AI and ML to Reinvent Cyber Security in 2018

Vijay Bharti, Vice President and Head, Security Services – Happiest Minds

We are living in a new digital world, where the tech­nologies including Artificial Intelli­gence (AI), Machine Learning (ML), Internet of Things (IoT), Block Chain, Big Data, and Cloud Computing are advancing at a blinding pace. Out of these, Artificial Intelligence and Ma­chine Learning are set to be the most prominent technologies that can create a dramatic impact in the way we live, think and operate the business. Devel­opments in AI and ML have the poten­tial to significantly transform various fields of science, mathematics, health­care, transportation, energy, manufac­turing, eCommerce and information technology. Information Security is one another important arena in which AI is in dire need to address some of the complex challenges that humans alone can’t handle. Cyber Security ex­perts view AI and ML as major game changer technologies in the Cyber se­curity space for 2018.

In 2017, the cyber security risks continued to escalate, concerning the frequency, severity and impact and even the Government or Private insti­tutions were not able to get a complete control over it. We witnessed major set­backs in the Cyber security arena with ransomware attacks including Wanna­Cry, Petya and Bad Rabbit spreading around the world, impacting hundreds of thousands of targets, including pub­lic utilities and large corporations.

From Advanced Persistent Threats (APT), spear phishing, multi-vector DDoS, ransomware attacks, malware campaigns and botnets, the dangers that are lurking around the Cyber world are getting complex day by day. The challenges with new age cyber-attacks are that the attack vectors and models change every time, making it impossible to detect and classify them with confidence. The introduction of bitcoin currencies and the associated ‘Cryptojacking’ attacks are arising as major threats in the Cyber Security space. In such sensitive times, deal­ing with advanced multi vector at­tacks from well-funded criminals or nation-state actors, the traditional se­curity tools and processes are becom­ing insufficient and incompetent. To deal with the new age sophisticated cyber attacks, organizations need to adapt or augment their technology to parse through large chunks of data and identify the anomalies, which human intelligence alone cannot achieve. Here comes the relevance of artificial/ machine intelligence to aug­ment the human intelligence in all the crucial steps relating to Cyber security and threat intelligence in global or­ganizations. AI can play a significant role in Information security in terms of bringing in automated and assisted reasoning, modeling and simulation and finally arriving at an intelligent decision making, more efficient than human beings can do.

In the current world of data del­uge, it is nearly impossible for humans alone to analyze the billions of logs generatedfrom the existing infrastruc­ture components. Integrating AI into the existing systems including Security Monitoring Solutions, SIEM, Intru­sion Detection Systems, Cryptograph­ic technologies and Video vigilance systems can help in addressing many of these challenges to a larger extent. Application of AI based technologies into the existing systems will bring in much enhanced systems that help in better decision making. Some of the key areas where in the functionalities of AI makes a difference are:

• Data Mining

• Pattern Recognition

• Fraud Detection

• Analytics

• Fuzzy Logic

• Development of expert Systems

Within the Cyber security sector, these attributes of AI can bring in tre­mendous benefits, out of which some of them are already in place and there are huge opportunities yet to explore. Machine learning based antivirus sys­tems and tools can help in quickly and accurately identifying malware like Polymorphic virus based on its con­tinuous learning capabilities. Such sys­tems can detect suspicious files based on the behavioral or structural analysis and it helps in detecting threats at an early stage. It can easily determine the likelihood of a malicious virus attack by analyzing and breaking down the DNA of each file.

Along with AI and ML, another aspect of security which CISOs are concerned about is compliance. Every organization needs to be compliant with numerous regulations and non-compliant to any of these can lead to heavy fines. For example, General Data Protection Regulation (GDPR) which will be a reality in few months can cost €20m or 4% of annual global turnover if the organization is found non-compliant. AI and ML with sup­port of cognitive computing is ena­bling the enterprises to keep a track of their compliance status to avoid any legal issues.

As the digital world is moving fast, we can expect completely automated Cyber-attacks orchestrated by intelli­gent machines. These expert systems will have the potential to analyze the DNA of past attack models, strategies and utilize its acquired knowledge for organizing new attack models attacks that have higher success rates and larg­er impact. As human resources alone won’t be enough to combat this, the need of the hour for global organiza­tions, Government and defense agen­cies is to suit up their existing Cyber security and defense environment with AI and its underlying technologies.

AI and ML are at the evolving stage and still there is a long way to go for organizations of all sizes to enjoy the larger benefits that it brings. To get prepared for an AI led world, the global leaders in the field of Cyber Se­curity need to familiarize themselves with AI, ML and also other latest inte­grated technologies in security.