期刊首页 优先出版 当期阅读 过刊浏览 作者中心 关于期刊 English

《中国工程科学》 >> 2021年 第23卷 第3期 doi: 10.15302/J-SSCAE-2021.03.002

人工智能赋能网络攻击的安全威胁及应对策略

1. 北京邮电大学网络空间安全学院,北京 100876;

2. 中国网络空间研究院,北京 100010;

3. 北京丁牛科技有限公司,北京 100081
 

资助项目 :中国工程院咨询项目“新一代人工智能安全与自主可控发展战略研究” (2019-ZD-01) 收稿日期: 2021-02-28 修回日期: 2021-04-29 发布日期: 2021-06-01

下一篇 上一篇

摘要

人工智能(AI)在为社会进步带来显著推动效应的同时,也在促进网络空间安全领域的重大变革,研究AI 和网络空间安全结合带来的安全问题具有迫切意义。本文采用自顶向下的分析方法,从加剧现实安全威胁、催生新型安全威胁两个角度分析了AI 和网络空间安全结合带来的政治安全、经济安全、社会安全、国防安全等重大问题,提炼了自主化规模化的拒绝服务攻击、智能化高仿真的社会工程学攻击、智能化精准化的恶意代码攻击等新型威胁场景,总结了环境自适应隐蔽攻击、分布式自主协作攻击、自我演化攻击等未来发展趋势。为有效应对AI 赋能网络攻击的安全威胁,建议从防范安全威胁、构建对等能力角度加强智能化网络攻防体系建设和能力升级;加强AI 安全数据资产的共享利用,采取以数据为中心的AI 网络攻防技术发展路径;加强对抗评估和测试验证,促进AI 网络攻防技术尽快具备实用性。

参考文献

[ 1 ] 方滨兴. 人工智能安全 [M]. 北京: 电子工业出版社, 2020. Fang B X. Artificial intelligence safety and security [M]. Beijing: Publishing House of Electronics Industry, 2020.

[ 2 ] Gu Z Q, Hu W X, Zhang C J, et al. Gradient shielding: Towards understanding vulnerability of deep neural networks [J]. IEEE Transactions on Network Science and Engineering, DOI: 10.1109/ TNSE.2020.2996738. 链接1

[ 3 ] Jia Y, Gu Z Q, Li A P, et al. MDATA: A new knowledge representation model – Theory, methods and applications [M]. Cham: Springer International Publishing, 2021.

[ 4 ] Loganzhu. 还原Facebook史上最大数据外泄事件始末 [EB/OL]. (2018-03-21)[2021-02-26]. https://stock.qq.com/a/20180321/004747. htm. Loganzhu. Restore the story of the biggest data breach in Facebook’s history [EB/OL]. (2018-03-21)[2021-02-26]. https://stock. qq.com/a/20180321/004747.htm. 链接1

[ 5 ] Brundage M, Avin S, Clark J, et al. The malicious use of artificial intelligence: Forecasting, prevention, and mitigation [EB/OL]. (2018-05-05)[2021-02-26]. https://maliciousaireport.com/. 链接1

[ 6 ] World Economic Forum. The global risks report 2018 [EB/OL]. (2018-01-17)[2021-02-26]. https://cn.weforum.org/reports/theglobal-risks-report-2018. 链接1

[ 7 ] Fortinet. Fortiguard labs 2018 threat landscape predictions [EB/ OL]. (2017-11-14)[2021-02-26]. https://www.fortinet.com/blog/ business-and-technology/fortinet-fortiguard-2018-threat-landscape-predictions.html. 链接1

[ 8 ] Seymour J, Tully P. Weaponizingdata science for social engineering: Automated E2E spear phishing on Twitter [EB/OL]. (2016-05- 05)[ 2021-02-26]. https://www.blackhat.com/docs/us-16/materials/ us-16-Seymour-Tully-Weaponizing-Data-Science-For-Social-Engineering-Automated-E2E-Spear-Phishing-On-Twitter-wp.pdf. 链接1

[ 9 ] Kirat D, Jang J Y, Stoecklin M. DeepLocker-concealing targeted attacks with 人工智能 locksmithing [C]. Las Vegas: Proceedings of Black Hat, 2018.

[10] Antisnatchor. Practical phishing automation with phishlulz [C]. Wellington: Proceedings of the Kiwicon X, 2016.

[11] Orru M, Muraena T G. The unexpected phish [C]. Amsterdam: Proceedings of the Hack in the Box Security Conference, 2019.

[12] Anderson H S, Kharkar A, Filar B, et al. Learning to evade static PE machine learning malware models via reinforcement learning [EB/ OL]. (2018-01-20)[2021-02-26]. https://arxiv.org/abs/1801.08917. 链接1

相关研究