Use AI against hackers, says Oz security expert

SYDNEY--With the Code Red virus showing just how flimsy some traditional security tools can be, an Australian security specialist claims artificial intelligence should be used as a new weapon against electronic intrusion.

"Security has become a core concern for business," said Mike Cullen of security company Tier 3, stating the obvious to a NetWorld+Interop audience yesterday.

"(Australian) businesses spend a fraction of (what) their US counterparts (spend) on security," which could be a false economy.

"Firewalls are not the silver bullet solution we once thought," said Cullen, pointing to the way Code Red affected systems supposedly protected by firewalls. But he did not offer a panacea; instead, he drew the audience's attention to a variety of ideas that contribute to better security.

The people entrusted with managing security also need attention. They should be trusted professionals, but nevertheless their work should be subject to peer review as well as scheduled and unscheduled audits, Cullen said.

He also suggested that the frequency with which vulnerabilities are found and patched, and the number of different components that are affected make it difficult to keep up to date with vendors' patches without using an automated approach.

Cullen also asserted that intrusion detection systems are needed at every level of the IT infrastructure, and they should use artificial intelligence techniques to correlate even seemingly unrelated events in real time. These systems should be able to distinguish successful from failed attacks, take immediate action where necessary, and must scale well, he said.

"Managing security is not an easy task…but a lot can be achieved with the right tools and the right security platform," said Cullen.