“You are being watched.”

Harold Finch’s solemn opening line in the TV series Person of Interest has attracted the attention of millions of viewers and thousands of fans across the world since the US sci-fi crime drama started airing in 2011. Two years after the five-season drama dropped the curtain on The Machine vs. Samaritan brawl, a “machine” is ready to be unveiled in China to detect cyber attacks through monitored internet behaviors.

(Screenshot of Person of Interest)

Qi Xiangdong, chairman of China’s leading cybersecurity company, 360 Enterprise Security Group, said he thinks AI and big data-support is ready for a role in the development of China’s third-generation cybersecurity defense system.

“A cybersecurity system that monitors online behavior will be more efficient. Based on big data and AI behavioral analysis, the third-generation system will be able to identify an attack through intelligence on threats. Behaviors that go against the baseline set up by the system will be reported and warnings will be given,” Qi said, addressing a Thursday seminar on the sideline of the Beijing Cybersecurity Day exhibition.

He noted that the baseline can be adjusted to mark out abnormal behaviors that differ from usual ones.

For example, if a user usually visits a certain company website only once a day, then its baseline will be identified as breached if the website is viewed over 1,000 times a day.

China’s first- and second-generation defense systems relied on blacklists and whitelists to screen out potential threats, but hackers can always find a way to get around such lists, and attackers can also hide their presence, Qi explained.

The new defense system, like the previous ones, will mainly serve businesses and institutes rather than individuals. Hence, it will only look for abnormal activity targeting those institutes. “It will not put personal privacy at risk or damage personal information,” Qi stressed in an interview after the seminar.

A city or a nation’s basic infrastructure is the largest Internet of Things (IoT) nowadays—more accessible to the public than ever before, since many websites no longer grant access to certain groups for the sake of better protection. However, more freedom of access increases the risk of threats and attacks, making a heightened defense system for key basic infrastructures more urgent and necessary, according to Qi.