PHOENIX, July 31, 2017 /PRNewswire/ -- Bishop Fox, a leading global cybersecurity consulting firm, has created an AI-based hacking tool, "DeepHack." With the introduction of DeepHack, Bishop Fox researchers showcase the potentiality of AI-based cybersecurity tools that can think for themselves. Senior Security Associate Dan "AltF4" Petro and Security Analyst Ben Morris presented DeepHack to the world at their DEF CON 25 talk, "Weaponizing Machine Learning: Humanity Was Overrated Anyway," on July 30, 2017 in Las Vegas.
"AI-based cybersecurity tools are a technology that pentesters have yet to fully explore, and these tools will eventually take penetration testing to a new level. DeepHack is an early proof of concept, but serves as evidence of what machine learning can do for our industry," said Petro.
DeepHack works the following way: Neural networks used in reinforcement learning excel at finding solutions to games. By describing a problem as a "game" with winners, losers, points, objectives, and actions, a neural network can be trained to be proficient at "playing" it. The AI is rewarded every time it sends a request to gain new information about the target system, thereby discovering what types of requests lead to that information. Click here to view a brief video on DeepHack.
Petro uses a robot as an analogy. If you give a robot an incentive to move forward on a track, the robot will learn to walk on its own. Likewise, DeepHack can learn on its own.
Added Morris, "While it will take time for the AI-based tools to become more practical, we expect to see more in the future that build off what DeepHack has accomplished."
About Bishop Fox
Bishop Fox is an independent cybersecurity firm that protects businesses from today's increasing security threats. Since 2005, the firm has provided security consulting services to the world's leading organizations. The company is headquartered in Phoenix and has offices in Atlanta, San Francisco, and New York City.