecurity decision in the next year and it will shape the security landscape for years to come.”

卡爾·赫伯格，Radware安全副總裁

“網(wǎng)絡(luò)安全的最大挑戰(zhàn)不是防止數(shù)據(jù)泄露、杜絕勒索軟件或提防越來越大規(guī)模的分布式拒絕服務(wù)攻擊，而是要保護我們的數(shù)字隱私。數(shù)字威脅發(fā)展迅速，可能會嚴(yán)重破壞我們的生活，危及我們個人和周圍人的隱私。

“為了解決這一重要問題，我們需要國家政府對我們的數(shù)字隱私表明立場。這是永恒不變的人權(quán)嗎？如果是，則需要制定比目前還要明確的法律。它需要保護每個公民，并讓那些可能危害我們隱私的人對其行為負責(zé)。這將是明年最重要的網(wǎng)絡(luò)安全決策，將塑造未來幾年的安全格局。”

Michael Shinn， CEO of Atomicorp3

“IoT will overtake everything else in connected devices and not only will be the most hacked stuff， it will continue to be the hardest to protect. This will turn cybersecurity on its head because security on all IoT is terrible， and totally opaque to users. Its take it or leave it. You cant harden the devices after the fact. You cant even log into them. You just have to hope they are secure and your perimeter can stop all attacks.

“Building secure， hardened IoT devices from the start is ultimately the best solution. One new challenge will be that IoT devices will have encrypted connections （or they should?。? It will be effectively impossible for any network based device like a firewall to see inside that session. There are some SSL/TLS4 interception methods that can be used， but that requires the devices to trust the interception device. Harden your IoT now.”

邁克爾·希恩，Atomicorp首席執(zhí)行官

“物聯(lián)網(wǎng)將在連接設(shè)備方面超越其他網(wǎng)絡(luò)，它不僅會受到最多的黑客攻擊，還將一如既往地最難以保護。這將完全顛覆人們對網(wǎng)絡(luò)安全的看法，原因在于所有物聯(lián)網(wǎng)的安全性都很糟糕，而且對用戶完全不透明。對此，要么接受，要么放棄。發(fā)生事故后，您將無法加固設(shè)備安全。您甚至都無法登錄。您只能盼望它們是安全的，并且希望外圍設(shè)備能阻止所有攻擊。

“最佳終極解決方案是從一開始就構(gòu)建安全、堅固的物聯(lián)網(wǎng)設(shè)備。一項新的挑戰(zhàn)是物聯(lián)網(wǎng)設(shè)備將會加密連接（或者應(yīng)是如此?。?。事實上，任何像防火墻之類的聯(lián)網(wǎng)設(shè)備都將無法窺視會話內(nèi)容?？梢允褂冒踩捉幼謱訁f(xié)議攔截或傳輸層安全協(xié)議攔截的方式，但這要求聯(lián)網(wǎng)設(shè)備信任該攔截裝置。即刻強化您的物聯(lián)網(wǎng)?！?/p>

Eugene Pilyankevich， CTO at Cossack Labs5

“Many traditional concepts will be hopefully gone. Perimeter security， storage-only encryption， access control based on privilege records， authentication that relies on one strong factor， DMZ6—they will fade out or vanish completely.

“Many new techniques will arise through machine learning and weak AIs， especially in intrusion detection and making sense of large-scale monitoring and signal analysis. Many new techniques will arise from advancements in cryptography and collective effort to eliminate poor cryptography. Still， we will have snake-oil products and systems.

“Attackers will still be ahead of the game because security is asymmetric in effort and success criteria between attacker and defender.

“With proliferation of IoT and a bunch of computers in every device， the damage will get physical. Growing complexity of real-world processes， intertwined with complexity of security protocols protecting them， will lead to many new challenges in practical use cases for security tooling.”

尤金·皮利安凱維奇，Cossack Labs首席技術(shù)官

“許多傳統(tǒng)概念有望消失。外圍設(shè)備安全性、僅存儲加密、基于權(quán)限的訪問控制、依賴于單個強因素的驗證、隔離區(qū)——它們將消退或完全消失。

“通過機器學(xué)習(xí)和弱人工智能，許多新技術(shù)會出現(xiàn)，尤其是在入侵檢測以及掌握大規(guī)模監(jiān)測和信號分析方面。加密技術(shù)的進步以及消除不良加密的共同努力，將催生許多新技術(shù)。盡管如此，我們?nèi)詫⑹褂每浯笮麄鞯漠a(chǎn)品和系統(tǒng)。

“由于攻擊者和防御者在網(wǎng)絡(luò)安全上的努力和成功標(biāo)準(zhǔn)有所不同，攻擊者在角逐中仍將處于領(lǐng)先。

“由于物聯(lián)網(wǎng)普及且每套設(shè)備內(nèi)置大量計算機，破壞將十分嚴(yán)重?，F(xiàn)實世界中愈加復(fù)雜的程序，與保護它們的安全協(xié)議的復(fù)雜性交織在一起，將給安全工具的實際應(yīng)用帶來諸多新的挑戰(zhàn)。”

Betsy Cooper， Executive Director， Center for Long-Term Cybersecurity， at UC Berkeley

“In 10-15 years， cybersecurity might be about preventing ‘real identity theft. In 2017， we call theft of social security numbers and passwords ‘identity theft. But what if criminals could steal not just these， but also our fingerprints， our brain waves， and even our genetics？ This could happen， as passwords get easier to crack.

“First， well shift to using biometrics like fingerprints and iris scans to authenticate ourselves online. But once hacked， we cant change these things， so well have to abandon them.

“We might switch to new methods of authentication， through brain wave sensors or genetics. But these can be hacked too. And the more information we provide， the closer criminals will get to capture our essential selves.”

貝齊·庫珀，加州大學(xué)伯克利分校長期網(wǎng)絡(luò)安全中心執(zhí)行主任

“在10到15年內(nèi)，網(wǎng)絡(luò)安全可能會圍繞關(guān)于防止盜竊‘真實身份開展。2017年，我們將盜竊社會安全號碼和密碼稱為‘身份盜竊。但是，如果罪犯不僅可以竊取這些，還可以竊取我們的指紋、腦電波，甚至基因的話，怎么辦？這種情況可能發(fā)生，因為密碼變得更容易被破解。

“首先，我們將轉(zhuǎn)而使用指紋和虹膜掃描等生物識別技術(shù)，進行在線身份驗證。然而一旦遭到黑客入侵，我們將無法更改這些內(nèi)容，就不得不放棄它們。

“通過腦電波傳感器或基因?qū)W，我們可能改用新的身份驗證方法。但是這些也可能會被黑客入侵。而且，我們提供的信息越多，犯罪分子就越能掌握我們自身的關(guān)鍵信息?！?/p>