In the past two years, the rapid development of large models in various industries , and the various aspects of artificial intelligence technology, industry, and application have ushered in a period of rapid iteration and exploration breakthroughs. At the recently held 2024 12th Xihu Lunjian - Digital Security Conference, people from all walks of life discussed and exchanged views on how to apply artificial intelligence technology to empower digital network security. Participants believe that network security has entered the stage of artificial intelligence, “AI + security” is the direction of the future development of the network security industry, at the same time, the dual character effect of AI technology as well as the industry's development environment needs to be cracked by many parties to improve.

Net security into the stage of artificial intelligence

With the rapid development of artificial intelligence technology, the contradiction between the complexity of data security and the limitations of traditional network security governance is becoming increasingly prominent, digital security is facing unprecedented challenges, and the AI-enabled security operations are seen as a key part of the development of new quality productivity.

Wang Yukai, former deputy director of the e-government expert committee of the National School of Administration and academic member of the National Alliance for Digital Economy, proposed that the digital economy plays a global and strategic significance in the structure of the development of new quality productivity, and that the digital economy has the potential to become one of the most critical areas of new quality productivity.

Wu Shizhong, academician of the Chinese Academy of Sciences, said that in the past 30 years, network security can be roughly divided into three stages, the first 20 years or so is the IT-driven stage, an era of the Internet of everything; the next 10 years is the DT, that is, the data-driven stage, characterized by big data, cloud computing, and the pursuit of data flow; now has entered the AI-driven era, and the giant wave of artificial intelligence has greatly changed the connotation and extension of the security issue.

Cao Yue, director of the Financial Security Division of the National Information Technology Security Research Center, believes that future attacks, that is, intelligent attacks, will strengthen the frequency of attacks, the expansion of AI will enhance the dimensions of the confrontation between attack and defense, and AI will also upgrade the intensity of the network attack and defense confrontation.

DAS Security, which has participated in the network security of many major projects, divides the network security of major activities since 2008 into four development stages: single-armed war, comprehensive war, three-dimensional war and AI war. The war of single soldier is roughly during 2008-2015, in the early network security protection, with single network security product and security service matching, it can provide basic protection for the network and information system of major activities; the comprehensive war is roughly during 2016-2020, at this time, the cyber environment of the race meeting has become complicated, and it is necessary to take advantage of the powerful network security situational awareness and other platform products, combining with the multi-region, Online and offline security services to ensure the safety of large-scale competitions; three-dimensional war roughly between 2021-2023, with the increase in the risk of the network environment of major events, the need to formulate targeted strategies based on different network security threats, respectively, the deployment of appropriate security products and services in the defense, monitoring, response, prediction, etc., in order to ensure that the major events are held smoothly; from September 2023 So far, the network security work of major events has entered the AI war stage.

Fan Yuan, chairman of DAS Security, told the reporter of Economic Reference News that AI has begun to play a diversified and vital role in the network security work at the present stage, which will not only change the way and posture of the network security war, but also have a far-reaching impact on the victory or defeat. At this stage, the first is the high degree of digitization of cyber security scenarios. Digital technologies such as Artificial Intelligence, Digital Twins, and Internet of Things are widely used, and traditional security means cannot effectively respond to them; secondly, there is the automation of attacks and the automation of defenses.AI can be used to automate cyberattacks, which makes the attacks more stealthy, fast, and difficult to defend against. Based on machine learning and big data analysis technology, the security pendant big model can automatically learn network attack behavior patterns, and quickly respond and cope with a variety of new types of network threats, so AI to AI, AI management AI has become a necessary option.

Breakthroughs in related exploratory applications

In the use of AI to help network defense, both domestic and foreign have conducted a lot of exploration, and have achieved results.

Microsoft launched a network security assistant to provide users with generative, automated network security AI services. After a year of operation last year, it can compress security incident response, assessment and defense time from hours to days in the past to a few minutes.

AI empowerment has greatly improved the domestic network security defense capability and disposal efficiency. The “Constant Brain - Security Pendant Domain Model” released by DAS Security in August last year realized the first application of domestic AI security pendant domain model in international large-scale events. During Hangzhou Asian Games, based on this model and the auxiliary support of MSS security operation platform, the complicated and repetitive work in the process of security operation was effectively solved.

It is understood that DAS Security has taken the application of AI technology as a first-level strategy. Fan Yuan introduced that in the past 8 months, DAS Security has made a lot of attempts and practical exploration in the application of AI to digital security, and the company's digital security products and services are undergoing radical changes. Taking data classification and grading + AI as an example, the application of AI technology has improved the efficiency of data classification and grading by 30 times. “This is not only a simple efficiency improvement, but also a profound industry change, which makes us see the great potential and broad prospect of AI in the field of digital security.”

In April this year, DAS Security just released eight AI products such as data classification and grading solution, AI firewall, and Sky Dome AI security operation platform. During this conference, DAS Security joins hands with Huawei to release Shengteng Brain Reasoning All-in-One Machine, utilizing the Rise AI cluster to provide a base for Heng Brain, and accelerating the innovation and landing of large models in the whole process.

Hailiang Group actively explores the construction idea of “AI+Security”. Sun Wen, Director of Digital Innovation Department of Hailiang Group, introduced that using AI instead of manual labor makes the analysis of security alarms more intelligent and the efficiency is greatly improved. Hailiang Group found that in the process of combining AI and data security, the performance of AI exceeded expectations, and the automated combing of more than 4,000 fields in the pilot scenarios could reach more than 90%, and the recognition accuracy rate increased from 50% to 85.8%.

What is the prospect of AI applied to cybersecurity?

Wang Jian, partner of Ernst & Young ( EY China) Enterprise Consulting Co., Ltd. said that threat monitoring and corresponding work, malware detection, behavioral analysis of users, authentication access control, phishing monitoring, automated intelligence threat, fraud detection, and data leakage protection are all potential areas of application of large models.

Wang Xin, Deputy Secretary General of Hangzhou Artificial Intelligence Society and President of DAS Security Research Institute, believes that the real ability of AI for security is now only played by less than 5%. Over the past year, the exploration between AI and security is from the original intelligent question and answer development to assisted driving, in the near future will enter the semi-autonomous driving, the future will enter the fully automatic driving.

Promote the deep development of “AI + security”.

At the conference, the industry consensus is that “AI + security” must be the direction of the future development of the network security industry. At the same time, professionals have paid extensive attention to the double-edged sword effect of AI technology and the industry's development environment, and put forward a lot of positive suggestions for the development of “AI+Security”.

Hu Ruimin, Chairman of the Cyberspace Security Committee of the New Engineering Alliance of the Ministry of Education, Vice Chairman of Hangzhou Artificial Intelligence Association, and Foreign Academician of the Russian National Academy of Engineering, believes that in the short and medium term, there are still many shortcomings in the big model technology, and it is inevitable that it needs to be collaborated by man and machine to play a real role. In the long term, it is necessary to cautiously promote the autonomy of machines under the premise of making security preparations.

A number of experts suggested that in the face of the complex and volatile international situation and growing cybersecurity threats, there is an urgent need to strengthen the security protection of critical information infrastructure.

"Existing vulnerabilities are patched up and new ones will be found. Existing technologies appear relatively balanced and stable in attack and defense, and new technological innovations will shift the battlefield to new areas." Zhao Houlin, former secretary general of the International Telecommunication Union, said, “The attack and defense and mutual fighting in the field of security will exist for a long time.”

In this regard, Wu Jiangxing, academician of the Chinese Academy of Engineering, believes that whether it is digital industrialization or industrial digitization, the first priority is network security. However, the network security defense has been presented like “playing the mole” game, that is, according to the gourd floating up a ladybird, emerging from a mole to hit. He pointed out that to address the limitations of traditional cybersecurity governance, it is necessary to start from the source technology of the digital industry and the design security of digital products. Promoting the transformation of the underlying driving paradigm of the digital ecosystem and empowering endogenous security is the only way to build a firm security barrier for the network and data space.

From the discussion of the experts, the reporter found that the “AI + security” industry not only to meet the market requirements for network security technology and products safe, reliable, simple and easy to implement, but also in the user is willing to afford the cost and the cost of research and development of enterprises to find the best balance between the surge in costs, so the challenge is not small.

Wu Jiangxing said in response to the shortage of network security personnel, according to the Central Office of Internet Information Office forecast, by 2027, China needs 2.35 million network security personnel, but currently more than 100 network security-related colleges across the country less than 30,000 graduates each year. There is a huge “scissor gap” between the number of cybersecurity talents and the number of people who create vulnerabilities or do not intend to create vulnerabilities.

In the international area, Wu Shizhong said that the security governance of AI has become a coordinated issue in the game of big powers. more than 70 countries have issued nearly 100 strategic countermeasures and legal documents on security governance in five years.

Zhao Houlin said that digital security is a global concern, and global collaboration should be strengthened to encourage and enhance international cooperation.

Source: Economic Reference Daily