security in ai : an isv perspective. tuesday 18/se… · cloud-to-cloud interoperability...
TRANSCRIPT
INTERNAL
June, 6th, 2019
Dr Jean-Christophe Pazzaglia
(Demo from Aymen Mouelhi)
SAP Labs France
BDVe Project
Security in AI : An ISV perspective
PUBLIC
PUBLIC© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
SAP Leonardo IoT – From Internet of Things Data to Business Insights
Cloud-to-Cloud interoperability
Vendor-agnostic
Connectivity
Device Management
SAP Leonardo IoT
Technical Services
Open Ecosystem &
Partnerships
Drive business outcomes with embedded
IoT in lines of business applications and
further intelligent technologies
Extend your business process
from the cloud to the edge
Transform your business with open
innovation while keeping a clean core
SAP Leonardo
IoT Edge
Leverage IoT insights with an integrated
application developer experience
Integrate and contextualize IoT data
with business process information
PUBLIC© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Unlock your Intelligent
Enterprise with
SAP Leonardo IoTAnalytics | ML / AI
IoT embedded Intelligent Suite
IoT enabledCustomer Apps
Standalone IoT enabled
Business Apps
Intelligent Technologies
ContextualIoT Data
IoT embedded Business
Processes
Any Device
DataManagement
Cloud
Edge
ContinuumSemanticIntegration
PUBLIC© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
5PUBLIC© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Cloud-Edge Continuum – Decide where to run your workload
Edge
Continuum
Consistent Business ContextBringing contextual data to the edge
Consistent Business RulesApply same set of business rules in the cloud or at the edge
Consistent ExecutionIntegrate into cloud or on-prembusiness processes
Cloud
SAP Leonardo IoT
SAP Leonardo IoT Edge
6PUBLIC© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Examples of IoT enabled Use Cases
Replenishment
Optimization
Usage
Insights
Condition
Monitoring
Fleet
Management
Service
ManagementConsumer’s
Experience
https://www.sap.com/assetdetail/2015/12/b6caea
0d-507c-0010-82c7-eda71af511fa.html
Trenitalia: Creating a Dynamic Maintenance Management System Powered by SAP HANA
8PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Secure Monitoring of Antibes Water Distribution Network
Motivation
Monitor waterdistribution network
Predict failures, and
Optimize proactively their finance and controlling
Technical characteristics
2000 water sensors instrumenting the network (e.g., pressure, temperature, flow)
Low bandwidth and powered Programmable Logical Controls
No physical access to devices
Low throughput
Confidentiality and Integrity
No personal data
9PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Why AI now ?
Success of AI ?
Explosion of data
Exponential increases in computing power and
storage
Algorithmic advancements
Executive Guide to AIhttps://www.mckinsey.com/business-
functions/mckinsey-analytics/our-insights/an-
executives-guide-to-ai
10PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
… and many others DeepText, Pinterest “similar looks”, A9 search (Amazon), Smart Personal Assistant (Alexa)
Success of AI ML
2005
• Darpa Grand challenge: five vechicles successfully completed (200 km in the desert) . Now, Waymo fleet drive >25000 miles per week
2011
• IBM's Watson computer defeated television game show Jeopardy! champions Rutter and Jennings (3x).
2012• Deep convolutional neural net achieved 16% error rate on ImageNet (-10%);
2015• Super-human performance for image classification, <5% error rate (ImageNet challenge)
2016
• Google Neural Machine Translation (GNMT) → almost human level, more 100 languages, more fluid (better segmentation), zero-shot learning (new couples)
• Google DeepMind's AlphaGo (version: Lee) defeated Lee Sedol 4–1
2017• Lip Reading Sentences in the Wild (twice more efficient than human!)
A pizza sitting on top
of a table
Description generated
with high confidence
12© 2015 SAP SE or an SAP affiliate company. All rights reserved.
Graphs
Algorithms
PredictiveAnalytics
Machine Learning
Chatbot
Natural LanguageProcessing
Rules based Engine
13PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
ML Guide
StartDo you need
automation?Can you write
the rules?
Can you
formulate your
problem clearly?
Refine your
problemRule-basedManual Work
Do you have
the data?
Final data set
expected
around min
10.000?
Do you have
a regular
pattern
Do you have
meaningful
features?
Can you
measure
success?
Machine
Learning
Collect Data
Enhanced Data / Look at different
data sources
Is the data Labeled?
Unsupervised (e.g.Similarity)
Is your
problem is
supervised
Supervised
(e.g.Classification)
Yes
No
No
Yes
Yes
No
Yes
No
No Yes
Yes
NoNo
Label dataset
Yes
No No
Yes Yes
No
14PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
But: ….
15PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
But: ….
Complex.. Difficult to explain
EXPLAINABLE AI
(Labeled) Data are Expensive
TRANSFER LEARNING
UNSUPERVISED
New Security & Privacy Threats
ADVERSARIAL LEARNING
Bias and Black-box algorithms
FAIRNESS
16PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
17PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
18PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Machine Learning for Security
Intelligent Code Analysis
• Code analysis is paramount to insure Security baseline
• Automation is the only way to do address Scalability
• Continuous analysis during the software lifecycle including support
Security Intelligence• Holistic Security requires to gather Information from Multiple
Sources (eg. Report, Social network, Darkweb)
• How to identify, classify, combine this information ?
Threats Detection
• Network, Application, Business Threats
• How to detect unusual system behaviour (zero day) ?
• How to recognize known attack patterns (including variants)?
19INTERNAL© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
20PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Many of us help to train Machine Learning
models on a daily basis without knowing …
21PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Machine Learning for Security: What makes it different/harder?
Unusually high cost of errors
• Misclassifying a legitimate access request, makes people angrier than a bad movie recommendation → avoid False Positive
Lack of training (labeled) data
• People prefer sharing cats pictures than security (sensitive) data
Meaningful explanations
• Human decisions need to be supported by human-understandable algorithms results
Adaptive Adversaries
• Weather is not trying to avoid classification/prediction, hackers do
22PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
23PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Attack to Machine Learning: Evasion Attack → Toxic Signs
Sitawarin at al. 2018
24PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
When smart machines, driven with artificial intelligences, will assist Courtroom ?
2017, Eric Loomis was sentenced to six years in
prison at least in part by the recommendation of a
private company’s secret proprietary software
(COMPAS)
COMPAS
Correctional Offender Management Profiling for
Alternative Sanctions predict a defendant’s risk of
committing another crime based on a proprietary
algorithm and the answers to a 137-item
questionnaire.
Risk: Blackboxing the Judicial System
ML (DNN) algorithms decision-process is hard to
understand:
• Decision (at best) as good and fair as data … they
reproduce bias
• Algorithms used as support for decision making needs
to provide human-understandable motivation
GDPR gives you the right to explanation
Was one of your parents ever sent to jail or prison?
How often did you get in fights while at school?
Does a hungry person has a right
to steal?
If you lived with both parents and
they later separated, how old
were you ?
https://www.propublica.org/article/machine-bias-
risk-assessments-in-criminal-sentencing
25PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
openSAP: Creating Trustworthy and Ethical Artificial IntelligenceIn cooperation with members of the European Union High-Level Expert Group on Artificial Intelligence
https://open.sap.com/courses/aie1-tl
Creating Trustworthy and Ethical Artificial IntelligenceIn cooperation with members of the European Union High-Level Expert Group on Artificial Intelligence
26PUBLIC© 2018 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Security for Machine Learning
Attacks• Different vectors (eg. training set, model, input , output) and
different attacks (eg. Poisoning, evasion, toxic)
• Is the Deployed Model immune to them ?
Privacy/Confidentiality• Training Data contains Confidential Information
• How to insure that they cannot be Reversed Enginneered ?
Intellectual Property• Considerable effort and know how in making THE solution (eg.
Topology, Data Cleansing, (re)Training)
• How to protect it from Competitors?
Explainability / Trust / Compliance
• How to explain results ?
• How to trust a model (eg. Coverage of training set, unbiased set) ?
• How to certify a Model ?
The need for an AI Partnership
https://ec.europa.eu/digital-single-market/en/news/artificial-intelligence-public-private-partnerships-join-forces-boost-ai-progress-europe
BDVA – euRobotics MoU (ICT 2018 event)
BDVA – euRobotics common Vision PaperMarch 2019
AI Value Chain
www.bdva.eu
https://www.european-big-data-value-forum.eu/
http://summit.big-data-value.eu/
Thank you.
Jean-Christophe Pazzaglia, Phd
Chief Support Architect Higher Education & Research (PS)
SAP Labs France SAS | 805 av du Dr Maurice Donat |
BP1216 | 06254 Mougins Cedex, France
No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP SE or an SAP affiliate company.
The information contained herein may be changed without prior notice. Some software products marketed by SAP SE and its distributors contain proprietary software components
of other software vendors. National product specifications may vary.
These materials are provided by SAP SE or an SAP affiliate company for informational purposes only, without representation or warranty of any kind, and SAP or its affiliated
companies shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP or SAP affiliate company products and services are those that are
set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.
In particular, SAP SE or its affiliated companies have no obligation to pursue any course of business outlined in this document or any related presentation, or to develop or release
any functionality mentioned therein. This document, or any related presentation, and SAP SE’s or its affiliated companies’ strategy and possible future developments, products,
and/or platform directions and functionality are all subject to change and may be changed by SAP SE or its affiliated companies at any time for any reason without notice. The
information in this document is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. All forward-looking statements are subject to various
risks and uncertainties that could cause actual results to differ materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking statements,
and they should not be relied upon in making purchasing decisions.
SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP SE (or an SAP affiliate company)
in Germany and other countries. All other product and service names mentioned are the trademarks of their respective companies.
See http://global.sap.com/corporate-en/legal/copyright/index.epx for additional trademark information and notices.
© 2018 SAP SE or an SAP affiliate company. All rights reserved.