Research on artificial intelligence (AI) has yielded rapid innovations in many areas of science and industry. However, this potential also harbors the risk of misuse: Couldn’t hackers also use AI to more effectively attack computers? The research project “MALFOY – Machine Learning for Offensive Computer Security” by Prof. Dr. Konrad Rieck is examining this issue. Rieck’s team of researchers will assume both the role of hacker and defender to examine how intelligent attacks can be developed and prevented.
The project, for which Rieck was awarded an ERC Consolidator Grant, is based on a new paradigm for combining learning algorithms with security systems. In this paradigm, the learning process takes place in a feedback loop with technologies from offensive security, such as tools which search for weak spots and penetration testing. The learning algorithm operates through an exchange with the technologies and can thus both make suggestions as well as receive feedback.
As the counterpart to these new attacks, corresponding defense mechanisms will also be designed and developed. The findings will be used to develop new tools for protecting IT systems, allowing unknown vulnerabilities and security problems to be automatically identified and thus counteract learning attacks. Despite is offensive character, MALFOY can contribute to strengthening the security of IT systems and defending against future threats posed by AI.
Prof. Dr. Konrad Rieck previously worked at the Institute of System Security at TU Braunschweig. On 1 January 2023, he is taking up a position at TU Berlin, where he will serve as head of the Chair of Machine Learning and Security within the Berlin Institute for the Foundation of Learning and Data (BIFOLD) and continue his MALFOY project. “I have chosen to conduct my research at TU Berlin because BIFOLD offers a unique research environment that is gradually combining all key areas of AI,” says Rieck.