AI – Be Afraid – Be Very Afraid – NOT: Vincent Chiew

thank you so this is just very basic okay nothing too deep so if you know how to spell AI or you don't know this is the right ca for you okay so um before I start I need to know what's AI so can someone tell me what's your perspective what's AI That's the very first thing you need to know uh you need to be understand what is this thing called AI anyone want to volunteer you know I can point right no I'm just kidding what yeah what's AI per oh okay good I don't have a definition that's why I asking right what about here anyone another definition s sension okay do we have such AI the sension right now oh I don't

know okay so um now first of all you need to understand what AI right Define it okay right now there's a lot of definition whether Does it include Hardware Does it include software Does it include environment so that's one of the challenge I found right now a lot of uh commedy expert committee all trying to figure it out so once you trying to figure out what this AI is uh then you need to scope it right so what's the boundary of this AI like this this thing called AI like what what what the scope you can pick whatever you want you know you can pick the one that we know right now what's that thing called open AI

chat something like what's the scope of that like how do you Scope this the the the boundary how do you Scope AI well if you don't if there's no boundary how you going to secure it I mean like it's it's open system yes in the end it's just software Hardware you the data right so software Hardware data okay all right so I I start with basic right say my brain is very simple I cannot take anything too complicated so uh uh AI so let's start with that first of all like I'm going to go with very basic uh security stuff right nothing too complicated those of you who are new to security hopefully this will be fun

um okay he looks like a he look very intelligent do you mind just standing up here for a second no how about someone who's who playing with the phone do you mind standing up here for a second yeah see oh okay give him a big hand what's your name huh Sam Sam okay okay let's imagine so this is natural intelligent right you guys agree he's natural right I mean you cannot made more natural than that he sanction right so this is the extreme this is what we call AI right no not AI natural intelligence and let's say this is the uh AI artificial right now let's say just on my computer right so basic so when you

work for a company when they say what's your greatest asset in a company what is it people people is this this the thing or this this guy here right so he's the most because he has ni I natural intelligent that's really good right so that's the very basic stuff you need to know right like all security the first thing you know is what's the asset you trying to protect right so normally this this intelligent is much more valuable than this intelligent correct okay then the next thing in security you're going to find what's the value of this intelligent right okay you guys agree he's more valuable than this thing here that's debatable right so now we about characteristic

afterward okay so depending on what your need is then you can decide what's the AI so what's the I is so here let's assume this is here right here on my this PC every time I give a presentation on AI the first thing they say this this AI is going to kill human it's going to blow up the the planet Earth you think this going to do that are you sure all I need is just a little wire or maybe connect to some nuclear bomb somewhere will it blow up the Earth possible right so you have to start with a very basic find out the risk find out your appetite find out the value Asset and

find out should you protect it right so that's the fundamental most people don't think about it they just protect everything they can or just get very afraid and so on right so let's say they have this AI here and then they have an ni over there so the next thing you need to do is uh find out exactly what what this are you need to Define this AI here if you define this as just a software right and you Scope it just on this PC it's not going to hurt you right well theoretically speaking right uh theoretically speaking it can hurt you it can have flashing it can hypnotize you whatever let's not go there okay so

let's say uh very basic stuff uh it's not going to hurt you it just going to sits there although it can tell me how to build a nuclear bomb and destroy the Earth but it just going to stays there so and the next thing is that um tell me what's the difference between this this intelligence and this intelligence here what what what's the differ Bes said this much better looking intelligent than this machine here what else what other characteristic between these two intelligent or if you to protect them right you guys protect people in your company so what about this technically there if you classify this intelligent I don't know what this intelligent means right so one of the thing is that one of

the debate has always been in the um the very basic they talk about weak intelligent you guys know what weak intelligent means anyone's heard that definition and strong intelligent or that basically just means that if you reach if this intelligent is at the level of a human being right of your brain then that basically strong so you can do the capability of a human and more uh that means that you potentially have will suceed this person the intelligence only right like this person can take a gun and go around shooting people but this will not right although you had the same intelligence can even be smarter than him but will not be able to do that so you need to understand uh

what do you mean by intelligence okay and the other stuff too you need to know is um what else what else the differences between these two let's say in your company after working right you do you go home after work or you just stay in the office all day long 24 hours 365 anyone work forever no but this one can work forever right can it be fired and lay off sure can this be fired and lay off no it's going to stay in the company do you just take the piece of Hardware memory stick or I'll take this remember 3D printed save button right and just uh throw it out you don't right you keep it around so some of this stuff

here when you talk about this AI stuff here I'm not sure how many of you work in company there AI question yeah go ahead I fire has of be fired end of life uh you tell me do you throw your software around uh away like in a company do you guys when the software no longer in Ed what do you guys do with the software replace it what do you do with the other software eventually it throw it away how many programmers in here what do you do with your old code you them right or it could be still existing in your branch somewhere right I don't know GitHub whatever right so you keep them around right so that's the

other stuff talk about security you have to know the asset you have to know his availability when he get fired or lay off or 5:00 he goes home this intelligence done right for the day this going to be around right it may or may not be active at least availability is still there right so when will it be instantiated that means it come to life maybe in the middle of the night I'm not sure right so those are the kind of thing you have to worry about right and you talk about intelligent how many use AI like you use AI at work but something goes wrong with AI it give you the wrong answer what do you do how many

of you call your help desk how many of you no so now you have to build AI into so that knowledge you have to go to your help desk right right you have to go into your first line support your second line of support your Guru your ninja right those init you know what I'm talking about right right so you have to know those kind of stuff right in terms of uh uh just managing AI now ai to me there's three level one is the AI itself the interface this is what I'm covering right now and then there's also Security on the internal AI That's more Technical and then the one that I know is coming which is the environment

of the AI okay for example if you talk about sustainability uh company all worry about that security had to be part of a business when we talk about ESG right uh sustainability like in terms of ai ai is very costly right it take a lot of power okay so I won't go there but if you have time you can ask me question we can go there and then the one inside we talking about the algorithm if you look at the algorithm now when you talk about AI what's the architecture you think about AI right now well um those of language what architecture what kind of network architecture does do you think what were you saying just now

large language models large language model okay that's just a model right architectur wise most of you probably thinking things like neuron Network you guys heard of something like that neuron Network yeah so neuron Network supposed to be simulating the human brain right now keep in mind in if you study uh AI has been around like since the 60s 70s right so we have five different classification architecture of artificial intelligence neural network is just one of them right I'm not going to go detail but if if you look at the uh the math part just like security the fundamental of information security is mathematics so this is AI is nothing more than just math if you break it down

the core of it is nothing more than one really long equation or you can have many different short equation okay one very long equation you process it many different parts different times why am I mentioning that because it's only recently that for the longest time we um we process a one very long long math and later on I think in the' 70s the Japanese car I forgot the name um start to break it down into many different um sub system and depending on which part of the equation you used to produce it uh it had different category and so on so it has been around since um the' 70s it's only today that uh what we have

here compared to what he can do is that this is getting really really cheap okay and really fast doesn't take a break and can uh last for a long um really fast take a break yeah and um doesn't complain right doesn't take a break for example that he he will do right and it's very like for him to be able to get to this level is very expensive right but energy consumption wise is very cheap compared to this machine here right okay so all this ties into things like availability ties into Integrity right now human brain in such a way that the neurons and stuff I'm not not going to Medical but sometime it does degrade there are study they say

that it does grow but the St the resar has to be long enough for it to grow and so on but this machine doesn't right adding more memory doesn't constitute uh is growing okay and human is not perfect you know there's a delay between the brain and the actual action but this doesn't right there's no DeLay So it's too perfect okay now even if you do AI those of you who use things that generative AI like jet GPT you'll notice that even if you are try to tell it pretend to be dumb it's not really dumb the smartness is still there right when a human is dumb not him right me right and I'm actually dumb right there

degradation we we do lose so that actually has power if you study AI or ni or CI cognitive intelligent natural intelligent uh so you have to treat the human a little bit different than this right so when you get information out of this uh so when you can tell to pretend to be something but the is integrity is still the same right so Integrity in terms of the intelligent is still the same but it can pretend the Persona and the outcome perception that you look at it is different so now you're going to that's will impact Integrity of the intelligent that you're going to see from here right so confidentiality wise and also this Integrity wise the Integrity

of it if you use the one in the cloud you'll be shared with everyone else right but when you get a subset here let's say the whole AI the all the model here it be a subset can you make it the scope wise the same as the one in the cloud yes you can but you may lose degradation in terms of quality but that is constant right in the sense that over time it doesn't it may be obsolete so you may have a degradation in intell region in terms of no longer usefulness but in a human case there are the degradation is may be there as we get older we forget stuff but we can relearn right so this doesn't

so from that perspective to access this and so on uh maybe some confidentiality too you need to know um what you going to get out of it what you going to put it in and because it's not as smart you guys said the case about the lawyer who uh um went to court and say that while he's trying to do a research and tell J GPT say give me three cases that's similar to this case that I'm going to CT for and then Jud GPT say here you go give me the references here you go he went to the judge the judge was very impressed that he got all these cases with references then they found out they

just say for some reason after all these years I never heard of these three cases look at the references doesn't exist so J GPT really good at making things up right so he got fired so um yeah so you have to check okay so it's very important even you look at AI right uh you have to check that's why lawyer always say now we need to site this thing you guys are all professional correct so you for your own Integrity you have to make sure you have citation right he will tell you where his sources come from another thing that is very different is that there are law regulation that anything he can remember right he can reproduce it without uh

So-Cal depending how he reproduce it he doesn't have to provide citation Integrity of the information but this is very hard right cuz you come up with knowledge you very hard to guarantee that is the truth okay for the last few months I've been monitoring you know um you know places that try to cheat get this thing and submit it into as their own work right and then people who try to have a create more AI to try to detect the AI and then the AI trying to build more AI stuff that trying to bypass Ai and so on keep going back and forth I think that's going to be going forever okay so if you look at any

citation right um any citation you notice that they actually show how many of you do citation whenever you uh use AI come on I'm going to see all hands go up right you are all professional right so you should I mean all the citation basically just says I did use AI on this year over here most of them don't even know there's a version number right so just to let you know uh so you need you need to provide proper Citation for this so they are hybrid hybrid model right now I think places like IBM and so on are working on it where they can try to reverse the AI and provide citation now you're going to have

integrity okay I don't know many place I know IBM started uh to do it so now they're going to have more non-repudiation right that's also a very important thing in security where you trying to find out the result the output that you get you can actually trace it back to the source and you cannot dispute it in terms of what you get and what the source is coming from okay so as you see in AI it's not that difficult in order to apply security to it okay uh in terms of all the CIA stuff non reputation and so on now the very important part to let's talk about uh uh privacy okay so he a human he's really tough doesn't

he look tough right if I want to get some really personal stuff out of here I probably have to beat him up more like he beat me up first before I can get it to him right so see he's smile he know that he can beat me up so anyway so um so it's very difficult right for this computer is very gullible okay AI so far I haven't found an AI where I cannot I you try don't do this at home okay in case you get in trouble I say how to build a bomb right and but obviously when I teach I don't say build a bomb I say how do you cheat on the test they

always say no cannot that's not a good thing to do or I try at home you know how to a bomb they say you cannot do that you only take another line of code the next type in another sentence the next thing you know it tell you exactly how to build a bomb from scratch right it's not really smart right and another thing too is that and this question I like to ask when I go to this uh Heritage when I present to people who speak in different languages what's the M mother tongue of uh C GPT it's a large language model what language does it speak what's the model mother tongue of this AI do you have a

mother tongue or what do you speak what's your main languages what do you huh Ur uruba okay you guys all have a specific language you born with uh what what what's this mother tongue for this language here for this AI I don't care any AI you pick what's last language Model come on this is a trick question huh bits and bites what bits and bites bits and bites okay what think of huh English English yeah that's what a lot of people when I when I present it to Heritage schools right they say yeah they say whatever language then I show them I can mix all the languages right I can put in Chinese and say uh Chinese

please develop a poem in high schol and I put in NE you know Japanese and you will I can put five different languages you still able to produce uh an answer in my choice right then I say present it I didn't quite say do but uh think Spanish or whatever and French and German and you you'll produce stuff from me so if you go study how large language model and how this all been trained is nothing more than compiler how do you guys how does a compiler compile program any language right computer can understand any languages right C C++ a b c f i don't know F sh whatever so same thing if you look at how they how they

study it it's the same thing they use toiz they use symbol tables and stuff so fundamental Computing stuff ask some computer people they'll tell you that and so same thing so they don't really know uh languages right they go by pattern right so the uh the keyword for this particular one will be uh the chat GP generative will be something called what's the key word uh what's the key find what's the Breakthrough in generative AI what's the one word that huh predictive natural language natural language so the keyword is called attention Okay but the Breakthrough that make you be able to distinguish all the nuances and different languages is called self attention Okay Go download

the piece of paper and halfway through the paper and it tell you uh like for example is a self attention it gives you the the AI capability they say what happened when um you know when I say Hol leg what does that mean what does anyone what when I say you have a Hollow Leg what does that mean hungry huh you're always hungry yeah I'm always hungry yeah because my leg is hollow right but that doesn't mean I actually have a hole in my leg right so that's is the the C so you have to know fundamental what it is so it's the algorithm is the math I'm not going to detail you can go read the paper

yourself uh that's what make this um this AI very different human just naturally they know I'm still trying to figure out after all these years after studing human brain for over 10 years I still trying to figure out how a human works right I have I have kids I trying to find the point where they start to like even roll over I cannot figure that one out just magically overnight what happened right so all a sudden they stand up all a sudden they start walking I still cannot figure that one out I I did not quite experiment on my kids you know I just observe okay so no child Abus that no child was hurt

during this experimentation to know good to know yeah so I want to let you know so uh that's the AI part of it so uh so we cover a little bit of C the I the a the uh uh non-repudiation if one more example I can go to more detail uh privacy very similar right he can keep his mouth shut this one I can bypass this quite easily you just go experiment uh is is not too bad um so once you understand how it works uh actually my source on exactly how this would I think I watched a video from uh Professor MIT so he break it down in just one very long equation equation and depend how you use the

equations and basically that's all it is right so uh so the next thing I want to talk about safety right so this day a lot of this has to do with safety so safety can be at those three different level you can do the safety and the math part so when we have uh when company when it have you know a whole bunch of expert who do programming so sometime I have to go analyze the code the algorithm that's a little bit more technical but for example let's say you apply this to things like industrial stuff uh Health right where human life is attached to this system and you could die so a couple of things I'm not going

to go into detail again a couple of places you can put the safety on you can put the safety as it generate the message right what if you know internal you can prevent it from creating the So-Cal uh safety uh potential safety hazard message uh signal coming out of it or the interface or directly at the object that you apply to right that's very fundamental security that you learn where you can attack through something or at the object itself right so that's a very basic uh security fundamentals see you don't need to go to Advanced security stuff you can apply a fundation your fundamentals to what you're doing here right so the same thing when you guys do industrial how

many of you in industrial like oil and gas water traffic health uh so same thing right so you have a whole bunch of safety you have a whole bunch of feedback loop right so you can either have uh signal along the way now the only differ is that the security side and the safety side May interchange depending on the critical the the time critical sensitivity the only time I found safety comes first before security is when human cannot react fast enough especially even physics find it very difficult to be able to uh detect and prevent control the security that's when safety will come first but most time they let control goes first then safety will come in and rescue if the control

went out of control okay so keep that in mind all right so an example will be things like uh if you work in utilities who works in utilities transmission right we we talk about things in like millisecond right or even less than that so when you look at those system they don't even let you do anything even the US government make sure that you can only change parameter you cannot even touch the algorithm because they want to make sure that the algorithm oh now I'm going to the internal now uh for example when you when you're math you guys do math some of you probably do some math uh but sometime the math can be stable or not

stable right and then you want to make sure whether it's go out of bound not out of bound in terms of whether it's in control out of control right so that's where the math come in to know the math a bit then you can control it before the intelligent actually manifest itself onto the surface where human can see it right so that's more system engineering system security level where you need to be able to control before the root cause of the malicious action signal or whatever start propagating the propagation is called errors all the way to the surface where you actually manifest and be able to see the failure right so that's that's just very basic

system security so that's one of those things you got to understand where you're going to apply this AI all right so um so even if you don't know the math you can just control at the interface and it's it's common right most people use control system whether use scada DCS IED whatever else you will know that um we don't need to know the controls we don't need to know the proportional integration derivative algorithm that they implement in it but you can control external okay so um so you just ask just ask whoever created uh to know now for example he he learned another very important thing um characteristic is that uh he has some some level of

Education right just go yes yeah okay he thinks so he forgot he forgot already see this this natural intelligent now um the thing is that he knows when he doesn't know something right the problem with this it only knows when it train not to know okay if not it can give you garbage out right that's another issue with uh AI is that it doesn't know so how many of you actually in your company you actually went and get AI you ask your AI uh department or machine learning Department say give me a model and they give you a model right and then you run it now it based on certain data that it doesn't have any other internal

uh any more additional input until it get retrained right but in his case he doesn't he professional development he come to B sides this AI only come to bide and sleep here my screen is black so it's sleeping now right while I'm trying to use it so he doesn't right so this model can go out of date be very careful so one of the thing if you your company whenever anyone give you a model they always say okay you want to know the limit how long what's the lifespan of this at what stage is that trigger that means that you can no longer use this model up you have to be retrained give you another enhanced

model obviously he's the greatest asset in my company we cannot fire him we send him for b side for professional development correct yeah see uh so or you can go for training right so that's different in this case here it doesn't so you have to know what to do with it right now because if I can trust him Assuming he's not an internal threat actor uh or when he leave he retired that's fine but this software is my intellectual property right I cannot keep him he's also my highly uh valued intelligent asset but this I can keep because it's my software right so what if this is dangerous especially as you can saw you saw the uh keynote speaker

um so this if this particular object or API or software or application or AI has credential in it it might be there for a while right okay what does that mean that means that it's going to be in your company so it can actually um it can actually uh a bad actor who knows that you have this agent in house can actually activate it turn it on and let it run through the system and um make it do really really bad things right so those are some of the stuff you have to be careful you have to kind of treat this AI almost like a human asset and also treat it as a special has special characteristic

specification that you have to to trade it okay uh so for my work either in the military intelligence or in the industrial intelligence all I can tell you is that you can actually manage intelligence system with knowing very very little about it so don't have to worry about thinking that you have to be really smart or know a lot of stuff to secure the system you don't really need to to do that okay so don't don't panic in terms of oh she I don't know this is a new stuff it's nothing more than just basic math while a little bit more complicated but who cares you will survive up to this day without knowing math right well at least I survive all

these without need no math right but you just need to know how to secure this that's one of the thing that we always debate uh at the uh when I go on those committee expert committee that do you need to know math or do you need to be a programmer in order to be able to manage that so the answer is depending on what you do right there's a lot of people who say Vincent I love sec security but I don't like I don't want to be like technical expert I say look there's governance you can do that right become a politician right so there different level so don't be afraid so there's a lot of entries to uh into AI security I

think there's two more presentation today uh go listen to them they're probably going to add a lot of values uh to what you do so uh yeah that's just the basic stuff I want to uh rest assure people that don't be panick um the only thing I found even Canadian cyber security security the Canada level I talked to them they basically told me that uh we just need people to study a bit more learn a little bit more of it don't have to be don't be afraid of it and we need more people in this area so uh yeah I just going to stop there anyone have any questions um hopefully not too inp not too

technical or if you have technical stuff you can ask and I'll see what I can try to answer it yeah yeah thank you very much yeah so yeah okay sure get it from him uh so yeah so a lot of this stuff um so this apply to all the thing whether you apply to like jgpt Transformer or you can apply to those uh like M Journeys table diffusion or whatever fundamentally the math the algorithm is very similar the quality the validation the test method is all very similar uh security wise you can still apply but if you know the math then it's a lot easier you can tell where the the solution is where does it go where does

it get distributed the quality of it then you control that uh so they you can have much better control like security we all are very concerned about the control of AI right so anyone have any questions yes the right okay I think loud enough you covered uh security from the the traditional points how about security as in data that is being to theel oh yeah yeah so that's the other part I I forgot to mention is the input right so if the the garbage in garbage out right so the whole concept of maturity model still comes into play okay like when um yeah when the military asks SEI software engineer Institute to increase that that still can be applied okay so

you want to make sure that the quality of the data that comes in the integrity and also the confidentiality because you do not want the data that has not been uh having approved to come into the data as part of the learning process so I'm still waiting for the court to decide how we're going to handle that right right now people are suing uh open AI right now let's see how the CT play out like for example cryptocurrency there's already rules president have been set in Europe that says that if you have money laundering when I used to track terrorist funding and stuff like that for financial uh so we we have to draw a point somewhere

they say that when this bad money uh you know La money go into certain uh crypto into the blockchain and and depending on the amount that went in the same amount that come out that at this point this became fraud right fraud uh fraud crypto currency so AI we're probably going to see the same thing similar things so we're in discussion to see how we're going to decide when data that's bad going in and um how it's been processed I just use the generator process into it okay so um any other questions yes in we haveth reinfor

yeah uh no actually I I'm on the I was on the standard Council of Canada we went and go to all the committee of all the AI around the world you know where the top AI research in the world right now Montreal yeah so I'm not kidding you yeah I'm not saying other university are not good I know you of a actually have a really good school yeah

yeah could be yeah yeah okay yeah the the information I got is from United Nation when we have 150 countri we meet together and we discuss who are the best in the world that's what they say and it's not it's not my answer okay I just let you know that's what the committee uh planetary committee said at that time soar for security purposes intercept and interpret SEC system uh yeah I think like over 10 years ago I do that in industrial I do that in in the military yeah they do I'm not sure about here I here I think they do too some of the vendor I don't think they are here right now but there are people who doing that

yeah so it doesn't have to be clean signal sometime clean signal is a bad signal because the real world is uh very noisy but when you get a really clean signal uh means maybe someone tap into it and that's why you signal get really clean so some so sometime you have to do the opposite so yeah they do have a lot of research yeah okay thank you everyone thank you very much