From April 10th to 11th, the 2024 Cloud-Network Intelligent Connectivity Conference was held in Beijing, where experts, scholars and enterprise representatives in the field of computing networks gathered together to conduct in-depth discussions on new technologies and hot spots such as intelligent computing networks, computing infrastructure, and network security. New H3C Group, a subsidiary of Tsinghua Unigroup, was invited to attend the Cloud Network Security Forum and shared the technical exploration and successful experience of H3C in integrating AIGC with traditional network security capabilities and relying on large-scale model technology to build a security foundation for hundreds of industries.
While the speed of technological innovation is growing exponentially, generative AI technology has also generated many security problems such as the spread of false information, data privacy leakage, bias and discrimination, and how to coordinate the development of generative AI and security compliance has attracted the attention of all parties. Fu Zhiqiang, Director of the Security Product Line System Department of New H3C Group, pointed out in his speech that security is the core cornerstone of AIGC practice, and AIGC is also the best means to improve security capabilities. H3C has taken advantage of the momentum and applied large-scale model technology to different stages of business lifecycle protection, realizing the enhancement of capabilities from basic operation and maintenance to overall operation, and providing users with higher-level intelligent security capabilities.
Addressing Three Challenges and Building a Large-scale Model Security "Protective Shield"
In the process of large model training and service, massive data is required, and in the face of challenges such as industry model training security, compliance supervision of generated content, and operational environment attack threats, H3C has built a large model security "protective shield" based on the concept of active security to consolidate the foundation for intelligent development for industry users.
- Establish industry models and standardize data governance: Different from traditional network security, large models in the security field have strong industry attributes, and industry models need to be trained based on industry data. H3C works with vertical industry users to create industry models that are more suitable for industry application scenarios, focusing on the three core contents of pre-training, model fine-tuning, and evaluation and testing, effectively solving the bias of large models and realizing data security governance.
- Content compliance to meet regulatory requirements: Data compliance is the only way to go for generative AI. The large model filters and avoids violations from the input side, model side, and output side, accurately identifies various violation risks, and comprehensively ensures content compliance.
- Intelligent computing security foundation to ensure the operating environment: The large model business relies on massive computing resources, and faces risks such as vulnerability exploits, network attacks, and data leaks during operation. H3C focuses on the four core scenarios of regional border protection, public safety services, traffic security monitoring, and computing facility supervision, and builds a security foundation for intelligent computing to fully ensure the safety and reliability of large models.
Focus on scenario-based applications and large models empower new development of security
Large models are a "double-edged sword" for security—they not only bring new security challenges, but also empower the development of the security industry. With the use of powerful AI technology, it is possible to achieve both safety efficiency and effectiveness.
With more than 20 years of experience in the field of network security, based on the technical support of a large number of on-network devices, high-quality security data and basic AI capabilities, New H3C Group empowers various security scenarios with the New H3C Lingxi model, and makes security equipment smarter, more efficient and simpler security operation and maintenance through five scenario-based applications: threat assisted research and judgment, attack and defense penetration testing, automatic risk disposal, intelligent operation analysis and intelligent visualization.
- Security O&M: Lack of personnel and expertise are the core pain points of security O&M. The large model can be applied to the entire life cycle of security policies, including rollout, convergence, and verification, greatly improving the efficiency and effectiveness of security O&M.
- Attack and defense practice: The large model can assist attack and defense experts in attack and defense task planning, attack and defense means selection, attack and defense script preparation, etc., reduce the technical threshold of attack and defense practice, and effectively save costs.
- Security operation: The large model has the capabilities of intelligent security detection, risk assessment, analysis and disposal, which can comprehensively improve operational efficiency and open up user business scenarios, so as to provide a scientific basis for customer decision-making.
Digital security is the foundation and cornerstone of the development of the digital economy, and the rise of artificial intelligence technology represented by large models has promoted new changes in the security industry. In the future, New H3C Group will continue to uphold the concept of "intensive cultivation and pragmatism, endow wisdom with the times", rely on the strategy of "cloud intelligence native", and build a smarter, more efficient and more sustainable business security foundation for all industries through deep technical exploration and product and solution innovation.
