Using AI & ML With Cyber Security

Uploaded on 2021-03-04 in TECHNOLOGY--Developments, FREE TO VIEW, TECHNOLOGY--Resilience, TECHNOLOGY-Key Areas-Artificial Intelligence

The experts at Trend Micro predict that as cyber threats evolve it is becoming necessary to look at Artificial Intelligence (AI) and Machine Learning (ML) to protect systems and give organizations the best security possible. In particular, Trend Micro think that AI will replace humans in cyber security by 2030. 
 
AI is starting to be used across many sectors, such as the medical industry and the car industry and with advances in technology cyber security needs to be the top priority for businesses.
 
More than ever, organisations from technology companies to social media websites, have started to use AI in order to stop cyber attacks. AI techniques are being used to learn how to remove noise or unwanted data and to enable security experts to understand the cyber environment in order to detect abnormal activity. AI can also benefit cyber security with automated techniques to generate whenever cyber threats are detected.
 
The enterprise attack surface continues to grow and evolve rapidly. Depending on the size of your enterprise, there are up to several hundred billion time-varying signals that need to be analyzed to accurately calculate risk and analyzing a complex organisations cybersecurity posture is no longer a human-scale problem. 
 
AI and ML have become critical technologies in information security, as they are able to quickly analyze millions of events and identify many different types of threats,  from malware exploiting zero-day vulnerabilities to identifying risky behavior that might lead to a phishing attack or download of malicious code. These technologies learn over time, drawing from the past to identify new types of attacks now. Histories of behavior build profiles on users, assets, and networks, allowing AI to detect and respond to deviations from established norms.
 
Artificial Intelligence vs. Data Analytics
 
AI is an often misused term and many of today’s AI offerings don’t actually meet the AI test. While they use technologies that analyse data and let results drive certain outcomes, pure AI is about reproducing cognitive abilities to automate tasks. AI is really about technologies that can understand, learn, and act based on acquired and derived information.
 
AI currently works in three ways:  
 
  • Assisted intelligence, widely available today, improves what people and organizations are already doing.
  • Augmented intelligence, emerging today, enables people and organizations to do things they couldn’t otherwise do.
  • Autonomous intelligence, being developed for the future, features machines that act on their own. An example of this will be self-driving vehicles, when they come into widespread use.
Machine learning, expert systems, neural networks, and deep learning are all examples or subsets of AI technology:
 
  • Machine learning uses statistical techniques to give computer systems the ability to “learn” (., progressively improve performance) using data rather than being explicitly programmed. Machine learning works best when aimed at a specific task rather than a wide-ranging mission.
  • Expert systems are programs designed to solve problems within specialized domains. By mimicking the thinking of human experts, they solve problems and make decisions using fuzzy rules-based reasoning through carefully curated bodies of knowledge.
  • Neural networks use a biologically-inspired programming paradigm which enables a computer to learn from observational data. In a neural network, each node assigns a weight to its input representing how correct or incorrect it is relative to the operation being performed. The final output is then determined by the sum of such weights.
  • Deep learning is part of a broader family of machine learning methods based on learning data representations, as opposed to task-specific algorithms. Today, image recognition via deep learning is often better than humans, with a variety of applications such as autonomous vehicles, scan analyses, and medical diagnoses.
Applying AI to Cyber Security
 
AI is ideally suited to solve some of our most difficult problems, and cybersecurity certainly falls into that category. With today’s ever evolving cyber-attacks and proliferation of devices, machine learning and AI can be used to “keep up with the bad guys,” automating threat detection and respond more efficiently than traditional software-driven approaches. There are several high profile examples of the successful use of Ai:-
 
Google:   Gmail has used machine learning techniques to filter emails since its launch 18 years ago. Today, there are applications of machine learning in almost all of its services, especially through deep learning, which allows algorithms to do more independent adjustments and self-regulation as they train and evolve.
 
Balbix:   Uses AI-powered observations and analysis to deliver continuous and real-time risk predictions, risk-based vulnerability management and proactive control of breaches. The platform helps make cybersecurity teams more efficient and more effective at the many jobs they must do to maintain a strong security posture – everything from keeping systems patched to preventing ransomware. 
 
IBM/Watson:   The team at IBM has tasks and threat detection based on machine learning. 
 
Limitations of Using AI for Cybersecurity
 
There are also some limitations that prevent AI from becoming a mainstream security tool:
 
Resources:    Companies need to invest a lot of time and money in resources like computing power, memory, and data to build and maintain AI systems.
 
Data sets:   AI models are trained with learning data sets. Security teams need to get their hands on many different data sets of malicious codes, malware codes, and anomalies. Some companies just don’t have the resources and time to obtain all of these accurate data sets.
 
Hackers can use AI too:  Attackers test and improve their malware to make it resistant to AI-based security tools. Hackers learn from existing AI tools to develop more advanced attacks and attack traditional security systems or even AI-boosted systems.
 
Neural fuzzing:  Fuzzing is the process of testing large amounts of random input data within software to identify its vulnerabilities. Neural fuzzing leverages AI to quickly test large amounts of random inputs. However, fuzzing has also a constructive side. Hackers can learn about the weaknesses of a target system by gathering information with the power of neural networks. Microsoft has developed a method to apply this approach to improve their software, resulting in more secure code that is harder to exploit. 
 
Conclusion
 
Artificial intelligence and machine learning can improve security, while at the same time making it easier for cyber criminals to penetrate systems with no human intervention. This can bring significant damage to any company. Getting some kind of protection against cyber criminals is highly recommended if you want to reduce losses and stay in business. 
 
AI and ML will definitely play a major role in every sector in the near future. In cybersecurity, it will certainly allow organisations to be better protected, although they should remain on the lookout for advanced cyber attacks.
 
Trend Micro:       DevOpsOnline:      IEEE Computer:       ZDNet:       CIO Story:      Balbix:
 
You Might Also Read: 
 
The Most Important Technologies For 2021:
 
« Connected Cars & Cyber Security
Cybersecurity Job Listings Worldwide »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Virus Bulletin

Virus Bulletin

Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the global threat landscape.

Infineon Technologies

Infineon Technologies

Infineon is a leader in semiconductor solutions for a huge range of applications including automation, smart systems and security for the Internet of Things.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

Owl Cyber Defense

Owl Cyber Defense

Owl patented DualDiode Technology enables hardware-enforced network segmentation and deterministic, one-way transfer of all data types and file sizes.

Post-Quantum

Post-Quantum

Post-Quantum offer a unique, patented quantum-resistant encryption algorithm that can be applied to existing products and networks.

GuidePoint Security

GuidePoint Security

GuidePoint Security provide information security solutions that enable commercial and federal organizations to more successfully achieve their security and business goals.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

CNS Group

CNS Group

CNS Group provides industry leading cyber security though managed security services, penetration testing, consulting and compliance.

INE

INE

INE is a premier provider of Technical Training for the IT industry.

DeNexus

DeNexus

DeNexus is the leading provider of cyber risk modeling for industrial networks. Our Mission is to build the Global Standard for Industrial Cyber Risk Quantification.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

Vercara

Vercara

Vercara offers a purpose-built, global cloud security platform that provides layers of protection to safeguard businesses’ online presence, no matter where an attack comes from or where it is aimed.

Total Secure Technology

Total Secure Technology

Total Secure Technology provides trusted Managed IT Security and Managed IT Services for organizations looking to increase their cybersecurity defensive posture.

Panoplia Digital Protection

Panoplia Digital Protection

Panoplia Digital Protection is a cutting-edge cybersecurity company that leverages the power of AI and ML to help businesses and consumers protect themselves against cyber threats.

Increase Your Skills (IYS)

Increase Your Skills (IYS)

Armed and ready: raise awareness of cyberattacks in your company with the Full-Service Awareness Platform from IYS – fast and effective. We help you develop a robust, sustainable security strategy.

Reco AI

Reco AI

Reco is an identity-centric SaaS security solution that empowers organizations with full visibility into every app, identity, and their actions to control risk in their SaaS ecosystem.