AI (Artificial Intelligence) and Cybercrime

Abstract

This keynote will explore the broader issue of using socio-technical artificial intelligence (AI) systems in criminology for responding to cybercrime and cybersecurity issues. It will focus upon the importance of matching the delivery of AI with the scientific (technical) claims for it within a socio-political world. By drawing upon research into cybercrime and cybersecurity (including recent ransomware research), the talk will discuss the realities, the strengths and weaknesses, of using AI with regard to attribution and investigating cybercrime, and also preventing attacks to systems. It will argue that the meanings, logic and understandings of AI systems differ across disciplines which can result in significant differences in expectations. The broad conclusion is that because of this an interdisciplinary approach needs to be taken and that AI it is not a silver bullet. AI systems may be useful, for example, in responding to some cybercrimes, but not others, or effective in addressing stages of a cybercrime event, such as preventing malware infection; and even then, only with some major caveats. More importantly, is the recognition that AI cannot actually make hard decisions, but it can reasonably inform aspects of the decision-making processes of practitioners, professionals, policy makers and politicians who are mandated to make them. It is not only important to match the delivery of scientific claims with consumer expectations in order to maintain public confidence in the public security sector, but also because an arms races is developing as offenders are also beginning to employ AI in a number of different ways to help them victimize individuals, organisations and nation states [1]. The first part of this talk will draw upon existing examples to explore the general issue of using socio-technical AI systems to deal with crime and policing in a risk society [2] [3], before identifying some of the additional challenges presented by AI and cybercrime and cybersecurity [4] [5]. The second part will look at the methodological and socio-political problems of delivering science solutions within a socio-political world. The third part will conclude by discussing the practical realities, strengths and weaknesses, of using AI regarding attribution and investigating cybercrime, and preventing attacks to systems.