Hacking Life: with ML and AI - British Columbia · 2018-11-23 · • Amazon • Amazon Lex • Amazon Polly • Amazon Rekognition Image • Apache • Apache Singe • Microsoft

1 © 2018 KPMG LLP, a Canadian limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative

(“KPMG International”), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International.

1

Hacking Life: with ML and AI - Guy Rosario, KPMG Cyber

BC Security Day

November 7th 2018

2

Guy Rosario

Manager, KPMG

250 480 3608

[email protected]

Introducing

– Welcome

– What is it - TL;DR

– What’s the underlying problem

– Where do we go from here

– Wrap-up & questions

Agenda

© 2018 KPMG LLP, a Canadian limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International.

3

What is Personal data?

What is it?

TL;DR

A.I. is basically an umbrella term for it all

• The starting point is easy. Simply put, artificial intelligence

is a sub-field of computer science. Its goal is to enable the

development of computers that are able to do things

normally done by people -- in particular, things associated

with people acting intelligently. [source:Stanford]

• Stanford researcher John McCarthy coined the term in

1956

4


What is it?

TL;DR

Basically, any program can be considered AI if it does

something that we would normally think of as intelligent in

humans. How the program does it is not the issue, just that is

able to do it at all.

…That is, it is AI if it is smart, but it doesn’t

have to be smart like us…

5


What is it?

TL;DR

Cont’d

6


What is it?

TL;DR

So… Machine intelligence = A.I.

• Machine learning is also a blanket term

covering multiple technologies

• Neural networks are a type of machine

learning, and deep learning refers to one

particular kind

• Cognitive computing: It's complicated

7


Artificial

Intelligence

- The Good

Example Use Cases:

• Predicting ICU Transfers

• Medical Testing

• Fraud Mitigation

• Customer Retention

• Predictive Manufacturing Design

• Predictive Maintenance

8


Artificial

Intelligence

- The Good

Other applications of AI:

9


Artificial

Intelligence

- The Bad

It can be used to trick people…

• Fake News, Images, Video, Audio images

• …if you’re interested

• https://web.stanford.edu/~zollhoef/papers/SG2018_

DeepVideo/page.html

• https://arxiv.org/abs/1802.08195

https://web.stanford.edu/~zollhoef/papers/SG2018_DeepVideo/page.html




https://arxiv.org/abs/1802.08195



10


Machine

Learning What can ML do?

• The Good

11


Machine

Learning The Bad

• Used in Dark Web in

Hivenets and

Swarmbots

• Used in phishing

schemes

• Attacking cloud

service providers

themselves

• Oh… they usually

don’t like us… (>_>)

12


Getting the

“gist” of AI If you REALLY wanna learn about it, here's

some free training:

• Learn TensorFlow and Deep Learning, Without a Ph.D.

• ColumbiaX Artificial Intelligence

• ColumbiaX MicroMaster Certificate in Artificial

Intelligence

• Machine Learning for Musicians and Artists

• MIT 6.803 The Human Intelligence Enterprise

• MIT 6.S094: Deep Learning for Self-Driving Cars

• MIT Course 6.034 Artificial Intelligence

• NPTEL Artificial Intelligence

13


What’s the

underlying

problem?

There is no well-defined strategy

If you’re going to remember anything from my talk, it

should be this… more on this at the end of the talk.

What are the challenges AI and ML can solve, if we have a

strategy:

• Dealing with too much data

• Slow response time once we detect things

• Lack of visibility

14


Where do

we go from

here?

What should we all focus on moving forward:

• We need to use AI and ML to get visibility

• We need to understand the world of the

possible

• We need to address the skills shortage via

AI and ML

• We need to revisit strategy and process

15


Where do

we go from

here?

Instead of AI, we could use smart humans, by

training them:

• Instead of searching logs like this… • time ls somelog* | while read i

• Consider that you could split a 1GB log file super fast,

and then parse it parallel: • split -a 2 -d -l 2000000 some.log somelog-20180113.spl $ ls –

al somelog-20180113.spl?? | head -3

• And search it like this: • ls somelog* | xargs -P 64 -L 8 xzcat | grep

superbadwebsite.org | wc –c

16


Where do

we go from

here?

How does this relate to cyber security?

1. We’re running out of people…

2. No visibility into our environments, data,

systems, etc. – to understand how we could be

hurt

3. We’re not training our tools to how to be

suspicious to understand what is abnormal

behavior

17


Where do

we go from

here?

As many of you here know, I’ve gotten past some multi-

million dollar “AI-based” security systems without getting

caught…

• Just say’n…( ͡º ͜ʖ ͡º)

“What is more visible, is more measurable –

and thus, can be improved.”

• “But, how?..” you say?.. “It’s like finding a

needle in a haystack?”

18


Where do

we go from

here?

“I burn the friggin’ hay and use one

hell of a magnet to find the needles!”

• KPMG uses ML toolkits to solve problems around:

• Network Traffic

• Host Data

• Logs

• Intelligence

• … and good ‘ole fashion process…

• And we’re going to teach people and technology…

<insert shameless plug here.>

19


Where do

we go from

here?

“I burn the friggin’ hay and use one hell of a

magnet to find the needles!”

• Network Analysis is automated, and can be scripted

• We can do file extraction and analysis

• Detect entropy

• Logging can filtered and categorized, and heuristics

done on the fly

• We can “fake an attacker” to validate if your “stuff”

does what it said it does.

• We can provide you with the controls to help fix your

stuff using industry standard formats.

20


Where do

we go from

here?

“I burn the friggin’ hay and use one hell of a

magnet to find the needles!”

• Oh… and we can do it using, on-premise or in the cloud and

open source, commercial, or a mix of the two…

• KPMG Lighthouse

• Center of Excellence for Data & Analytics: This center

enables the delivery of analytic capabilities seamlessly

across geographies and member firms to bring the right

services and talent to clients. KPMG Lighthouse provides

an integrated data and analytics platform that leverages

expertise in software and data engineering, data science,

advanced visualization, artificial intelligence and robotics.

21


Where do

we go from

here?

“I burn the friggin’ hay and

use one hell of a magnet to

find the needles!”

• And boy do we have

processes:

• ITIL

• COBIT

• ISO

• Etc.

22


Where do

we go from

here?

The key takeaways:

1. Train people and technology to “think like

a bad guy”

2. Anticipate the good and bad of AI

3. Have a strategy

23

Got questions?

Guy Rosario, ITIL

Manager, KPMG

(250) 480 3608

[email protected]

@GuyRosario

Contact us about AI and Machine Learning

© 2018 KPMG LLP, a Canadian limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International.

mailto:[email protected]

Thank you

kpmg.ca

The information contained herein is of a general nature and is not intended to address the circumstances of any particular

individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such

information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on

such information without appropriate professional advice after a thorough examination of the particular situation.

© 2018 KPMG LLP, a Canadian limited liability partnership and a member firm of the KPMG network of independent member

firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. 18291

All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International.

http://kpmg.com/socialmedia

https://www.youtube.com/KPMGCanada

https://www.youtube.com/KPMGCanada

https://twitter.com/KPMG_Canada

https://twitter.com/KPMG_Canada

https://www.linkedin.com/company/kpmg-canada



https://plus.google.com/+KpmgCa





26


Learning

References

Branches of AI: • Common Sense Knowledge and Reasoning

• Epistemology

• Genetic Programming

• Heuristics

• Inference

• Learning from Experience

• Logical AI

• Ontology

• Pattern Recognition

• Planning

• Representation

• Search AI

AI can be used to do some “not-cool” things: • It can be used to trick people…

• Fake News

• Gov't Sponsored

• Private interests sponsored

• Half of Russian Twitter feeds were bots last year. - Oxford

Internet Institute.

Learning AI websites: • Association for the Advancement of Artificial Intelligence

• AWS SageMaker and DeepLens

• Azure Machine Learning

• Coursera

• Google Cloud Machine Learning Engine

• IBM Watson Website

• Kaggle (For testing your AI skillz)

• OpenAI

• Quora AI Feed

AI platforms to play with: • Azure Machine Learning Studio

• Deep Cognition

• Google Cloud Machine Learning Engine

• IBM Watson Studio

• Pega Platform

• TensorFlow

Conversational Intelligence Tools • Alexa for Business

• Drift

• Google Cloud Translation API

• Intercom

• TARS

• Zendesk Answer Bot

Deep Learning Platforms: • Amazon Lex

• Amazon Rekognition

• Dragon Speech Recognition Software

• Microfost Bing Speech API

• Microsoft Computer Vision API

• OpenCV

AI Tools, Libraries and Open Source: • Cognitive Network Toolkit (CNTK)

• Microsoft

• Runs on Linux and Microsoft

• Plays with Python!

• OpenAI Gym

• Deep Learning for Java

• Deeplearning4j

• Yahoo

• Deep Learning Framework

AI Tools, Libraries and Open Source: • CaffeOnSpark

• Voice, Image and Video recognition open sourced

• Caffe

• AI One

• DiffBlue

• InfoSys Nia

• Keras

• Nervana Neon

• OpenNN

• Protege



27


Learning

References

AI Tools, Libraries and Open Source: • PyBrain

• Samsun's Veles

• Scikit-Learn

• Swift AI

• Theano

• Torch

… but the big players, (imo) • Amazon

• Amazon Lex

• Amazon Polly

• Amazon Rekognition Image

• Apache

• Apache Singe

• Microsoft

• Azure Machine Learning

• IBM Watson

If you REALLY wanna learn about it, here's some free training: • ColumbiaX Artificial Intelligence

• ColumbiaX MicroMaster Certificate in Artificial Intelligence

• Creative Applications of Deep Learning with TensorFlow

• Fast.ai 2: Cutting-Edge Deep Learning for Coders

• Fast.ai Practical Deep Learning for Coders

• GTx Machine Learning

• Intel Nervana AI Academy

• Khan Academy: Algorithms

• Learn TensorFlow and Deep Learning, Without a Ph.D.

• Learning from Data

• Machine Learning for Musicians and Artists

• MIT 6.803 The Human Intelligence Enterprise

• MIT 6.S094: Deep Learning for Self-Driving Cars

• MIT Course 6.034 Artificial Intelligence

• NPTEL Artificial Intelligence

• OpenSAP Enterprise Deep Learning with TensorFlow

• QUT Big Data: Statistical Inference and Machine Learning

• Saylor.org CS405: Artificial Intelligence

• Titanic: Machine Learning from Disaster

• UC Berkeley CS 294 Deep Reinforcement Learning

• UC Berkeley CS188 Intro to AI

• UCL COMPM050/COMPGI13: Reinforcement Learning

Not free, but good: • Artificial Intelligence A-Z: Learn How to Build an AI

• Artificial Intelligence: Reinforcement Learning in Python

• CMU Statistical Machine Learning

• Coursera Deep Learning Specialization

• Coursera Machine Learning

• Coursera Neural Networks for Machine Learning

• Coursera Practical Machine Learning

• Georgia Tech CS 6601: Artificial Intelligence • Microsoft Professional Program in Data Science

• Stanford University CS221: Artificial Intelligence Principles and Techniques

• Udacity Artificial Intelligence Engineer Nanodegree Program

• Udacity Machine Learning Engineer Nanodegree Program

• University of Oxford Deep Learning for Natural Language Processing

Great books that cover AI and ML: • How to Create a Mind

• Machine Learning and Security

• The Future of the Mind

Some of it's open source: • Facebook

• Torch

• SystemML

• IBM

• h20.ai

• Driverless AI

• Sparkling Water

• H2O AI Platform

• Open Neural Network Library

• OpenNN

• Oryx 2

• OpenCyc

• NuPIC

• LF Deep Learning Foundation

• Acumos AI

• Apache

• Apache Spark

• Machine Learning Library

• MLlib

• Apache Mahout

• Apache PredictionIO



28


Learning

References

Machine Learning Software: • scikit-learn

• Machine-Learning in Python

• BigML

• Microsoft Bing Web Search API

• Microsoft Bing Image Search API

• Google Dialogflow Enterprise Edition

We don’t know what to do about it:

Online articles around AI, ML and the law: • Artificial Intelligence is Trade Policy's New Frontier

• An incredible amount of data flows over borders to power artificial intelligence — but

the rules have not been fully or publicly debated

• The Policy Deficit Behind Canadian Artificial Intelligence

• The longer Canada defers effective AI governance, the harder it will be to catch up

• Artificial Intelligence used for law

• Formal models of legal reasoning

• How the law views AI/ML

• There's laws for humans, what about something that thinks?

Documents

Hacking Life: with ML and AI - British Columbia · 2018-11-23 · • Amazon • Amazon Lex • Amazon Polly • Amazon Rekognition Image • Apache • Apache Singe • Microsoft