BeinCrypto spoke to Jindrich Karasek, a cyber threat researcher at Trend Micro. He spoke about his threat analysis as art, visualization of AI learning, and the non-fungible token (NFT) phenomenon.
Imagine data points like microcosms spiraling in your visual field. They form quantitative arrangements of intricate designs as they converge into a swirling vortex of mathematical patterns. These impressions are a new modern art form.
However, a closer inspection reveals that each point, each line exists as actual data objects in a graphical representation generated during the tracking of malicious activities in cyberspace or other fields of study that also utilize dataset-producing technologies. Thus, this is where threat intelligence and art converge.
Jindrich Karasek is a security data analyst and cyber threat researcher from Prague, Czechia. He is also known as 4n6strider and is a weaver of these sinuous webs.
Using natural language processing, he produces graphic illustrations of the relationships between data points. Thus, forming complex patterns that sometimes have the semblance of worldly objects.
The art he creates works with a multitude of cyber security projects. This is as a result of the research performed on a variety of cybersecurity-related topics.
These include the activities of a sophisticated phishing kit that was used in an espionage campaign. These graphical outputs could also be from social media leaks, bot traffic, open-source projects.
Finding the intersection of security and NFT art
The journey started back in January 2013. Karasek was inspired by how this kind of visualization helps give understanding to the complex protein structures. As a result, he began to produce imagery of his own.
“I knew from my studies that data can be clustered to produce hyperstructures which can have properties on their own.”
With this in mind, he started to use this approach to analyze cybersecurity problems in more complex ways. This is in order “to derive the ‘ontology’ like the complete core narrative or paradigm, to understand what I see.”
The next step was to figure out the best approach for machine learning and automation.
“If I teach machines how to get the data and seek this core concept, they might be able to do that on their own. Better, faster, and in scale. But, this is now known as machine learning and all the buzzwords.”
In the earlier years, he worked on the concept but waited until he found the proper way to express it.
He aimed to draw the outline of the data in the way he saw it while preserving the information it possesses. Therefore telling the stories from the pages of his hacker diary.
“I played with SNA tools like Gephi, Pajek, Casefile, and back then I processed data manually with Excel, SharePoint, MS Access.”
SNA stands for Social Network Analysis. In other words, the software allows him to process the data into graphical outputs.
Sensitive projects covered by art
Karasek points out that due to the sensitive nature of some of the projects, the only indication of the work is in this art form.
“It is also a paradox that I can’t even spell some of the projects due to NDAs, but it’s cool to make an artsy picture about it. I’m balancing on the edge of the blade here.”
At the heart of his pieces are his recurring themes of nature and the brilliant technological processes of how he visualizes them with data.
“You see that the equation for calculation of the protein interactions is similar to the calculation of interplanetary forces. Those subatomic particles are driven by the same group theory like the clusters of the galaxies in our universe.”
A new form of experimental NFT art
By definition, Karasek is a data artist. Data art, or information technology art, is a new form of experimental and conceptual art. It encompasses all forms of technology, utilizing data or artificial intelligence to create art.
The earliest displays of information technology art go back as far as 1970. Two such exhibitions came out the same year. The one was the Software, Information Technology: Its New Meaning for Art, at the Jewish museum in New York. The other was Information, exhibited at the Museum of Modern Art.
In the 2000s, emerged the generative art movement, where artists began rendering images using software programs.
Mark Napier’s piece, Sacred Code (2003), uses algorithms from The Old Testament, The New Testament, and The Koran using binary. Flight Patterns (2009) by Aaron Kobli brilliantly displayed flight patterns using data from flight traffic.
Data art has evolved into a legitimate art form, where the combinations of data, programs, and artificial intelligence (AI) create endless possibilities for visualization.
Some have referred to Karasek’s art as “the art of cybersecurity,” which on a surface level is an accurate assessment.
However, his work goes far deeper. When Karasek looks at the constellations through the lens of a data artist, he marvels at their beauty and natural geometry.
“I am fascinated by the laws of nature, observed with modern science. It inspires these thoughts. I really love the night hikes in the mountains where the stars are closer.”
“I am inspired by seeking the true nature of things.”
Karasek seems to have a true artist’s concept at heart, with a deep understanding of his creations, which stem from an even deeper inspiration gleaned from the world of nature and the cosmos.
“I am inspired by seeking the true nature of things. This [is an] exploratory process for breaking subjects to tiny details, understanding them, then building it back with the knowledge.”
He says the advances of modern neuroscience also inspire him, perhaps not unlike a brightly colored MRI.
“I form the nebulas to use the natural brain and sight features like the anomaly recognition, which works much better in graphical form than in the numbers,” he explains.
Unlike a brain scan or any visualized form of data, Karasek’s data personifies the intersection of art and technology.
It is not just an accidental graphical display. It is a long, arduous process meant to evoke an emotional response from an audience.
“You tend to assign shapes you see and imagine them to be the objects you tend to like, dislike, or even fear. This all is based on the current mood, memories, and experience of each and every individual at the moment.”
NFT, art and machine learning combine
In order to understand the significance of his artwork and its implications, some preliminary knowledge of machine learning is helpful.
Machine learning is a process by which a computer algorithm builds a model based on sample data points in order to make predictions or decisions without being specifically programmed to do so. It is meant to mimic human learning.
The more data points the algorithm has, the more likely the computer will be able to make accurate predictions about the behavior of future data sets of similar nature.
In Karasek’s case, his data analysis reveals patterns in the data points of cybersecurity incidents. These can then be recognized by the algorithm to prevent future incidents.
Not only is Karasek producing mesmerizing works of art through these datasets, but he is also providing a visual medium to depict the outcome of the events in the set.
“Nodes are the nouns, and edges are the verbs,” his website says. “This concept helps to tell a story with the picture, as well as provide a cybernetic concept for the particular data analysis itself.”
This means that every node depicted in the graphical output is an incident. Every edge or line connecting from the node to the macrocosm depicts the action that is occurring from the incident.
To begin, he selects the source for the data, and if need be, anonymizes it to conceal confidential information that might be gleaned from the points.
Then, he generates the dataset and ensures its cohesiveness, thereafter using open source tools like Gephi and NodeXL to produce the visualizations.
Karasek’s images encapsulate a web of complex interactions with real-world consequences and applications in a single graphical illustration, further developing his understanding of the natural world and its processes as his AI learns to do the same.
Training bots to understand the meaning behind the texts
To put this correlation into perspective, one of his best pieces, is the NFT “The Lord of the Rings Universe.”
It beautifully depicts a Palantir or “seeing stone,” adapted from the world of Tolkien, which contains all that existed in the Tolkien Universe.
“Lord of The Rings Universe.” Source: Jindrich Karasek
Karasek asked Eolas, his chatbot, to search for “Lord of the Rings.”
The results were generated using wikidata which were searched for by the chatbot and parsed with some NLP logic. This prodocued an elaborate graph consisting of 31,000 entities that were connected with 71,000 correlations.
“I used NLP techniques to extract the knowledge graph to draw an ontology of the Tolkien creation. As for the input I have used publicly available data, from the web.”
“It is more than just art. It is testing the core of my new bot, Eolas, which I will train to understand the meaning behind the texts to help me with cyber threat hunting,” he explains.
“I’d say how is this different — that it is visualization of the AI learning in process. And somehow we must tell that the production of the pictures is the path, not the goal. Just my digital hacker’s diary.”
Not just works of fiction for the NFT
Another example is “APT Chat Server Monitored.”
It involves the monitored activities of an advanced persistent threat (APT) group that was using Internet Relay Chat (IRC) to communicate with the members of their group.
There, 101,628 lines of text captured in clear text from the chatroom represented in the NFT.
“APT Chat Server Monitored.” Source: Jindrich Karasek
To illustrate this activity, he explains how the nodes in the image are, in fact actual APT operatives.
“I discovered a new group of hackers, targeting the cloud-based machines. During my initial research, I also spoofed their IRC server to make them communicate over my own server. The picture shows this communication in the form of ‘flows.’ Means that the question-answer is one flow.”
Karasek explains how he was able to intercept all matters of their operations. These included the onboarding of new members and devices, as well as some of their private matters.
“They had no idea someone was listening, and until this day,” he said, “I have no recollection that they’d ever found out that they used my server for so long.”
Another NFT, “Hackers Stealing Instagram Profiles of Famous and Rich Users”, offers a rather mysterious portrayal of 43,000 actions being performed to a malicious host. These are 14 different scams, including e-commerce phishing that targets finance, healthcare, non-profit organizations.
Hackers Stealing Instagram Profiles of Famous and Rich Users. Source: Jindrich Karasek
The traffic generated was quite robust, consisting of traffic coming to and from the threat actors.
“I think a lot has been written already about this topic, also by me. But still, this may be a hot topic and the group is still operational.”
Fascination with the NFT
As already mentioned, he has minted all these projects as NFTs. Karasek explains that he is fascinated with these tokens.
He says that the NFT phenomenon, “opens the door to a whole new world of entities online, a whole new ecosystem with its own economy and even the security issues.”
He mints his art as an NFT in order to affix his “hacker’s diary” to the blockchain. In addition, he wants to claim the authorship of his pieces to prevent his work from being plagiarized.
“I also like this idea of having a visual diary of my works online. For my own sentimental reason, for the others to also make an awareness of cyber security issues.”
He previously had no way to really address the work’s authorship. Therefore, this allows him to digitally sign his work.
“Authorship and ownership of digital art is tricky. [An] author can create one piece, multiple pieces, and somebody else can come and copy the art and produce the art piece on their own. NFTs solve this issue just the right way. In blockchain, there is a record of creation of the art, initial ownership by the author and later on, it can be sold or gifted to another, transferring the ownership.”
Jindrich Karasek was interviewed by Ana Alexandre