This is a guest post from an F-Secure fellow.
Hi, my name is Matti Aksela and I’m the head of the Artificial Intelligence Centre of Excellence at F-Secure. I recently joined the team to be a part of making something really exciting happen in the Cyber Security space through the use of Artificial Intelligence. When asked to write something, I wanted to take the opportunity to quickly introduce myself and start to tell you why I’m excited by what we are doing here at F-Secure.
My background is in machine learning, having gotten a doctorate in information technology from the Helsinki University of Technology. Certainly there were interesting things going on related to developing methodology and making core advances in the field in the Neural Networks Research Centre during my time there. But we also focused on real-life applications of these technologies, working with industry partners and with real data.
Since then I have spent time building solutions to combine state-of-the-art approaches in machine learning, artificial intelligence and advanced analytics with very practical applications. In real-life scenarios we have been forced to consider things like reliability, robustness with regards to unexpected data, the cost of false positives, etc. I do have to admit over the years I have moved a bit away from a hands-on Data Scientist role myself as I’ve held data science and technology leadership positions in companies of different sizes. But I’ve always maintained a close link to what we actually do with the data and what methods to use to get the best results. Some of the industries I have had the pleasure of working with have included telecom, media, retail, insurance, audience measurement and IoT — if you can call it an industry, it is kind of more a horizontal… but anyway — with solutions that include customer segmentation models, fraud detection approaches, churn prediction models, product upsell models, failure detection, and a whole lot of other things I don’t want to bore you with now. The main point is that while there is a vast array of different domains and solutions, there are also things that are consistent across different industries. Thus I feel strongly that solutions to different problems can – and should – be “cross-utilized” across different industry domains and that co-operation in even sometimes unexpected areas can provide great benefits.
I feel that there is a huge amount of value in making artificial intelligence-based solutions both robust and scalable. Having worked with frameworks deployed completely in the cloud, I have also grown to think more about effective and scalable data collection, storage and processing architectures. There have been some great technological advances on that front, too. Still, the old wisdom of garbage in garbage out is even truer today. There is so much data available that it is much harder to consistently evaluate the quality of your input, especially with near-real-time systems. Another constant across the solutions I have had the opportunity to be a part of building is that getting the data in the right form tends to take a LOT of time. Many say 80%, but I would even argue 90% of the time is spent on data engineering steps, before the actual data science can start. Hence what I always want to do is standardize that process as much as possible. It’s a great thing when you work as a part of a larger team that runs not only the modeling but also the data collection. This makes it possible to work together to provide the best overall solution.
There are a huge amount of different methods and models that fall under the umbrella term artificial intelligence. Supervised and unsupervised learning, classification, clustering, predictive models, generative models… Personally I think of this toolbox of methods as precisely that – a toolbox. There is no silver bullet or one solution that will be the best for every problem. The right solution depends on what you need, what type of a problem you are facing and what type of data you have. In good and bad, nowadays there are some tools that have become mature enough that they are now sometimes even surprisingly easy to use. This is great in the sense that it makes using those tools a breeze, but then there is a temptation to use those tools for more problems than they we should. The right tool needs to be used for the right task – whether that be building a house or a predictive model. To me, one big key to data science – and crucial to anyone who wants to become a data scientist – is the mindset, the desire to understand why, what and where things work. What kind of data is this method good on? Why does this model do what it does? What makes it “tick”? What are the underlying assumptions? How can I guarantee it will work on also data that I do not have in my training set?
Understanding why and how your model works – or where it won’t – comes to play especially in scenarios that keep changing, like the cyber threat landscape. A very important question to ask is “How well would my model generalize to something I never thought of when I was building it?” Or even “How easy is it to utilize the characteristics of my model to ‘deceive’ it?” To be honest, these riddles are one of the things that drew me personally to cyber security. This job is not just about doing good by protecting people and companies. It is also about exciting problems where you are not only working on understanding a phenomenon but also working against skilled and well-funded counterparts who are doing their best to not get detected by your methods. This means your approach needs to be able to evolve over time. And you have to be able to do this without constant supervision. Now that is a challenging and fascinating problem to solve!
F-Secure is by no means starting from scratch when it comes to AI.
There has been a lot of great work done, and we already have several production systems that consistently employ artificial intelligence as a core part of their operation. There are so many smart people on the team, and we have unparalleled domain knowledge in cyber security. But we are now going to take this to the next level. We will add even more new people with the kind of experience, skill and talent we need to complement the expertise we have already and build a larger team able to meet the needs of our customers better. And we will work together across the company to make F-Secure even better at staying one step ahead of any threats that our customers face.
What I do know is that we have the will and skill to make this happen. So stay tuned. And if this kind of problem set sounds interesting to you, please don’t hesitate to reach out to me.
Check out our open positions.
Are we still calling this outbreak Petya? Yes. Microsoft Defender detected it as "Petya.A". "We…
June 28, 2017