If you follow technology at all, it’s pretty hard to avoid the hearing about “AI” and “machine learning.” And it can be almost as difficult to understand what is actually being discussed when these words are used.
“The term ‘AI’ is thrown around so readily, and I think for many people, it conjures up the image of ‘artificial general intelligence,’ or some form of self-thinking software,” Andy Patel, Senior Researcher at F-Secure’s Artificial Intelligence Center of Excellence, told me.
“This, combined with massive hype and over-sensationalized or over-exaggerated headlines in the news, and claims from marketers, has caused a general lack of understanding of what machine learning really is right now, and what it is and isn’t capable of.”
To understand machine learning, get into the code
Andy attributes this common confusion about the use of data analysis for automated model building known as “machine learning” to a simple fact: most people get their information on the subject from the news.
Headlines and sound bites often exaggerate the findings of academic research, and few people have to time to do what Andy does for a living—that is, read through original research and apply it.
“I would submit that, until someone has actually worked with machine learning – written and run code, or played with examples, that they’re not going to properly grasp how different machine learning techniques work and what their limitations are.”
This means that people in the field have to spend a lot of time clearing up misconceptions, which has also become part of his current position, which like much of the hype around AI and machine learning didn’t exist a decade or even a few years ago. Learning how AI and machine learning actually work puts you ahead of the curve. And you don’t have to be full-time programmer to do it.
But that doesn’t mean that this breakthrough technology is brand new.
F-Secure has used machine learning for more than a decade
As Matti Aksela, F-Secure’s Vice President of Artificial Intelligence, noted, the first artificial neural networks emerged in the mid twentieth century. And F-Secure was already applying machine learning when Andy joined the Labs team in charge of the in-house malware detection engine, Hydra, in 2008.
“Engine Team collaborated closely with the Anti Malware Technologies Team that developed other client-side components, including DeepGuard, BlackLight, and Gemini – a machine-learning based malware detection engine used in conjunction with our client-side behavioral analysis logic.”
This was Andy’s first exposure of the connection between machine learning and the fight against malware.
“Throughout the years, many projects in Labs have been devoted to applying machine learning techniques to our domain, especially for tooling and backend systems,” he said. “All work done in Labs is demoed frequently, so we’ve all had plenty of exposure to the application of machine learning to cyber security over the years.”
The potential of the technology piqued his interest as a researcher and a programmer. So when the company launched its Artificial Intelligence Center of Excellence in 2017, Andy soon joined up.
What sort of machine learning innovations intrigue Andy?
“Right now, I’m really excited about the potential of applying techniques such as reinforcement learning, GANs, and federated learning to our problem domain.”
Translated for lay people, he’s excited about the application of machine learning methodologies that have shown promise in other fields — such as playing games, generating unique content, and learning in a distributed fashion — to cyber security.
How can AI and machine learning make us more or less safe?
He’s also part of F-Secure’s partnership with an international AI effort with a focus on aimed at confronting how machine learning systems will be attacked once they become more widespread.
“I’ve been working on a document about adversarial attacks against machine learning, and potential malicious uses of machine learning as part of the SHERPA project,” he said.
Andy describes SHERPA as “a group consisting of 11 members from six European countries – whose mission is to understand how the combination of artificial intelligence and big data analytics will impact ethics and human rights issues today, and in the future.”
The effort allows the experts in both applied science and applied ethics to collaborate now, before the potential of the technology matches the hype.
“Since we, at F-Secure, are more well versed on technical matters than on ethics, SHERPA gives us a chance to work with, and learn from experts in the ethics field,” he said. “Our technical research is being provided to partners in this project, who will, in turn, provide us with their ethical evaluations on the subject matter.
He hopes this work informs not just European Union, which is sponsoring it, but the general public. Because the applications of machine learning and artificial intelligence—especially as they affect security—will eventually affect all of us.
And the sooner everyone understands what that actually means, the better.