Suggested Major Components of AI
knowledge, reasoning, language, understanding, and learning
How do you achieve ethics from rational behavior?
By Utilizing logic and reasoning in your action. Every art and every inquiry, and similarly every action and pursuit, is thought to aim at some good purpose
Rational Agents
A rational agent or rational being is a person or entity that always aims to perform optimal actions based on given premises and information. (could be an entity of action)
Formula for agents: f:P*→A
What is the difference between steps in AI vs AI in steps?
Know the Domain, Study the Data (Data Mining), Cleanse and Normalize Data, Choose a Model, Test and compare with other models, Short List optimum models, Fine Tune. Correct and Modify, Monitor Errors, Record Learning.
Safety vs. Security
Safety primarily focused on protection from physical dangers. Security refers to protection against external threats that are likely to cause harm
Three Main Privacy Issues
Access of private information, stealing identity for money, and hijacking your computer for illegal purposes
3 Foundations of Cyber-security
Privacy, Control, and Agency (or lack thereof, i.e. Surveillance)
Vulnerability vs Threat vs Risk
A vulnerability is a weakness, flaw or other shortcoming in a system. a threat is anything that could exploit a vulnerability, which could affect the confidentiality, integrity or availability of your systems, data, people and more. Finally, risk is the probability of a negative (harmful) event occurring as well as the potential of scale of that harm.
Reactive Machines AI
Based on present actions, it cannot use previous experiences to form current decisions and simultaneously update their memory.
Example: Deep Blue
Limited Memory AI
Used in self-driving cars. They detect the movement of vehicles around them constantly and add it to their memory.
Theory of Mind AI
Advanced AI that has the ability to understand emotions, people and other things in the real world.
Self Aware AI
AIs that posses human-like consciousness and reactions. Such machines have the ability to form self-driven actions
Artificial Narrow Intelligence (ANI)
General purpose AI, used in building virtual assistants like Siri
Artificial General Intelligence (AGI)
Also known as strong AI. An example is the Pillo robot that answers questions related to health.
Artificial Superhuman Intelligence (ASI)
AI that possesses the ability to do everything that a human can do and more. An example is the Alpha 2 which is the first humanoid AI robot.
Domains of Artificial Intelligence
Machine Learning, Neural Networks, Robotics, Expert Systems, Fuzzy Logic, and Natural Language
What is AI?
Systems that think like humans
Systems that think rationally
Systems that act like humans
Systems that act rationally(operational)
What is artificial intelligence?
Any task performed by a program or a machine that, if a human carried out the same activity, we would say the human had to apply intelligence to accomplish the task.
Behaviors associated with human intelligence?
planning
learning
problem solving
knowledge representation
Perception motion
Reasoning social intelligence /creativity
What is the turing test?
A machine trying to fool a human into thinking that it is human
What are the different types of AI?
reactive machines
limited memory
theory of mind
self aware
artificial narrow intelligence
artificial superhuman intelligence
In the realm of “what AI is” (i.e. datasets, models \n and predictions)
1. Bias and Fairness \n 2. Accountability and Remedi-ability \n 3. Transparency, Interpretability and \n Explain(ability).
In the realm of “what AI does” are issues of
1. Safety \n 2. Human-AI interaction \n 3. Cyber-security and Malicious Use \n 4. Privacy, Control and Agency (or lack thereof, i.e. \n Surveillance) 59
In the realm of “what AI impacts” are issues \n related to:
1. Automation, Job loss, Labor trends \n 2. Impact to Democracy and Civil rights \n 3. Human-Human interaction
Ethical questions in AI?
Bias: is AI Fair?
Interaction bias: data gathered/observed during human machine interaction
Latent bias: based on the type of data given to the machine, it is analyzed to ignore uncommon information
Selection bias: selecting specific information for the system
Human interaction: will we stop talking to each other
Employment: is AI getting rid of jobs
What is the internet?
A network of networks, joining many government, \n university and private computers together and \n providing an infrastructure for the use of E-mail, \n bulletin boards, file archives, hypertext documents, \n databases and other computational resources
What challenges did the creation of the internet solve?
Basically inventing digital networking as we know it
Survivability of an infrastructure to send / receive \n high-speed electronic messages
Reliability of computer messaging \n
What is internet security?
Include browser security, the security of data entered through a Web form, and overall authentication and protection of data sent \n via Internet Protocol.
What is security?
Protection against intentional harm
What is safety?
Protection against accidental harm
What does a request do?
Identifies your computer and where it is located
What does a response do?
Carries with it unwanted hidden software
What is hacking?
Penetrating into someone’s \n system with their permission and a purpose \n of securing it
Who is a hacker?
Intelligent individuals with computer skills \n and an ability to explore the system details. \n For some, hacking is a hobby. Their intention \n can either be to gain knowledge or to explore \n and do illegal things
What is cracking?
Penetrating into someone’s \n system without their permission just for fun \n or to harm that system and get some \n crucial data.
Easy way to remember hacking
Legal activities done trying to \n improve technology
Easy way to remember cracking
illegal activities, hacking with a \n malicious intent
What can hackers and crackers do?
Someone who bypasses the systems and \n passwords.
Taking advantage of weaknesses left in \n the system by developers.
Computer programmers.
Access confidential information.
Broadcast confidential documents.
What are methods of hacking?
Over the internet
Over LAN
Locally
Offline
Theft
IP Addresses
Telephone
Different types of hackers
black hat
white hat
grey hat
blue hat
hacktivist
script kiddie
elite hacker
bots
What are black hat hackers?
Malicious hackers
Villains
Violate Computer Security
What are white hat hackers?
Computer Security
A computer hacker intending to improve \n security
The Hero
Also called an ethical hacker, employee and authorized hacker
What is a grey hat hacker?
(Mixture of white and black, offers their services \n to improve the system for a fee). A hacker who will identify but \n not exploit discovered vulnerabilities, yet may still expect a \n reward for not disclosing the vulnerability openly
What is a blue hat hacker?
(consults firms, perform system tests before \n launch). Invites professionals to find vulnerabilities.
What is a hacktivist?
Utilizes technology
What is a script kiddie?
(Skiddie) – non-expert in technology lacking \n knowledge, immature, trying to crack into systems by using \n products created by others. Early hackers
What is a elite hacker?
The most skilled hacker. Master of deception
What is a bot?
Software tools that hackers use
Advantages of ethical hacking?
It helps to fight against cyber terrorism and national \n security breaches. \n ➢ It helps to take preventive actions against other hackers. \n ➢ Detects the weaknesses and closes the gaps in a system \n or a network. \n ➢ Prevents gaining access from malicious hackers. \n ➢ Provides security to banking and financial settlements
Disadvantages of ethical hacking?
➢ Might use the data against malicious hacking activities. \n ➢ May corrupt the files of an organization. \n ➢ Possibility to steal sensitive information on the computer \n system. 25
Phases of hacking
reconnaissance
scanning
gaining access
maintaining access
covering tracks
Types of attacks?
SQL Injection
DDOS attack (distributed denial of service)
social engineering
computer virus
computer worm
trojan horse
sniffer
What is an SQL injection?
a type of attack often used against data driven applications.
\n Code injection technique that might destroy database.
\n It is a technique that exploits an application \n security weaknesses.
Takes advantage of non- \n validated input vulnerabilities to pass SQL \n commands through a web application for execution \n by a backend database
What is an SQL injection used for?
Used to steal databases full of credit card \n information, passwords, or personal details
What is an SQL injection mainly used for?
To take over database servers
How do you prevent an SQL injection?
Use prepared statements
Use stored procedures (that can be saved and used \n over again)
Validate user input
What is a DDOS attack? (distributed denial of service)
Make a machine or network resource inaccessible \n to users.
Its a cyberattack that causes the servers to refuse \n to provide services to genuine clients
What are the 2 types of DDOS attacks? (distributed denial of service)
Flooding and crash attack
What is a flooding DDOS attack?
the hacker sends a huge amount of traffic to the server which the server can not handle. And hence, the server stops functioning. This type of attack is usually executed by using automated \n programs that continuously send packets to the server
What is a crash DDOS attack?
the hackers exploit a bug on the server resulting in the system to crash and hence the server is not able to provide service to the clients
What do DDOS attacks usually utilize? (distributed denial of service)
botnets
What is a botnet?
A number of devices connected to the internet where each \n device has one or more bots running on it. The bots on the devices and malicious scripts used to hack a victim. Can be used to steal data, send spams and execute a DDOS attack
How do you prevent DDOS attacks? (distributed denial of service)
Use Anti-DDOS services
Configure Firewalls and Routers
Use Front-End Hardware (or application front- \n end hardware)
Use Load Balancing: efficient distribution of \n network or applications across servers
Handle Spikes in Traffic
What is front end hardware in DDOS attack prevention?
any hardware that optimizes or protects network \n traffic. It is placed on the network's outward-facing \n frontend or boundary
What is social engineering?
the art of manipulating people into divulging personal and confidential information
Requires very little technical skill, relies heavily on human interaction, most often used with other exploits, sim hijacking
How are malware and viruses used?
Used by an attacker to steal data, disrupt \n operations or access a private network.
Used to describe many different types of \n software including viruses, worms, \n Trojans, key loggers, spyware and others
What is a computer virus?
Any hostile computer program that can \n replicate itself and spread from one \n computer to another without input from its \n creator.
Needs to attach itself to an existing \n program in order for it to work.
They are used to deliver many different \n payloads.
What is a computer worm?
A program similar to a virus; it can replicate \n itself and spread from one computer to \n another.
Unlike a virus a worm does not need to be \n attached to an existing program in order to \n function.
Always cause harm to the network, even if it \n is just increased bandwidth consumption, \n whereas a virus will always corrupt and/or \n modify files on a computer. \n
What is a trojan horse?
A program that pretends to do one thing, but in \n reality does something else. May appear to be a \n normal program, but in fact does something \n malicious.
Used to record keystrokes input by a user. \n Can be used to steal usernames, passwords, \n credit card information, personal details and so on.
They do not replicate as viruses do, nor make \n copies of themselves as worms do.
They simply give access to some hacker or a \n cracker. \n
How do you prevent malware and viruses?
Install firewalls
Program/network security system used to \n monitor (allows/block) network traffic.
Have a set of predetermined security rules \n to filter packets trying to enter the network.
Usually placed between (on the boundary \n of) a trusted and untrusted networks. \n 41
What is a sniffer?
A program and/or service that monitors \n data travelling over a network. Sniffers are \n used to steal information off a network.
Unauthorized sniffers can be extremely \n dangerous to a network’s security because \n they are virtually impossible to detect.
Used especially in the Wi-Fi connection.
What is a temporary solution to sniffers?
Used to prevent access to computer \n systems by unwanted programs.
Utilizes many different methods to protect \n the computer.
Often search for signs of viruses on every \n website that is visited and do regular \n scans of the computer to check for \n infections. \n
What are the types of hacking and data theft?
password cracking
brute forcing
dictionary hack
packet sniffing
phishing
pharming
spear phishing
key loggers
spoofing
IP spoofing
What is password cracking?
Attempting to guess a password \n using a program
What is brute forcing?
A program that guesses a password \n by inputting as many randomly generated \n passwords using the computer’s processing power
What is dictionary hack?
A program that guesses \n passwords based on words in a dictionary or the \n program’s vocabulary
What is packet sniffing?
Sniffing packets sent over the internet \n to gain security details over unsecured connections
What is phishing?
Is the attempt to acquire sensitive \n information such as usernames, passwords, and credit \n card details (and sometimes, indirectly, money) by \n pretending as a trustworthy entity in an electronic \n communication. Legitimate looking sites designed to \n lure users. Ex. An email sent.
What is pharming?
Another technique used to steal confidential \n access code. It works by redirecting users to a rogue \n server. Example: malicious website that resembles a \n legitimate website – used to gather username/pwd
When does spear phishing occur?
when criminals \n obtain information about you from \n websites or social networking sites, and \n customize a phishing scheme to you
What are key loggers?
records keystrokes and can be \n software or hardware
What is spoofing?
can be define as misrepresenting \n the sender of a message (e-mail, IM, letter, \n resume, etc.) in a way that causes the \n human recipient to behave a certain way
What is IP spoofing?
Masks the IP address of a \n hacker and prevents them from being found. \n ◼ When a hacker spoofs an IP address through a \n Web site, it is known as IP / Web spoofing
What are the types of hacking attacks?
Domain Name Server Tunneling
Eavesdropping
Jailbreaking
Business email compromise
Cross site scripting
drive by attack
What is DNS tunneling?
an attack designed \n specifically with the intension of providing \n hackers with continual access to the target. \n ◼ Enables the hacker to insert (or tunnel) \n malware into DNS request coming from the \n client to the server by tempering with the \n HTTP (protocol)
What is eavesdropping?
Involves a hacker intercepting and accessing \n the data traveling across a network by \n exploiting unsecured communication
What is jailbreaking?
Involves a hacker “rooting your device to \n allow the installation of software that has not \n been verified by vendors or made available in \n official app stores. This leaves the device \n vulnerable to incoming malware.
What is BEC? (business email compromise)
attack involves hacker targeting \n employees with authorization privileges for \n various transactions.
What is cross site scripting?
An XSS infects users by inserting malicious \n scripts when a user visits a website, thereby \n infecting device, stealing cookies, credentials, \n etc
What should you do to be safe online?
Know \n -What information is sensitive \n Be Aware \n -Of how criminals try to gain access to it \n Protect it
-By taking adequate precautions \n
How do you protect your computer?
Use anti-virus software, use anti-spyware software, keep computer updated, use a firewall,
How to prevent phishing attack?
Do not enter sensitive information in the \n webpages that you don’t trust
Verify the site’s security
Use Firewalls
Use Antivirus Software that has Internet \n Security
Use Anti-Phishing Toolbar \n
Skills to prevent cyber crime?
Spam blocker
Anti Virus software
Firewall protection
Encryption software
Caution in providing personal information
Secure Shopping
Avoidance of scans
Monitoring of your child’s computer \n activities
Measures to reduce shortage of skills
Employ more skilled individuals \n ◼ Pros: Eliminates the need on relying on a \n small number of people \n ◼ Cons: Very costly
Improve education on internet security \n and/or lower costs for fees
Job Awareness: people are not aware \n certain jobs are available
Higher starting wages to give potential \n employees an incentive
What are ways criminals manipulate us into giving information?
reciprocity
consistency
social proof
authority
scarcity
What is reciprocity?
When someone does something for us, we feel obligated to repay the favor
What is consistency?
When we commit to do something, we tend to feel pressure to follow through
What is social proof?
We like to do things other people are doing
What is authority?
We comply when a request comes from someone with authority
What is scarcity?
When something is scarce, we’re more likely to act