Generative AI Attacks Require Dynamic Defense

By: Mark Cummings, Ph.D., William Yeack, CSE

Knives and Bombs

Generative artificial intelligence (AI) is giving cybersecurity attackers a huge jump in capability. Today’s widely deployed defending technology is unable to stay ahead of it. It’s as though attackers are acquiring bombs, while defenders are still wielding knives. (See Illustration #1.) Without effective defenses, the defenders may not be able to protect themselves and a lot of innocent people on the periphery may be hurt. Effective defenses must be developed quickly. Today’s defenses can be characterized as “static.”  To be beneficial, these new systems must instead be dynamic and they cannot depend on Generative AI themselves. Western governments need to band together with innovators in commercial industries to support R&D focused on the rapid development of defensive systems, so it can respond effectively to attacks created by Generative AI systems.

Static vs. Dynamic

Today’s defenses are static. That is, they use predetermined (static) patterns to identify attacks and scripts to apply responses (often called remediation). Because of their static nature, these can be classified as S2 (Static attack ID/Static remediation) systems. They work well against classes of attacks that are employed repeatedly and change relatively slowly. 

Pattern recognition defenses can be thought of as a series of sieves. Of those, each sieve will only allow a very specific shape to pass through. Then, all the data in a system are poured through the sieve and if any come through, it is recognized as an attack. For each type of attack that has been found and analyzed, a sieve is created and data is poured through all the sieves one after the other. When a new type of attack appears, it is not immediately recognized. But when the damage becomes obvious, professionals analyze it and create a sieve.

click to enlarge
Scripted remediation, meanwhile, can be thought of as a series of recipes. When a type of attack has been identified, it is analyzed to determine how best to counteract it – stop any further damage and repair what has happened. This remediation generally involves a series of steps and often brings in new or corrected system components to replace damaged ones, reconfigures others, etc. A recipe is a good metaphor for this, because it also is generally a series of steps based on a series of ingredients.

As long as the ‘shapes’ of attacks don’t change too rapidly, these kinds of defenses can limit damage. But, if the ‘shapes’ change very rapidly, there are not the necessary sieves readily available to catch them in time. Because the type of damage changes


Latest Updates

Subscribe to our YouTube Channel