In the past two years, the rapid development of large models in various industries has mushroomed, and the various aspects of artificial intelligence technology, industry, and application have ushered in a period of rapid iteration and exploration breakthroughs. At the recently held 2024 12th West Lake Sword - Digital Security Conference, people from all walks of life discussed and exchanged views on how to apply artificial intelligence technology to empower digital network security. Participants believe that network security has entered the artificial intelligence stage, "AI + security" is the direction of the future development of the network security industry, at the same time, the double-edged sword effect of AI technology, as well as the industry's development environment needs to be cracked by many parties to improve.

I.Net security into the artificial intelligence stage

With the rapid development of artificial intelligence technology, the contradiction between the complexity of data security and the limitations of traditional network security governance is becoming increasingly prominent, digital security is facing unprecedented challenges, through AI-enabled security operations is seen as a key part of the development of new quality productivity.

Wang Yukai, former deputy director of the e-government expert committee of the National School of Administration and academic member of the National Alliance for Digital Economy, proposed that the digital economy plays a global and strategic significance in the structure of the development of new quality productivity, and that the digital economy has the potential to become one of the most critical areas of new quality productivity.

Wu Shizhong, academician of the Chinese Academy of Sciences, said that in the past 30 years, network security can be roughly divided into three phases, the first 20 years or so is the IT-driven phase, an era of the Internet of everything; the next 10 years is the DT, i.e., the data-driven phase, characterised by big data, cloud computing, and the pursuit of data flow; and now has entered the AI-driven era, and the giant wave of artificial intelligence has greatly changed the connotation and extension of the security issue.

Cao Yue, director of the Financial Security Division of the National Information Technology Security Research Centre, believes that future attacks, that is, intelligent attacks, will strengthen the frequency of attacks, the expansion of AI will enhance the dimensions of offensive and defensive confrontation, and AI will also upgrade the intensity of the network offensive and defensive confrontation.

ACE Information, which has participated in the network security of many major projects, divides the network security of major activities since 2008 into four development stages: single-armed war, comprehensive war, three-dimensional war and AI war. The war of single soldier is roughly during 2008-2015, in the early network security protection, with single network security product and security service matching, it can provide basic protection for the network and information system of the major activities; the comprehensive war is roughly during 2016-2020, at this time, the network environment of the race meeting becomes complex, and it is necessary to take advantage of the powerful network security situational awareness and other platform products, combining with the multi-region, Online and offline security services to ensure the safety of large-scale competitions; three-dimensional war roughly between 2021-2023, with the increase in the risk of the network environment of major events, the need to formulate targeted strategies based on different network security threats, respectively, in the defence, monitoring, response, prediction and other aspects of the deployment of the corresponding security products and services, in order to ensure that the smooth holding of major events; from September 2023 So far, the network security work of major events has entered the stage of AI war.

Fan Yuan, chairman of DAS Security, told the reporter of Economic Reference News that AI has begun to play a diversified and vital role in the network security work at the present stage, which will not only change the way and posture of the network security war, but also have a far-reaching impact on the victory or defeat. At this stage, the first is the high degree of digitisation of cyber security scenarios. Digital technologies such as Artificial Intelligence, Digital Twins, and Internet of Things are widely used, and traditional means of security and safety cannot be effectively responded to; secondly, there is the automation of attacks and the automation of defences.AI can be used to automate cyber-attacks, which makes the attacks more stealthy, fast, and difficult to defend against. Based on machine learning and big data analysis technology, the security pendant big model can automatically learn network attack behaviour patterns, and quickly respond and cope with a variety of new types of network threats, so AI to AI, AI to AI management AI has become a must option.

II.Breakthroughs in related exploratory applications

In the use of AI to help network defence, both at home and abroad have carried out a lot of exploration, and have achieved results.

The network security assistant launched by Microsoft in the United States provides users with generative and automated network security AI services. After a year of operation last year, it can compress security incident response, assessment and defence time from hours to days in the past to minutes.

AI empowerment has greatly improved the domestic network security defence capability and disposal efficiency. The "Constant Brain-Security Pendant Domain Model" released by DAS Security in August last year realised the first application of domestic AI security pendant domain model in international large-scale events. During Hangzhou Asian Games, based on this model and the auxiliary support of MSS security operation platform, the complicated and repetitive work in the process of security operation was effectively solved.

It is understood that DAS Security has taken the application of AI technology as a first-level strategy. Fan Yuan introduced that in the past 8 months, DAS Security has made a lot of attempts and practical exploration in the application of AI to digital security, and the company's digital security products and services are undergoing radical changes. Taking data classification and grading + AI as an example, the application of AI technology has improved the efficiency of data classification and grading by 30 times. "This is not only a simple efficiency improvement, but also a profound industry change, which makes us see the great potential and broad prospect of AI in the field of digital security."

In April this year, DAS Security just released eight AI products such as data classification and grading solution, AI firewall, and Tianqiong AI security operation platform. During this conference, DAS Security joins hands with Huawei to release the Rise-Heng brain inference all-in-one machine, using the Rise AI cluster to provide a base for the Heng brain, and accelerating the innovation and landing of the big model in the whole process.

Hailiang Group actively explores the construction idea of "AI+Security". Sun Wen, Director of the Digital Innovation Department of the Group, introduced that using AI to replace manual work makes the analysis of security alarms more intelligent and the efficiency is greatly improved. Hailiang Group found that in the process of combining AI and data security, the performance of AI exceeded expectations, and the automated combing of more than 4,000 fields in the pilot scenario could reach more than 90%, and the recognition accuracy rate increased from 50% to 85.8%.

III.What is the prospect of AI applied to cybersecurity?

Wang Jian, partner of Ernst & Young (China) Enterprise Consulting Co., Ltd. said that threat monitoring and corresponding work, malware detection, user behaviour analysis, authentication access control, phishing monitoring, automated intelligence threat, fraud detection, and data leakage protection are all potential areas for the application of large models.

Wang Xin, Deputy Secretary General of Hangzhou Artificial Intelligence Society and President of DAS Security Research Institute, believes that the real ability of AI for security is now only played by less than 5%. Over the past year, the exploration between AI and security is from the original intelligent question and answer development to assisted driving, in the near future will enter the semi-autonomous driving, the future will enter the fully automatic driving.

IV.Promote the deep development of "AI + security".

At the conference, the industry consensus is that "AI + security" must be the direction of the future development of the network security industry. At the same time, professionals have paid extensive attention to the double-edged sword effect of AI technology and the industry's development environment, and put forward a lot of positive suggestions for the development of "AI+Security".

Hu Ruimin, Chairman of the Cyberspace Security Working Committee of the New Engineering Alliance of the Ministry of Education, Vice Chairman of Hangzhou Artificial Intelligence Association, and Foreign Academician of the Russian National Academy of Engineering, believes that, in the short and medium term, there are still a lot of deficiencies in the big model technology, and it is inevitable that it needs to be coordinated by man and machine in order to play a real role. In the long term, it is necessary to cautiously promote the autonomy of machines under the premise of making security preparations.

A number of experts suggested that in the face of the complex and volatile international situation and growing cybersecurity threats, there is an urgent need to strengthen the security protection of critical information infrastructure.

"Existing vulnerabilities are patched up and new ones will be found. Existing technologies appear relatively balanced and stable in attack and defence, and new technological innovations will shift the battlefield to new areas." Zhao Houlin, former secretary-general of the International Telecommunication Union, said, "Attack and defence, mutual fighting in the security field will exist for a long time."

In this regard, Wu Jiangxing, an academician of the Chinese Academy of Engineering, believes that whether it is digital industrialisation or industrial digitisation, the first priority is network security. However, the network security defence has been presented as a "Whack a Mole" game, that is, press the gourd to float up the ladybird, popping up a mole to hit. He pointed out that to address the limitations of traditional cybersecurity governance, it is necessary to start from the source technology of the digital industry and the design security of digital products. Promoting the transformation of the underlying driving paradigm of the digital ecosystem and empowering endogenous security is the only way to build a firm security barrier for the network and data space.

From the discussion of the experts, the reporter found that the "AI + security" industry not only to meet the market requirements for network security technology and products safe, reliable, simple and easy to implement, but also in the user is willing to afford the cost and the cost of enterprise research and development to find the optimal balance between the surge in costs, so the challenge is not small.

Wu Jiangxing said in response to the shortage of network security talent, according to the Central Office of Internet Information Office forecast, by 2027, China needs 2.35 million network security personnel, but currently more than 100 network security-related colleges across the country less than 30,000 graduates each year. There is a huge "scissor gap" between the number of cybersecurity talents and the number of people who create vulnerabilities or do not intend to create vulnerabilities.

In the international arena, Wu Shizhong said that the security governance of AI has become a coordinated issue in the game of great powers. more than 70 countries have issued nearly 100 strategic countermeasures and legal documents on security governance within five years.

Zhao Houlin said digital security is a global concern, and global collaboration should be strengthened to encourage and enhance international cooperation.

Source: Economic Reference Daily