AI for Cyber Security

Posted by Alexis Vander Wilt
Alexis Vander Wilt

What this technology revolution may mean for you

A Brief Introduction, What is AI?

The term ‘Artificial Intelligence (AI)’ was coined in 1950, but since then it has grown in unimaginable ways.

Borrowing from a recent team members blog post “Artificial Intelligence & Everyday Life” by Shaswat Anand, AI can be defined as “an area of computer science that emphasizes the creation of intelligent machines that work and react like humans.”

In recent years it has found its way into many aspects of our lives including education, healthcare, and manufacturing. We use AI assistants such as Siri, Alexa, Google Assistant, and Cortana every day. They can recognize patterns, use the past to predict the future, and alert us when something unusual is happening.

 

 

Applications in Cyber Security

Artificial Intelligence also has much potential in the area of cyber security.

For commercial use, it’s being applied to remove ‘white-noise’ and filter out unwanted data in an attempt to make real threats more obvious. It can be helpful in implementing decoys to trap attackers and making it easier to identify who’s attempting to access your systems.

In our personal lives, its used for things like biometrics in 2-factor authentication, protecting our Internet-Of-Things(IOT) devices, and notifying us when unusual activity is occurring in our bank or credit card accounts.

The main focuses of applied AI are deception, detection, prediction, remediation, accessibility, and even adversarial AI.

In this blog series, we will explore the different applications of AI in cyber security, examining both the good and the bad of this technology. To get us started, this article will provide a brief introduction to each of these topic areas.

Detection, Prevention, & Remediation

 

 

Artificial Intelligence and Machine Learning can be used in the process of cyber Threat Detection and Response(TDR). In fact, over the past several years this has been the primary form of AI in cyber security. Certain AI algorithms are very good at recognizing when events are not matching expected results and can even assist in taking action to repair them.

It’s ability to detect threats as they are happening means it could potentially prevent attackers from gaining complete access to the system. Two common examples of this are detecting spam e-mails and combating malware through identification and blocking of attacks.

These are two examples of AI noticing when things have gone wrong, and attempting to prevent incidents before they happen. Certain implementations can be used to analyze user’s password habits and detect when bad passwords are being created, a method for preventing attacks before targeting has even occurred.

Simplification, Automation, & Accessibility

Another way AI has impacted the world of cyber security is its ability to simplify tasks that used to be done by hand.

 

 

A few such uses for automation are:

  • The automation of updates to ensure they happen at the right time, complete successfully, and make intelligent corrections for any errors that occur.
  • Automated collection and analysis of data to provide additional information and context to support investigations.
  • Application of playbooks that respond to threats correlating data, executing tasks, and initiating response actions helping remediate potential issues in real time

One of the largest benefits of machine automation is consistency. AI can dramatically increase the consistency with which we investigate and respond to potential threats. This inherently reduces organizational risk by reducing the potential for human error & mistakes.

A newer and less well known application of AI geared toward simplification and accessibility is in the world of Natural Language Processing (NLP), which is the processing of human speech or text in a natural language, e.g. English, to remove complexity. This form of AI could help differently-abled people who have accessibility issues with their vision, hearing, or speech.

All of these are examples of ways in which the introduction of AI and Machine Learning have helped the cyber security workforce to become faster, smarter, and more efficient about their work.

Adversarial (Malicious) AI

 

 

AI technology is extremely powerful, but it’s important to keep in mind that if we have access to it, so do the attackers.

Black hat hackers can use AI to make their work faster and smarter too. Even companies with huge cyber security efforts can be bested by AI trained to target its weaknesses. Malicious AI can be a variety of different things from automated attacks that are designed to run and adapt without human interaction, to those which use false data to mislead other Machine Learning algorithms into making incorrect conclusions.

This AI, like that used for more benevolent purposes, is still in it’s developing stages, but it’s dangerous potential could change the way we view cyber security. It is very important that we learn how to leverage and adapt the tools we use to detect, prevent, and respond to attacks like these in the future.

In Summary

These forms of applied AI, specifically when combined with enhancements in low cost computing power, have enabled significant progress since the introduction of AI in the 1950’s. Despite the progress we’ve made, there is no doubt that there is still plenty of work to be done as we move into the next decade and beyond.

Please stay tuned for the follow up articles as we dive further into AI and its impact on cyber security.

Thanks for reading!

 

Read the rest of the series here:

AI & CyberSecurity - Part 2: Threat Detection, Prevention, & Remediation

AI & CyberSecurity - Part 3: Adversarial AI

AI & CyberSecurity - Part 4: AI Assistance for Simplification

 

Contact Us

If you like this content or have suggestions for other topics you’d like us to cover please let us know in the comments section below, we’d love to hear from you.

You’re also free to follow us on linkedin and visit www.query.ai to subscribe to our updates.

Get to Know Query.AI

Time for a Different Approach

What is Ransomware?

Alexa + Watson + Tableau + Slack

Data Security Threats and Challenges

a

Alexis Vander Wilt

Written by Alexis Vander Wilt

I am a senior Computer Science and Mathematics student, with a passion for understanding Data Analysis and its impacts. I work as part of the team at Query.AI where we are using Natural Language Processing to allow users to “talk to your data” reducing the security learning curve and working to make security more accessible to all.