Using AI & ML With Cyber Security

Uploaded on 2021-03-04 in TECHNOLOGY--Developments, FREE TO VIEW, TECHNOLOGY--Resilience, TECHNOLOGY-Key Areas-Artificial Intelligence

The experts at Trend Micro predict that as cyber threats evolve it is becoming necessary to look at Artificial Intelligence (AI) and Machine Learning (ML) to protect systems and give organizations the best security possible. In particular, Trend Micro think that AI will replace humans in cyber security by 2030. 
 
AI is starting to be used across many sectors, such as the medical industry and the car industry and with advances in technology cyber security needs to be the top priority for businesses.
 
More than ever, organisations from technology companies to social media websites, have started to use AI in order to stop cyber attacks. AI techniques are being used to learn how to remove noise or unwanted data and to enable security experts to understand the cyber environment in order to detect abnormal activity. AI can also benefit cyber security with automated techniques to generate whenever cyber threats are detected.
 
The enterprise attack surface continues to grow and evolve rapidly. Depending on the size of your enterprise, there are up to several hundred billion time-varying signals that need to be analyzed to accurately calculate risk and analyzing a complex organisations cybersecurity posture is no longer a human-scale problem. 
 
AI and ML have become critical technologies in information security, as they are able to quickly analyze millions of events and identify many different types of threats,  from malware exploiting zero-day vulnerabilities to identifying risky behavior that might lead to a phishing attack or download of malicious code. These technologies learn over time, drawing from the past to identify new types of attacks now. Histories of behavior build profiles on users, assets, and networks, allowing AI to detect and respond to deviations from established norms.
 
Artificial Intelligence vs. Data Analytics
 
AI is an often misused term and many of today’s AI offerings don’t actually meet the AI test. While they use technologies that analyse data and let results drive certain outcomes, pure AI is about reproducing cognitive abilities to automate tasks. AI is really about technologies that can understand, learn, and act based on acquired and derived information.
 
AI currently works in three ways:  
 
  • Assisted intelligence, widely available today, improves what people and organizations are already doing.
  • Augmented intelligence, emerging today, enables people and organizations to do things they couldn’t otherwise do.
  • Autonomous intelligence, being developed for the future, features machines that act on their own. An example of this will be self-driving vehicles, when they come into widespread use.
Machine learning, expert systems, neural networks, and deep learning are all examples or subsets of AI technology:
 
  • Machine learning uses statistical techniques to give computer systems the ability to “learn” (., progressively improve performance) using data rather than being explicitly programmed. Machine learning works best when aimed at a specific task rather than a wide-ranging mission.
  • Expert systems are programs designed to solve problems within specialized domains. By mimicking the thinking of human experts, they solve problems and make decisions using fuzzy rules-based reasoning through carefully curated bodies of knowledge.
  • Neural networks use a biologically-inspired programming paradigm which enables a computer to learn from observational data. In a neural network, each node assigns a weight to its input representing how correct or incorrect it is relative to the operation being performed. The final output is then determined by the sum of such weights.
  • Deep learning is part of a broader family of machine learning methods based on learning data representations, as opposed to task-specific algorithms. Today, image recognition via deep learning is often better than humans, with a variety of applications such as autonomous vehicles, scan analyses, and medical diagnoses.
Applying AI to Cyber Security
 
AI is ideally suited to solve some of our most difficult problems, and cybersecurity certainly falls into that category. With today’s ever evolving cyber-attacks and proliferation of devices, machine learning and AI can be used to “keep up with the bad guys,” automating threat detection and respond more efficiently than traditional software-driven approaches. There are several high profile examples of the successful use of Ai:-
 
Google:   Gmail has used machine learning techniques to filter emails since its launch 18 years ago. Today, there are applications of machine learning in almost all of its services, especially through deep learning, which allows algorithms to do more independent adjustments and self-regulation as they train and evolve.
 
Balbix:   Uses AI-powered observations and analysis to deliver continuous and real-time risk predictions, risk-based vulnerability management and proactive control of breaches. The platform helps make cybersecurity teams more efficient and more effective at the many jobs they must do to maintain a strong security posture – everything from keeping systems patched to preventing ransomware. 
 
IBM/Watson:   The team at IBM has tasks and threat detection based on machine learning. 
 
Limitations of Using AI for Cybersecurity
 
There are also some limitations that prevent AI from becoming a mainstream security tool:
 
Resources:    Companies need to invest a lot of time and money in resources like computing power, memory, and data to build and maintain AI systems.
 
Data sets:   AI models are trained with learning data sets. Security teams need to get their hands on many different data sets of malicious codes, malware codes, and anomalies. Some companies just don’t have the resources and time to obtain all of these accurate data sets.
 
Hackers can use AI too:  Attackers test and improve their malware to make it resistant to AI-based security tools. Hackers learn from existing AI tools to develop more advanced attacks and attack traditional security systems or even AI-boosted systems.
 
Neural fuzzing:  Fuzzing is the process of testing large amounts of random input data within software to identify its vulnerabilities. Neural fuzzing leverages AI to quickly test large amounts of random inputs. However, fuzzing has also a constructive side. Hackers can learn about the weaknesses of a target system by gathering information with the power of neural networks. Microsoft has developed a method to apply this approach to improve their software, resulting in more secure code that is harder to exploit. 
 
Conclusion
 
Artificial intelligence and machine learning can improve security, while at the same time making it easier for cyber criminals to penetrate systems with no human intervention. This can bring significant damage to any company. Getting some kind of protection against cyber criminals is highly recommended if you want to reduce losses and stay in business. 
 
AI and ML will definitely play a major role in every sector in the near future. In cybersecurity, it will certainly allow organisations to be better protected, although they should remain on the lookout for advanced cyber attacks.
 
Trend Micro:       DevOpsOnline:      IEEE Computer:       ZDNet:       CIO Story:      Balbix:
 
You Might Also Read: 
 
The Most Important Technologies For 2021:
 
« Connected Cars & Cyber Security
Cybersecurity Job Listings Worldwide »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Pen Test Partners LLP

Pen Test Partners LLP

Pen Test Partners provides penetration testing, security assessment and training services.

CertiKit

CertiKit

CertiKit produce toolkit products that accelerate the adoption of ISO/IEC standards, including ISO 27001, helping organizations all over the world to realize the benefits as soon as possible.

Information-Technology Promotion Agency (IPA) - Japan

Information-Technology Promotion Agency (IPA) - Japan

IPA is an implementing agency in Japan with a role to address Information Security, IT Systems Reliability and IT Resource Development.

CERT-PY

CERT-PY

CERT-PY is the national Computer Emergency Response Team for Paraguay.

Logz.io

Logz.io

Logz.io is an AI-powered log analysis platform that offers the open source ELK Stack as a enterprise-grade cloud service with machine learning technology.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

Tech Nation

Tech Nation

Tech Nation is the UK’s first national scaleup programme for the cyber security sector, aimed at ambitious tech companies ready for growth, at home and abroad.

Red Piranha

Red Piranha

Red Piranha's Crystal Eye Unified Threat Management Platform is designed for Managed Service Providers and corporations that need extreme security that is both easy to use and affordable.

Infinite Ranges

Infinite Ranges

Infinite Ranges delivers secure, comprehensive digital solutions by connecting experts with the best products and services for the digital age.

QGroup

QGroup

QGroup has been re-designing the consultancy industry since 2012. We're a rapidly expanding group of consulting companies that deliver bespoke IT services including cybersecurity.

Matrium Technologies

Matrium Technologies

Matrium Technologies has been a leading provider of technology solutions since 1991, with a strong industry background in Network Testing, Network Visibility and Security.

Etisalat

Etisalat

Etisalat Group is one of the world’s leading telecom groups in emerging markets.

Centroid

Centroid

Centroid is a cloud services and technology company that provides Oracle enterprise workload consulting and managed services across Oracle, Azure, Amazon, Google, and private cloud.

Airiam

Airiam

Airiam provides cybersecurity, managed IT, consulting, incident response, and digital transformation services so you can focus on what matters most.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

BARR Advisory

BARR Advisory

At BARR Advisory, we build trust through cyber resilience. We help protect the world’s data, people, and information networks through a human-first approach to cybersecurity and compliance.