CharmVerse chats w/ Dr. Junyu Liu of SeQure

Recorded: June 15, 2023 Duration: 0:39:48

Speaker

Player

Snippets

♪ It's made into the world ♪ ♪ It's hanging up around ♪ ♪ Always thinking of ♪ ♪ Everyone else before himself ♪
Worries of bullying that just won't let me be Charity keep busy, totally and struggling No homes in support, me and the ash can't settle down
♪ There I'm aware I found ♪ ♪ So I sink another round ♪ ♪ Let's see both of the pain ♪ ♪ And there's no one more to play ♪ ♪ I'm accused of it, sir ♪ ♪ That my one worth is all this pain ♪ ♪ Worthy to believe ♪
♪ The judge will let me be ♪ ♪ The judge will keep me busy ♪ ♪ Toss the link in struggling ♪ ♪ Still always keep everything ♪ ♪ When the growing guest comes ♪ ♪ Back to labor of our love ♪ ♪ Let me walk ♪
♪ When the sun is gone ♪ ♪ Still always remember me ♪ ♪ When the golden years dawn ♪ ♪ And the labor of love ♪ ♪ When the sun is gone ♪ (upbeat music)
Hello, hello everybody. Thanks so much for joining us. Really excited for the chat today.
I'm Sandra. I'm the community manager for Charmverse as well as your host for this Twitter space. For those of you not familiar, Charmverse is a Web 3 community platform for managing members, coordinating tasks, facilitating decisions, and holding each other accountable. Members sign in with crypto wallets and gay
and NFTs. It brings together onboarding, payment management, proposals, project trackers, and data repositories all in one place. If you have not checked it out, I encourage you to do so, but not until after the space today. Because today we are joined by Dr.
for a new junior, new founder and CTO of Secure. Secure is powered by AI and cybersecurity scientists and leaders and provides next generation security solutions and infrastructure for AI and blockchain. So today we're going to be diving into AI and security
whether that be security enhancement using AI technology as well as AI technology with security guarantee. So let's welcome Dr. Lue to the stage. Hey Dr. how are you? Hi so can you hear me? Yes I can welcome welcome. Great great thank you very much it's my great
pleasure to be here and I'm happy to share some of our thoughts and also our products about AI and security. Yeah, I'm really excited to chat with you and full disclosure. This is not something I'm very well versed in so I'm excited to learn myself and I'm sure I'll listen
So thank you so much for taking the time to be here. I'm sure we're going to learn a ton. So I just gave a brief intro of Secure, but can you tell us in your words what you're working on over there? Yeah, so great. Yeah, yeah, Secure is a startup. So,
focusing on AI and security. So we developed reliable AI products and following the most advanced AI technology based on our previous research experience and also business experience and also with
We do, for instance, entry monitoring of Web3 community using AI technology, such that it could get some of the most recent information about hacks, and it could determine an exam if transactions
So those are the products we have worked on. We have primarily two products at this moment. So the first one is called the secure AI, which is, as I mentioned before, using AI-related technology to do on-chain monitoring.
And another one is the Cacheer Robert, which is powered by a large language model. And such that you could reliably use the chatbot to ask for, for instance, financial related or a web series related questions.
Interesting. Yeah, I'm excited to dive into this because I know, you know, there's definitely two sides to this. Some people are very nervous about AI and others are fully embracing it. So what would you say
What do you consider to be one of the top security risks in Web 3 right now? Yes, so that's a great question. So in Web 3, we see that there's lots of hacking events. So maybe like a weekly or even monthly or even daily.
that there are potentially lots of hacks. So you can always say some news that there are some blockchains or some websites or some accounts or some consmart contract has been hacked or people find new posts and steal lots of money.
The coast is huge, so we did detailed research on which kind of hacking winds are possibly happening. There are some more traditional hacking winds that happen in Web2 as well, but maybe not so frequently.
So called the private key. If you release some priorities, as a it's going to be in some like a security risk, and then it's very risky to do that.
This one was the most common hacking ones. And there are some other hacking types. And for instance, there are a flash roll and hacks. And there are also some trapdoor hacks. And also some other more hacking
different hacks that's specifically for Web3. So all those different hacks and including of course the smart contract loophole. So those are like a I think important security risks at this moment for the Web3 community.
Absolutely. So when you say trapdoor hacks, is that like clicking a link that's taking you to the wrong place? No, so that's that's that side is more like a traditional hack. For the trapdoor hack it means that there are some codes that you do
the notice that has been written for the web story and there are some doors that inside such that you could easily open it and then for instance get a key or steal some important information
from the system. So that often happens when, for instance, like the programmers and not very familiar with the system and one of the reasons because WebSeries is kind of new field and many security layers has not been established yet.
So there are some errors potentially in the code and also I'll notice Hacking wins and that could potentially happen and and this is type of one type of the hacking and that potentially could happen in Web3 Yeah, right because it's new a lot of the people that are building this these codes are
not used to writing for the blockchain and stuff like that, right? Yes. So we're still developing that, which could obviously leave us open to hacking. So I guess that takes me to my next question, which is how is secure minimizing these risks?
So what we are trying to do was specifically secure AI this product. We are helping you like minimizing or identifying which kind of transaction you could have is potentially a hack. So what is this? Is that because we know that there is a
in web story or blog shows, the transactions, many transactions are public that you can see everyone's transaction in the public chain already although it has been hashed or it has been encrypted but you can still see them. So what we did is that we use AI to make analysis on the
distribution of the transactions and also the distribution the hacking wins and sorry distribution of the normal transactions and what it should look like and then if there is a hacking that happened that the year must be some abnormal feature of that transaction and then as
Sometimes the machine is taking enough data as a machine is able to identify immediately if that hack is a abnormal sign or not. If that transaction is abnormal or not. So using this method, so we are able to identify a very
a time and which kind of given transaction is the hack and then even classify which hack which type of hack it should be. And is that because of the releasing of the private keys where it has been because of some other reasons where it is traditional maybe social engineering type
packs and the potentially so the algorithm itself will classify the type of pack and also give you a security score that is according to how security it is for that given transaction. Because the transactions are many of them are public.
So it's going to be very convenient for us to take the data and train the machine. So basically, using this way, we are able to give the customers a very fast alarming of which kind of transaction is abnormal or not using AI.
Can you give me an example of something that would be an abnormal behavior that you would be able to Find or identify great so for instance, well the Successful example we have is that we get partnership with another cross-shin bridge, which is also one of the most common
the place where people get hacked because cross-stream bridge is very complicated and also it has lots of money and inside the account of that cross-stream bridge which is a bridge that is connecting two different options where gravity with poly networks and historically
It has some hacking events that people already find it was hacking. But what we did is the following experiment, we take the normal data, result those transactions and historical hacking transactions. As I asked the machine, if those
and the way we do this back test, history test, and the way we could identify actually nine hackings that has been already identified by other people, that is they indeed have.
But we do find that our machine could nervous even without that information. We only need to give normal data, a normal transaction history to the machine. And the machine is able to identify, it's a huge, abnormal factor in the machine.
those historical transactions that a point network has which happens I think in 2021. So this is an example where we are able to identify some abnormal transactions. All those nine transactions could have been identified.
Fascinating. Okay, so is this, I recently read an article, is this anomaly detection? Is that what it could be called? And I would assume, maybe I shouldn't assume, but you're a proponent of this because this is what you're trying to do, right? Yes, yes, exactly.
So listeners, so anomaly detection utilizes artificial intelligence AI to identify that abnormal behavior within the data sets. So
So tell us a little bit. So you're managing and analyzing these growing data sets, right? Yes, yes. Exactly. So basically, in harmony with the texture, it's company used in the Web2 community as well for instance.
There are lots of thieves in the credit cards and they are trying to make some fake transactions and then try to steal other people's information. If that happens and sometimes the system will give you a lawyer.
not allow this kind of transactions. The algorithm underlying this behavior, those kind of monitoring, it's called anomaly detection, that could identify some anomaly in a credit card, the transaction history. So we borrow the same technology to Web 3, but
So what we are going to managing or monitoring is the unchain transaction data. That could happen in various scenarios like public chains like CrossRinbridge and also Digital Wallet and also even
a smart contract worth some specific account and the area transaction that goes through those accounts and we are able to manage them and we are also able to monitor the whole data set. The machine itself will inform you which kind of transaction is
problematic or oblong, and we could even like find a very given amount of transactions, we can find which kind of transactions are most likely to be hacked, or if it is a hacked event and which hacked event it is, it's going to be automatically classified by the algorithm.
Wow, and this is just it's just impractical to think about doing this manually really right right because as a single sequence it's going to be a large number of transactions and in each blockchain and as there are many different blockchains and you cannot do it by your own and by
you probably will hire a huge number of people to manage in so many transactions. But using AI, you are able to deal with them because they are working at every second, ending our website, it's still running as a current stage. And some other advantages, I read a
about. So it's automated, right? And it's real time analysis. Exactly. Yeah. Accuracy, of course, because we're not doing it manually and there's less room for for error. Yes. Yes. And is it true? It's self learning. Yes. So it
So it was taking data. So after you're taking the data and the train machine, we take the normal data and it keeps the data set. And all of them could be downloaded in public space in the public chains. And we download the transaction data.
And when they can access some of them as a machine will be smarter and smarter because they know more and more instances. It's nerdy. Yeah. That's amazing. So it seems that AI powered solutions pretty much enhance the effectiveness and the safety of digital operations.
across various industries and that could be banking medicine marketing any of that. Yes, yes, yes. So in principles we are able to it's it's it's currently working in Web3 but we can like apply the same technology to many
places. For the bank I already give the example of credit cards but there are also some other examples and also for other like fields, the required security like medicine for instance there are some health data and they are private and then
And then when transforming those those the case data and the probably you need some similar methods that combine AI and cryptography or AI and safety that could provide you efficient solutions. Amazing. Um, I don't know if you saw it. I saw just.
before I got on this space, but I was seeing that there were some hackers threatening to pretty much take down the financial system in the US. Did you see anything about this? Yeah, so there are some hacking ones that you know
for instance, in a traditional banking. Although we're working in a Web3, but there are some news that some hackers are trying to find some problem of the financial system and the economy in the stock market in the United States.
And I think these are people and maybe still don't know where all those hackers are coming from. But there are some traditionally some safety concerns that of course people want to make their financial assets to be safe.
Yeah, we need some anomaly detection over there. It seems like. Yes. So I'm curious on your thoughts on Samsung and other companies banning chat GPT and AI chatbots because of data.
What do you think of this? What do you think of banning these types of platforms? Yes, so this is a great question. So this is also related to one or another product. Actually, so one of the reasons that the band is a chatbot,
because the chatbot will of course take the input of your question and the chatbot is that you ask a question and chatbot will answer. So of course chatbot itself will know those questions and the principal, if you ask 100 questions,
They can't make a track you where figure out what you're thinking about or what you're doing and if you ask the chat about some sensitive question for instance about financial data sets about your stop market you ask them you if you have some money or and then you ask how to invest and the those kind of stuff
sensitive questions, a chatbot in principle will know it or open AI or chatgpt will know it. So that is might be a concern. So because then you cannot really use those chatbot for some questions that you want privacy.
So what we are working on at this moment, which will be really very soon, is a product called the secure-ropper that also has the feature of this large language model. We have our own large language model and using this AI technology, making your chatbot, but the advantage of
The algorithm itself is that using cryptographic related techniques, you are not able to, the machine itself is not able to track what is the question you're asking and then what is the output using distributed computing and also some cryptic
Photography method, for instance, trusted execution environment and also even more advanced the multi-party computation, secure multi-party computation, and the so-called holomorphic encryption were able to like build a machine. Where the machine could take
your input and then give you responses. But from the algorithm map, or security perspective, the machine will not know what you are asking. So this sounds a little abstract, but the aim is to protect the security of the input
of the output of the machine, as such that only the users will know it. Even the server, we are not with the movie. So that will significantly reduce the security risk. And I hope for you that those organizations will not ban such a chatbot.
Very interesting. I love that. Yeah, so sorry listeners. I probably should have expanded on that a bit. Samsung Bandit, I believe because they had employees asking questions that were they didn't realize but was divulging information that the company did not want.
I've washed. So they ended up banning this. So it sounds like with the with the bot, you're building, you're you're eliminating or at least minimizing that risk now. Right. Exactly. So using cryptography, so we are able to ensure that. So even if
And the machine will give you the answer. But the machine will not know what is your input by some multiple layers of encryption and decryption and also using some technologies from cryptography. That from the algorithm, we are able to help achieving that.
I like it. So, okay, so how about this? Web 3 aims to decentralize the web and enable users to have more control over their data and digital assets, right? Yes.
That being said, I assume that that shift also comes with a range of security implications as well that you need to be considered. So what would some of those risks be that we're looking at when we're talking about everyone moving more and more to a decentralized system? - I would say that it's hybrid.
So firstly, and the aim of decentralization, one of the reasons that is safety and privacy and security, because part of the reason is that we want decentralization. We want our data or digital assets
So we want to decentralize distributed computing system that could assist us. But on the other hand, the system itself is complicated because it's decentralized. You have used lots of algorithms and then you have lots of extra efforts on encryption
and the decryption so that will make the system to be higher standing point. So because it has a higher standing point, so it requires more effort on making the system to be safe and also to minimizing the risk of, for instance, like coding.
errors in coding or some mistakes in the system and they require more advanced combination of new technologies. Part of the reason is because it has a higher standing point. My personal opinion is hybrid.
Although that the decentralization itself is the motivation itself is safety and privacy. At least one of the motivation is that. But it also gives us like AI people and also like a cryptographer
new opportunity to invent and deploy new algorithms and testing new features and also using the most advanced technology combinations and such that it could ensure the whole system is secure enough and everyone has their own privacy.
I like it. So you have, you know, you're you're addressing that identity and anonymity that a lot of people want within Web 3, your data security and the right reliability behind that.
Yeah, they're even economic incentives, right? Right, right. So fascinating. So listeners, in case you joined us late, I'm talking with Dr. Jun Yu Lu, CTO and founder of Secure. So if you have any questions,
for Dr. Lou, please raise your hand. We're happy to try to answer any questions or I should say Dr. is happy to answer any questions because I'm learning just as much as you are today. But Dr. Lou, for our new listeners that have joined us a little late, tell me about some of the core services that you offer at Secure.
Yeah, so great. So our core services is bringing to them providing new products that's good guarantee. Firstly, guarantee the safety of Web3 and other communities using AI technology and secondly, develop
the next generation security guaranteed AI. So currently we have primary two products. Why is the security, sorry, why is the good security AI, which is the product based on anomaly detection that could do
to unchain monitoring that monitor if a given transaction is a hack or not. It's that abnormal or not using some unchain monitoring technology called anomaly detection. So there is another product called the secure robot which is a large leg
model chatbot system, but it will completely protect the safety of the user, such that the machine will not know the input and output of the user. It will completely minimizing and eliminating the possibility
of data leasing and data leaks in the system. So those are the core services we have provided right now and in the future we will keep working on those directions and providing new products that combine in technology
from AI and cryptography such that you feel guaranteed is a safety and the efficiency of the users. And how can the listeners implement secure into their work? Can they do that today?
Yes, exactly. So here is the website. Actually, we recently launched and you can check our website for details that we are doing anti-monitoring of part of the transaction of Ethereum and other blockchains. And then for a given transaction is updated
In the real time, we will give a security score and also give a security level of those transactions. And you can visit today right now. It's going to be on the website. But on the other hand, our system
Our product is more of a two-B system, so it's going to be maybe more useful for developers and also web series programming managers. But airlines welcome to visit our website and take a look on new features of secure products.
Yeah, listen, there's definitely go check it out. There's a bunch of information there. It's secure.ltd and Secure is spelled secqur.ru. So, Dr. Liu, when and how did you discover your passion for AI and Cybersecurity?
Yeah, so in the past I was I was a physicist that I in the past I Spend the first few years in my PhD studying physics and my primary working directions and was quantum computing so
So which is that using quantum technology to speed up computation and from zero that I know more about especially AI and also security cryptography. So there are lots of developments here and using quantum technology to
has the AI capability of AI and also cryptography. So right now, and then I discover those fields are interesting and also very practical and very useful for the current user. On the other hand, I do notice that in the web series coming
community were also very passionate about the whole web series community, but I see there are lots of hacks. So for those hacking wins, and then I find that there should be some technology ways that based on technology I know that could deal with them.
And also, I think Web series, the OAM, it's already stage. So it do needs some fundamental security layers, and that will help customers and help other people. And I just find using those technology combined AI and security to build
the safety and safe AI system. They are very important and very useful for not only web3 but also for the whole community. We do need a safety guarantee the AI and also using AI itself to protect the safety and security.
of ourselves, of our digital system. So that is the reason why I found secure and together with WebSray people that trying to contribute and to the field making use of some of my knowledge.
Well, I'm glad that you're on it because I think AI is here to stay. I think there's a lot of concerns about the risks that come along with it. So to have a brilliant mind like you working on these solutions, I'm glad to know someone out is out there doing it. You seem to be the right person.
So, yes. So, how about, what would you say, like one of your biggest challenges is that you're up against right now with your work in AI and cyber security? In the past, I also worked on AI and cyber security, but also more of an economic research. When I was first of all, you're trying to go through the
world in the studying webstray and then originally I feel some cultural conflict but later I feel that it has many connections and if you are bringing knowledge from the academia and to the industry and then you can like find that you're like a
I think the original idea was
difference, I face some challenges, however after a later time I realize that it has many connections and then it will make me to have a smooth transition and of the knowledge from the academia to the industry. I like it, you were able to merge the two and really
benefit from both of them working together. Yes, yes, I think so. It was fascinating. Yeah. Yeah. So, and what do you think the future of AI and cyber security is? I think the future is a it's a bright future. I think firstly AI is I think it is one
the mainstream of our time that it's one of the most important technologies that we have and zero slow-topped, I think it's a common sense that AI will revolutionize our industry and our world and potentially. And at the same time, there are lots of
about security of AI and also and and maybe those machines are too smart and it's called AI alignment and the security is part of them. So which is how to make AI to be consistent with human benefits. I think this is something that
that's always needed. So I think the future is bright and especially the hot topics right now and from AI to Web3. And I think looking at the connection of them is a fascinating opportunity and I would recommend people looking more at the secure products and
And also, they are with these opportunities here. And also, I think I would encourage people who are interested in AI and cryptography, we are joining this field. Either AI or Web3, especially their connection. I think it will be a bright future.
I'm glad to hear that. How about lend us some advice for the future AI and cyber security scientists and leaders that are listening in? What's some advice that you would pass along to them? Yeah, my advice is start to talk
into secure. But in general, I would feel that the advice is that just to keep understanding, for a site, just keep understanding what is the need of the market. And then if you
understand what is the need of the market, then you are able to probably make more useful products and also do more useful and impact for research. But also I think my suggestion is taking a look at our secure website and the way we
the beast, several opportunities for our future. Fantastic. So can you drop some alpha? What's next for you? For secure? What should we be keeping an eye out for? Yeah, so great. So we are at the moment.
and employing developing and making the product better at our hand. Our technology is scalable and it will be like a business is scalable as well. It will grow together with the
market. And then we will keep working on those products and making more research results inside and also making more developments effort and providing more smooth and advanced service for the user.
Amazing. I'm really excited to follow the journey, see what you continue to build. So listeners, secure is powered by AI and cybersecurity scientists and leaders and provides next generation security solutions and infrastructure for AI and blockchain.
If you came in late, we will have this available for you to listen to. Dr. Genu Lu is brilliant. I've learned a lot and I know that there's so much more out there. And for all you future AI and cybersecurity scientists and leaders,
As he said, keep following along and understand the needs of your market and of course visit secure and learn from them because they are certainly leaders in this space. So Dr. Liu, thank you again so much for taking the time to chat about this. It's fascinating work you're doing and I'm
So glad to know you're out there keeping us safe. Thank you. Yeah, thank you very much. So it's also my great pleasure to be here. I'm happy to chat with people and also make him friends. Absolutely. Me too. And listeners, make sure you click on his PFP. Give him a follow.
Also, go follow Secure and that's at the Secure on Twitter and then as I said the website secure.ltd and that's secure with AQ. So please go check it out. Yeah, just go check out all the AI and
cybersecurity stuff they have going on. It really is fascinating. And thank you again, Dr. It has been a pleasure talking to you and learning more about this topic. Thank you. Thank you. All right. Have a fantastic day. Thanks everyone for tuning in and we'll see you next time. Bye. Bye bye.