For security leaders, GANs are mostly bad news.
These generative adversarial networks may be why image generation is becoming so realistic, but also why there are so many fake ones out there.
Yet, GANs can also be cybersecurity saviors. While many IT security guys will roll their eyes at such a statement, new thinking shows that GANs can be a security professional’s best friend.
Staring down the GAN
GANs are relatively new. First brought to life in 2014 by Ian Goodfellow, they comprise two models: the generative and the discriminator.
The generative model creates new instances from a similar data distribution to the actual dataset using random noise (provided to it). It has no clue about the actual dataset but is in its happy heaven, working hard at creating an unknown from an unknown.
As the name suggests, the discriminator discriminates what the generative model creates and the actual dataset. It determines how well the generative model's data distributions are compared to the actual one and then assigns probabilities. These probabilities then feed into the generative model to come out with better data distributions.
It is a zero-sum game. The idea is to get to a point where the generative model comes up with a distribution that confuses the discriminator. Once the latter cannot distinguish the real from the generated distribution, a believable fake is born.
It’s evolution in bits and bytes
GANs are similar to evolutionary biology, especially when dealing with mimicry. This occurs when two unrelated species look similar or when a prey takes the resemblance of a predator or makes it look like an unpalatable species.
Like evolution, there are many types of GAN. We have conditional ones, deep convolutional ones, Flow-GANs, BigGAN, Progressive GAN, VAEGAN (which uses a variational autoencoder for the generative model), and such.
The exciting thing about GANs is that their science is now creating controversies in art. It can create imaginary models (so you don’t have to pay for a breathing one). Many contemporary artists also explore GAN potential as it broadens their horizons. When you use an app to see how you would look old or when you were young, that’s GAN at work.
In science, it helped to successfully model the distribution of dark matter, improved jet design and is becoming a tool for particle physics. It also helps healthcare professionals with the early detection of some diseases.
GAN’s versatility in working out unknown unknown scenarios is a boon for the autonomous vehicle industry. Their products must navigate roads without the human driver as a failsafe measure. GAN can generate new and realistic scenarios.
The problem is that cybercriminals are becoming good at using GAN. They are the reasons why the internet and social feeds are littered with deep fake videos and pictures, which has led to the creation of a brand new science called media forensics.
Meet the GAN police
The best white hat hackers or security specialists were mostly once threat actors themselves. It’s how they can figure out the security gaps that products overlook, like potential targets for social engineering.
So, wouldn’t GANs, which are giving rise to new fakes, ransomware threats, malware, deep fakes, credential theft, and allow anomalies to go undetected, police the internet?
Behzab Benam, founder and chief executive officer of SafeLine, thinks so. He wrote that GANs can help security teams improve a system's robustness and see how it responds to an attack.
It can do this by creating fake data that looks good enough to deceive a system. This can help security teams to guard against synthetic data attacks.
A GAN can be better than a standard pen test because it can create unknown attack scenarios, offering future resilience for attacks that cybercriminals have not dreamt up yet. It can essentially help cybersecurity teams to stay a precious step ahead.
It’s obvious GANs can be powerful tools. They are already shaping our perceptions and invading our privacy simultaneously. But in the right hands, it can be what security leaders could only dream of today, i.e., a good night's sleep.
Maybe it’s time we look at GANs as less of an adversary and more of an ally.
Winston Thomas is the editor-in-chief of CDOTrends and DigitalWorkforceTrends. He’s a singularity believer, a blockchain enthusiast, and believes we already live in a metaverse. You can reach him at [email protected].
Image credit: iStockphoto/Anton Vierietin