Leveraging Deep Learning to Keep Cyber Assets Safe
Deep learning could prove to be one of the most critical tools for those engaged in ongoing cyber warfare, said a group of experts at the 2017 CyberSat Summit. During a Nov. 8 panel discussing the new paradigm of military satcom, Jon Korecki, who develops ViaSat’s cybersecurity and information assurance strategy, said that deep learning holds “some of the most promise” in terms of its ability to catch malicious actors in cyberspace.
Korecki described deep learning as “a dynamic automated form of Artificial Intelligence (AI),” able to more quickly and efficiently monitor swaths of code as analysts continually inject new threat intelligence.
According to Korecki, the biggest problem in cybersecurity is its asymmetric nature. “We can spend billions of dollars plugging every hole, but we’re always going to leave one open and we’ll never know where it’s going to be. And the enemy only has to find one to get in,” he said. “We have to spend a higher magnitude of money to protect ourselves from their penetration.”
Essentially, he said, cyber warfare boils down to a matter of economics. Because it’s unfeasible to pay countless analysts to manually pinpoint anomalies, Korecki suggested turning to more automated forms of detection — i.e. deep machine learning — to alleviate the cost difference between defense and offense.
During the discussion, the panelists emphasized repeatedly that cost is central to the trajectory of cyber capabilities. While machine learning can be a powerful defensive tool, it can also be used as a means to malicious ends, and whoever develops such technology first has the upper hand. Consequently, Randy Blaisdell, owner/operator at RL Blaisdell Consulting said his concern is that the enemy can evolve at a faster pace due to the resources they may have at their disposal. “Most of us working on it from the good side are getting paid a reasonable amount of money,” he said. “One of the challenges we’re looking at [is] trying to figure out how we can invest in these technologies fast enough to either keep pace with or outpace the enemy. It relates very much back to this issue of being able to pay the talent pool to do it.”
As Korecki pointed out, one of the government’s biggest challenges is that it cannot always afford to keep the talent it needs. “The unfortunate truth is the government doesn’t pay as well as the commercial industry,” he said. This holds true for criminal cyber hackers as well, Blaisdell echoed, who can make exorbitant sums of money in places such as China and Russia.
So, how can government agencies keep pace when handicapped by limited resources? One solution the panelists suggested is changing the way they acquire systems from the private industry. ViaSat in particular is taking a new approach to how it works alongside the government, Korecki said, by leasing whole systems on an annual contract basis rather than disparately selling spectrum or hardware. A more integrated solution allows service providers “full visibility” across the entirety of the system, meaning they are able to more competently provide end-to-end cyber protection, Korecki said, “from the terminal in the plane to the connectivity in their network.”
Blaisdell pointed out that the culture of acquisition in the government is resistant to the idea of leveraging existing commercial assets. He agreed that owning systems outright isn’t necessary in all situations, particularly for the space business where hardware quickly becomes outdated. “In the space business, your focus needs to be on producing the capability for a warfighter or whoever your customer is. You may well be able to do that entire mission and never own a physical option other than the display you’re putting in front of somebody,” Blaisdell said. “What we’re recommending is to look at how they integrate the space systems they currently have or the ones they’re currently developing with commercial systems.”
To address some of these concerns, Rob Lynn, a telecommunications engineer at the Defense Information Systems Agency (DISA), said the government is undergoing a comprehensive Analysis of Alternatives (AOA) to update its acquisition models. “There’s a whole gamut of areas this AOA is looking at to try and come up with a picture of what’s going to be required for the next generation,” he said, including the space segment, related policies, the international cyber environment and geopolitical concerns.
The key factor distinguishing this AOA, Lynn added, is the inclusion of commercial expertise throughout the process. Although he was unable to provide an estimated timeline of when it will be released, he said once completed the AOA could serve military requirements for at least 10 years.