How does artificial intelligence affect Cyber Security?

liu, tempo Date: 2021-08-04 14:30:35
Views:91 Reply:0

Artificial Intelligence (AI) is a new technical science which studies and develops theories, methods, technologies and application systems for simulating, extending and extending human Intelligence. It consists of different fields, such as machine learning, computer vision and so on.


Since the birth of artificial intelligence, its theory and technology have become increasingly mature, and its application fields are also expanding. It can be assumed that the technological products brought by artificial intelligence in the future will be the “container” of human wisdom. But now that it has begun to focus on the problem of rampant cyber attacks, AI will reshape the future of cyber security.


We are now in a global village so interconnected that many of those who grew up in the digital age can’t even remember a time before the iPhone. With the rise of the smart home, we’re connecting more and more of our lighting, door locks, cameras, thermostats and even toasters to our home networks. Automating the management of our homes via mobile apps or voice shows how far we’ve come in the past few years. However, in our quest for “cool” and “convenience,” many of us haven’t stopped thinking about our online security responsibilities.


Cyber security risks are now much higher than a large company suffering a data breach, with everything connected to the network being targeted. Despite the billions of dollars that have been poured into cybersecurity, the number of reported attacks and the scale of intrusions continues to rise, with both the sophistication and scale of complex and destructive cyber attacks across a wide range of industries. In particular, there are vulnerabilities in areas of our critical infrastructure, such as energy, nuclear, water, aviation, and critical manufacturing, which make them targets for cybercriminals, even state-sponsored cyberattacks.


Unfortunately, 90% of cyber attacks cite human error or people’s inaction as the primary reason for the intrusion. There have been countless examples, such as the sale of a DNA database for as little as $8 and the us government hack that compromised the fingerprints of 5.6 million federal employees. It’s gotten to the point where no one can predict what’s going to happen, since learning trading skills online has never been easier: machine learning software is available, and video tutorials are just a search away. By automatically editing the content messages of potential victims, cybercriminals can quickly wreak havoc on businesses or individuals. A radical approach to cybersecurity is called for and urgently needed.


Fortunately, emerging ai machine learning models offer hope. Its proactive approach, rather than the traditional reactive approach, gives us better protection against these complex threats. Essentially, the most important change is to stop attacks before they happen. Here are some of the frontiers where the predictive power of AI and the evolutionary power of machine learning could give security providers and all of us — individuals and businesses — the upper hand:


Detect and block hacked iot devices


Cyber Security


Cisco expects the number of connected devices worldwide to rise from 15 billion today to 50 billion by 2020. Due to limited hardware and software resources, a large proportion of these devices do not have basic security measures. The recent massive denial-of-service attack On Kerbs On Security vividly demonstrated the power of hacked Internet of Things devices.


To make matters worse, the source code of the malware used to launch the attack was soon released to the public and can now be used against any business or individual. Internet of Things security is one of the most prominent areas of artificial intelligence technology. Lightweight predictive models based on artificial intelligence can detect and block suspicious activity in real time on the device or on the network, autonomously resident and operating even on devices with low computing power.


Prevents malware and file execution


File – based attack is still one of the main network attack vectors. The most common file types used for network attacks are executable files (.exe), PDF files, and MS Office files.


With a small change in a single line of code, new malicious files with the same malicious purpose but different signatures can be generated. Its small changes in behavior fool legacy signatures-based anti-virus programs, as well as the more advanced heuristic based advanced Endpoint Detection and Response (EDR). Translator.) Or even network-level solutions such as sandbox technology.


Improve the operational efficiency of the security Operations center


One of the key issues for security teams is alarm fatigue caused by the excessive number of security alerts they receive every day. Businesses in North America handle an average of 10,000 security alerts per day! In many cases, alarm fatigue causes a malicious attack signal to escape radar range even though it has been flagged as suspicious. This requires the integration of internal logging and monitoring systems with external threat intelligence services to automatically categorize events by running advanced associations between multiple information sources. This cutting edge technology in cyber defense is very hot because it solves the problem of large enterprises running their own security Operating center (SOC). Translator.) The problem.


Quantify network security risks


Quantifying an organization’s cyber risk is challenging, mainly because of the lack of historical data and the large number of variables to consider. Now interested in quantitative risk group (and evaluate these organizations of a third party, such as network insurance company) must go through a long and tedious process of network risk assessment, mainly based on questionnaire survey, see if there are any available network security standard qualitative measures, as well as risk management and culture of an organization. This approach is far from adequate to truly reflect the severity of the current cyber risks. The ability to process millions of data points and generate predictions could be a successful way for organizations and cyber insurers to get the most accurate estimates of cyber risk.


Abnormal network traffic detection


Because every organization has its own unique traffic behavior, detecting abnormal traffic that may represent malicious activity is a huge challenge. Finding associations between protocols without relying on intrusive deep packet inspection requires analyzing thousands of associations between countless pieces of metadata from internal and external network traffic.


Malicious mobile application detection


Ericsson says there are already more than 2.5 billion smartphones worldwide and expects to reach 6 billion by 2020. Research by Arxan, an app security firm, shows that 56% of the top 100 apps for iOS and Android have been hacked at some point, while 100% of Android apps have been hacked. The two leading app stores, Google Play and The Apple App Store, both broke the 2m mark for available apps, highlighting the need for highly accurate automated categorisation of mobile apps. This classification must be sensitive to the slightest obfuscation techniques to distinguish malicious applications from green applications. This task can be delivered to artificial intelligence technology with advanced, cutting edge classification capabilities.


Just because AI and machine learning are so powerful doesn’t mean we can rest easy. Just as businesses and government authorities are beginning to understand the role ai and machine learning will play in protecting them, criminals are using the same tools to circumvent defenses. An AI attack that mimics human behavior and tries to overcome defenses would be the start of an AI war between good guys and bad guys. To provide adequate protection, machine learning models must detect and respond to threats faster. Advances in technology have made possible the rise of security systems that are always learning, adapting, and finding new ways to get ahead of attacks that no one else currently has.


As the battle of artificial intelligence continues, negative comments about it have surfaced on the Internet. Some people criticize the “dark side” of AI, arguing that without AI there would be no cyber attacks. While it is tempting to blame technology for the scale of the threat, it is important to remember that AI can only execute what its human masters have written for it. So the so-called “dark side” of AI is simply a reflection of the worst aspects of human nature. But there is no doubt that we are entering a new digital age, and artificial intelligence and machine learning will undoubtedly reshape the future of cyber security.

Leave a comment

You must Register or Login to post a comment.