Security operations teams have a data management problem: The volume of security alerts they have to process is so high they can miss signs of an attack. In the first Voice of SecOps report from security vendor Deep Instinct, 86% of respondents said tools driven by data science — which includes artificial intelligence, machine learning, and deep learning — would make a significant impact in preventing unknown threats and reducing false positives.

Deep Instinct’s Voice of SecOps report explored strategic threats, overarching priorities, and day-to-day challenges experienced through the lens of security operations teams. According to 64% of respondents, humans are unable to keep up with the exponential cadence of cybersecurity threats. Respondents said they spend about 10 hours a week assessing false positive alerts, and 62% said threats could be missed due to the “overwhelming volume of false positives,” the report found.

IT and security teams are worried about the growing number of attacks. More than 70% of IT and security professionals said it was likely that their company will be hit by a successful ransomware attack. In the United Kingdom, 78% said they were concerned about a possible “global incident” caused by AI developed by sophisticated adversaries.

Almost two-thirds of respondents — 66% — said Solarwinds had led to the hiring of more internal IT and security professionals, with over half saying it also prompted more questions at the board and executive level about cybersecurity measures. More than 60% of companies began considering automated, AI-based solutions following the attacks on Microsoft Exchange.

Many respondents believed — 71% — that automation was the only way to address cyberattacks, and 83% said automation freed up teams to focus on high-value or more strategic attacks. If security professionals had a tool to completely eliminate false positives they would save a quarter of their time –- freeing it up to focus on the identification and prevention of upstream threats, rather than dealing with false alerts for threats that never actually existed in the first place, Deep Instinct noted in its report.

Most of the professionals believed a blend of artificial intelligence, machine learning, and deep learning was vital in the fight against cyberattacks. The key question was not whether to incorporate AI, but rather which AI technology to deploy. In Germany, 32% said a self-learning cybersecurity product would be “extremely useful.”

The Deep Instinct’s Voice of SecOps Report provides insight from 600 IT professionals, including 300 CISOs spread across multiple verticals and geographies. The research was commissioned by an independent marketing & market research company, Hayhurst Consultancy.

Read the full 2021 Voice of SecOps report from Deep Instinct.

The post Deep Instinct: AI, deep learning tools can help prevent cyberattacks appeared first on Artificial Intelligence.

Traditional network security tools have become outdated in the face of sophisticated cyberattacks. Our cybersecurity strategies should embrace latest technologies, such as A.I. and machine learning.

For many years, traditional network security tools such as firewalls, anti-virus software, web proxies etc. have been the go-to defences for organisations. While these tools were effective to a certain extent in the past, the dramatic changes brought to the digital world by “Industry 4.0,” over the last decade, has seen a dynamic shift to the cyber-threat landscape thereby reducing the effectiveness of these traditional tools.

As we continue to embrace digital revolution in all aspects of our life, the threat to the cybersecurity landscape is only increasing with each passing day. Cybercriminals, today, are using cutting-edge technologies to launch destructive cyberattacks on large corporations that have far-reaching consequences as was seen in the case of Adobe and Equifax, and India being at the forefront of digitization has become the prime target for cyber criminals. In fact, as per the Acronis Cyber Readiness Report of 2020, India is reporting more cyberattacks than any other country in the world.

From an organisational perspective, apart from loss of critical information, financial losses, reputational damages and disruption in operations, in most cases, it becomes impossible to identify the intensity of the cyberattack, and the amount of data that was actually compromised often remains unknown. This was witnessed even recently when hackers launched attacks on multiple Indian pharmaceutical companies where, till date, there is no visibility on the degree of attack and the nature of data that was compromised.

Cybersecurity is a critical aspect for all organisations today. Unfortunately, most businesses are not adequately equipped to handle these complex cyber threats simply because they continue to rely on traditional techniques. They do not possess the high-end tools required to quickly identify and recover from threats which, if adopted, can go a long way in ensuring cybersecurity. For instance, a study conducted by Cisco in 2019 revealed that A.I. based tools can identify up to 95% of threats faced by an organisation. That being the case, for a country that thrives on information technology, it is critical that organisations transition from traditional solutions to technologically advanced solutions at the earliest.

While talking about technologically advanced solutions, organisations should start depending more on artificial intelligence (A.I.) based tools. Unlike traditional techniques that neutralize the effect of vulnerabilities only upon the identification of the same, the approach becomes very different with the aid of A.I. and machine learning enabled tools. A.I.-based systems are proactive in detecting vulnerabilities since they can analyse patterns and discover loose ends beforehand thereby enabling organisations to take preventive action before they are even affected with a security incident.

For instance, A.I. techniques like “User and Event Behavioural Analytics” can be used to analyse baseline behaviour of accounts and identify anomalous behaviour that might signal a zero-day cyberattack. This can protect organizations even before vulnerabilities are officially reported. An A.I. vendor named ‘Darktrace’ provides a software that utilises A.I. to understand the behaviour of each user, and the software automatically sends out an alert if there is a vital deviation from the normal baseline behaviour. Additionally, apart from using A.I. enabled solutions, organisations should also adopt simple measures like the use of a multi-factor authentication (M.F.A.) process to secure their systems. MFAs can help prevent some of the most common types of cyberattacks, including phishing, brute force and man-in-the-middle attacks.

It is important to remember that hackers are only becoming sophisticated by the day. It is not sufficient to simply introduce tools that ensure cybersecurity. It is equally important that organisations constantly understand the loopholes in their security systems and take measures to fix the same. For this purpose, organisations such as Tesla, Google etc. are increasingly turning to crowdsourced security measures, such as bug bounty programs, to find loopholes in their security systems, by hiring ethical hackers. In fact, many organisations are substituting their traditional penetration testing efforts with crowdsourced security measures since they offer a plethora of benefits including the ability to identify and fix vulnerabilities faster, paying for valid results rather than effort or time and varied expertise of hackers.

However, these techniques, be it A.I. enabled tools or crowdsourced security measures, can never work in isolation no matter how advanced they are. The effectiveness of the cybersecurity architecture of an organisation ultimately depends on the over-arching security model. This security model, thus, should not focus on tools that are merely reactive in nature. Instead, the overall security model should comprise of tools that prevent, predict, detect, and respond to threats in an efficient manner, and this is where the concept of adaptive security architecture comes to play.

Adaptive security, the buzz word in recent times, is an approach that analyses behaviours to protect against and adapt to threats even before they happen. Adaptive security architecture (ASA) is a concept and there are no pre-defined techniques on what constitutes ASA. Thus, organisations have the flexibility to introduce curated techniques (such as A.I.-based tools) so long as such techniques are able to predict, prevent, detect and respond to threats (elements of ASA) in a timely manner. For example, an implementation of ASA is the Emsisoft anti-malware that monitors the behaviour of all active programmes and sends out an alert if suspicious behaviour is detected. As opposed to focusing on preventive measures, ASA is built on the foundation of a more responsive, receptive and real-time outlook when protecting an organisation’s security systems.

While organisations can enforce technologically advanced protocols for ensuring cybersecurity, the role of personnel can never be ignored. Human error has a well-documented history of causing data breaches. This was seen when Equifax’s system was compromised for two whole months simply because of an oversight by the IT team. According to the UK Information Commissioner’s Office, human error was the cause of approximately 90% of data breaches in 2019. This only implies that cybersecurity is a top-down approach. Every single employee, from the CEO to the supervisor, plays an important role. That being the case, it is important that employees understand what they can do to protect the company’s digital assets, how to avoid falling for cybersecurity attacks, and who they should report potential incidents to.

On a concluding note, as India moves towards a five trillion dollar economy and with the IT sector leapfrogging through multiple stages of development faster than many western economies, there is an imminent need for organisations to invest in advanced technologies and personnel training to ensure a watertight cybersecurity architecture.

Views are personal. Bhushan is Partner and Chennai head, Shardul Amarchand Mangaldas & Co and Viswanat is Associate, Shardul Amarchand Mangaldas & Co.

The post How artificial intelligence can fight cyberattacks appeared first on Artificial Intelligence.

AI-based detection systems usually work with uncertainty, they are useful not only to raise alerts when something seems to be wrong but also to give a score on how close a given event is from a cyberattack.

Artificial Intelligence (AI) is the ability of technology to think and act like a human and is being utilized to help fight off potential cyberattacks. Employing AI and machine learning to detect vulnerabilities significantly enhances human capabilities, as AI can analyze and report millions of cyberthreats in the time it might take a person to do the same.

AI can get “smarter” and “learn;” as an AI algorithm continues to search and monitor data, it can improve its understanding of diverse types of potential attacks.

According to a study by PwC and Data Security Council titled “Cyber Security India Market: What lies beneath”, Artificial intelligence (AI) and machine learning (ML) will be powering the ‘cyber war rooms’ in organisations to help them protect from increasing cyberattacks, as well as detect, predict and respond to the same.

Defining an attack

You have heard a lot about cyberattacks and data breaches on the news lately, but what exactly is a cyberattack and why is it important to protect our data?

“In short, a cyberattack is a deliberate and often targeted attempt to mount an action via or against digital technology,” says IEEE Senior Member Steven Furnell. “In practice, cyberattacks can take many forms, but we tend to most commonly associate things like hacking and malware, and perhaps phishing. However, there is a far broader range of labels that can be used to reflect the specific approaches and motivations that may be involved.”

“After the attack, the computer or the network will be destroyed, exposed, modified or lose some functions,” adds IEEE Senior Member Guangjie Han. “And your personal information or important data will be acquired by someone else without authorization. Consider the potential benefit behind the data — that’s why these attacks exist.”

Junior hackers might only have an interest in stealing money, acquiring personal data or merely for the joy of hurting others. More senior hackers have the potential to breach entire companies or governments.

How AI prioritizes security needs

Once AI has effectively identified the potential risks and threats, the next step is to prioritize what gets addressed and in what order.

“Since AI-based detection systems usually work with uncertainty, they are useful not only to raise alerts when something seems to be wrong but also to give a score on how close a given event is from a cyberattack,” says IEEE Member Marcos Simplicio.

“Events with higher scores can then be prioritized accordingly. For example, above a certain score, automated measures may be taken to stop the highly probable attack without any human intervention. Events with a lower score can then be forwarded to administrators for further analysis, and some events with low scores may be simply logged without any additional action, since handling them may not be worth the effort.”

Other methods of stopping cyberattacks

AI and machine learning are not the only mechanisms used to prevent and fight off cyberattacks. A wide range of robust technologies protect our systems and help fend off severe breaches.

IEEE Senior Member Aiyappan Pillai explains that in addition to AI, cryptography, emerging quantum cryptography, analytics, IoT security, blockchain security and hardware authentication technologies are also helping technologists keep our digital infrastructure secure.

Lastly, another way to prevent cyberattacks is continuing to educate users to stay away from suspicious activity. “It is important to remember that security is largely a matter related to processes and behaviors and therefore administrative, education and awareness processes play a key role in any well-designed security strategy,” stresses IEEE Senior Member Raul Coucher.

The post How Artificial Intelligence is helping fend off cyberattacks appeared first on Artificial Intelligence.

UNIVERSITY PARK, Pa. — Just as people need to protect their sensitive data, such as social security numbers, manufacturing companies need to protect their sensitive corporate data. There are currently fewer protections for proprietary manufacturing information, making it a ripe environment for corporate data theft of such things as design models.

A particular approach known as differential privacy may be able to better preserve a manufacturer’s business, sensitive design details and overall company reputation, a team of Penn State researchers and graduate students report in the Journal of Smart and Sustainable Manufacturing of the American Society for Testing and Materials.

“Cyberattacks are increasingly seen in manufacturing,” said Hui Yang, professor of industrial engineering. “This brings unexpected disruptions to routine operations and causes the loss of billions of dollars. For example, adversaries often attempt to infer samples included in the training dataset used to create an analytical model or use the released model to infer sensitivity of a target when other background information about this target is available. As manufacturing systems are the backbone of a nation’s critical infrastructure for economic growth, there is an urgent need to protect privacy information of manufacturing enterprises and minimize the risk of model inversion attacks.”

Companies often data mine large datasets to understand patterns that could increase profits, lower costs, reduce risks and more. Data mining can inadvertently expose private data, posing significant security threats to manufacturers because confidential data such as customers’ identities, production specifications and confidential business information may be compromised.

Differential privacy is an emerging approach to safeguard data from any attempt that may reveal any sensitive data within a system. Differential privacy can fix this problem by creating a scheme that forces the system to create “noise” around the data that needs most protection and by optimizing the privacy parameters for these different kinds of data.

“The idea of preserving privacy was already present, but it gets much more attention now,” said Soundar Kumara, the Allen E. Pearce and Allen M. Pearce Professor of Industrial Engineering. “Differential privacy methods are able to put measurements on how much privacy is needed in various scenarios, which is greatly useful for companies. Some information simply isn’t as sensitive, like a pet’s name versus credit card information. There are applications aimed at differential privacy for smart manufacturing and data mining, and our proposed methodology shows great potential to be applicable for data-enabled, smart and sustainable manufacturing.”

The researchers carefully calibrated a model with noise for specific, more sensitive kinds of raw data. The curated, regulated noise contains numerical values that sit among the real information to create distractions, or randomness, within the system to blur what an attacker may see.

The group used test data to evaluate and validate the proposed privacy-preserving data mining framework. They specifically focused on power consumption modeling in computer numerical control (CNC) turning processes.

According to the team, the CNC turning is a precise and intricate manufacturing process in which a rotating workpiece is held in place while a cutter shapes the material. This kind of information can be critical for a manufacturing company, because it may be for their specific product in a competitive market.

“A simple example is a hospital with 500 patients where medical treatments are guided by data mining models trained with their genotype and demographic background,” said Qianyu Hu, an industrial engineering doctoral candidate. “If someone outside of the system wants to know specific attributes on patients, for example, their genetic markers, they will attack the model. With normal data, unprotected by noise, an attacker with some background information is able to gain knowledge of the genomic attributes of patients. This knowledge can be adversely used against them in various ways. In this example, adding noise to the data mining process, based on our model, can lower the risk of privacy leakage.”

The team noted that in their future research, they plan to continue testing the proposed data mining framework to a network of collaborative manufacturers.

Ruimin Chen, industrial engineering doctoral candidate, also contributed to this work.

The post New method enables automated protections for sensitive data appeared first on Artificial Intelligence.

Intelligence and espionage services need to embrace artificial intelligence (AI) in order to protect national security as cyber criminals and hostile nation states increasingly look to use the technology to launch attacks.

The UK’s intelligence and security agency GCHQ commissioned a study into the use of AI for national security purposes. It warns that while the emergence of AI create new opportunities for boosting national security and keeping members of the public safe, it also presents potential new challenges, including the risk of the same technology being deployed by attackers.

“Malicious actors will undoubtedly seek to use AI to attack the UK, and it is likely that the most capable hostile state actors, which are not bound by an equivalent legal framework, are developing or have developed offensive AI-enabled capabilities,” says the report from the Royal United Services Institute for Defence and Security Studies (RUSI).

“In time, other threat actors, including cyber-criminal groups, will also be able to take advantage of these same AI innovations.”

The paper also warns that the use of AI in the intelligence services could also “give rise to additional privacy and human rights considerations” when it comes to collecting, processing and using personal data to help prevent security incidents ranging from cyberattacks to terrorism.

The research outlines three key areas where intelligence could benefit from deploying AI to help collect and use data for more efficiency.

They are the automation of organisational processes, including data management, as well as the use of AI for cybersecurity in order to identify abnormal network behaviour and malware, and responding to suspected incidents in real time.

The paper also suggests that AI can also aid intelligence analysis and that by using augmented intelligence, algorithms could support a range of human analysis processes.

However, RUSI also points out that artificial intelligence isn’t ever going to be a replacement for agents and other personnel.

“None of the AI use cases identified in the research could replace human judgement. Systems that attempt to ‘predict’ human behaviour at the individual level are likely to be of limited value for threat assessment purposes,” says the paper.

The report does note that deploying AI to boost the capabilities of spy agencies could also lead to new privacy concerns, such as the amount of information being collected around individuals and when cases of suspect behaviour become active investigations – and finding the line between the two.

Ongoing cases against bulk surveillance could indicate the challenges the use of AI could face – and existing guidance on procedure may need changes to meet the challenges of using AI in intelligence.

Nonetheless, the report argues that despite some potential challenges, AI has the potential to “enhance many aspects of intelligence work”.

The post Artificial intelligence will be used to power cyberattacks, warn security experts appeared first on Artificial Intelligence.

As the world becomes increasingly digital, we are unlocking more value and growth than ever before. However, a challenge that governments, enterprises and well as individuals leveraging technology are constantly facing is the growing threat of cyberattacks that looms large over us.

Cyber security solutions provider SonicWall’s 2019 report revealed 10.52 billion malware attacks in 2018, a 217% increase in IoT attacks and 391,689 new variants of attack that were identified. What’s more is that cyber criminals today are evolving with technology and upping their game. Such incidents don’t just have the potential to bring businesses to a standstill but can also inflict serious damages to their resources and repute.

With an increasing number of cyberattacks targeting critical networked resources that cannot be detected by traditional network monitoring tools, it becomes critical to explore and leverage sophisticated tools for detection and reporting of such attacks.

Artificial Intelligence (AI) and Machine Learning (ML) are two of the hottest technology trends that have the potential to transform the modern security architecture landscape. Artificial intelligence is any technique that enables computers to mimic human behavior. Machine Learning is the ability to learn without being explicitly programmed. Both these techniques are widely used in various industries like healthcare, banking and storage.

DoS and DDoS attacks

In this blog, we explore an innovative approach to detect Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks – two of the major kinds of attacks plaguing organizations – using ML algorithm by mining application specific logs.

In a DoS attack, the hacker tries to prevent genuine users from using a website by maliciously flooding it with traffic, which can cause the system to crash. The origin of the attack is single, i.e. it is made from one computer or internet connection. With hackers getting more innovative, there are multiple ways of carrying out such attacks. Recently, a specially crafted MP4 file which was circulated on WhatsApp, triggered a DoS attack on individual users. Attackers can take advantage of this vulnerability to deploy malware on the user’s device to steal sensitive files and also use it for surveillance purposes.

When an attacker uses multiple machines to send requests with mischievous intent, trying to take over the target machine’s resources, it is a DDoS attack. In what is said to be one of the most powerful DDoS attacks, GitHub in 2018 received a staggering 1.35 terabits/second of traffic on a particular day for 18 minutes. GitHub, along with their DDoS mitigation service provider Akamai Prolexic, handled the situation and resolved it within 20 minutes.

The reasons for such attacks can be varied – from an intent to steal data or defame an enterprise to using it as a decoy to perform another high impactful attack.

Some of the most high profile cases include the DDoS attack on the Telegram messaging app which hampered its day-to-day communication. Large multinationals such as Paypal, Twitter and Spotify, with some of the most advanced security tools, have also been victims to similar attacks.

Machine learning to tackle attacks

Today, enterprises across are using cloud to build and manage software. Microservices is a widely used software development technique and Application Program Interface (API) is a type of microservice used in various industries such as banking, storage and healthcare. Many instances of microservices automatically start when required. In such a situation, it is not possible for humans to monitor and check if all the instances are genuine. This presents a greater cyber-attack risk.

A system with APIs is designed to fulfill the assumption that each of the routines will be called only limited times per day and this can provide a viable solution to such attacks. But the number of calls might increase due to programmatic retries if the API fails to respond in a timely manner. Also, the number of API calls may increase in situations when debug or trouble-shooting procedures are performed. Even with troubleshooting, the maximum threshold is not expected to go beyond a defined number of calls per day.

Here, we can make a rudimentary assumption – that if an API call is invoked more than 100 times, then it may constitute a DoS/DDoS attack. The ML algorithm can then be trained using logging data to classify if the system is under attack based on certain attributes.

The logs generated by various microservices are continuously monitored using log monitoring tools such as Fluentd. Various attributes, such as client IP address, API request and date and time, are retrieved from the acquired log data.

This information can be fed into a preprocessor in real time, which calculates the number of hits on a certain API for a given date and time, and client IP address. There can be situations where multiple machines are used to attack multiple APIs exposed by a target. Every industry that uses API, especially applications that deal with sensitive information, can be impacted by DoS or DDoS attacks. These attacks are not just used for denying services to a consumer; an attacker can use it for sending malware with the intent of gathering sensitive data.

Machine Learning algorithms can be used to train and detect if there has been a DoS/DDoS attack. As soon as the attack is detected, an email notification can be sent to the security engineers. Any classification algorithm can be used to categorize if it is a DoS/DDoS attack or not. One example of a classification algorithm is Support Vector Machine (SVM) which is a supervised learning method that analyses data and recognizes patterns.

With increase in attacks, early detection is the best solution

According to data by cybersecurity firm Kaspersky, the number of DDoS attacks rose by a third in the third quarter of 2019. In its survey it observed that DDoS attacks are the second most expensive type of cyberattacks targeting small and medium sized businesses, and the average cost of such breaches is estimated to be $138,000.

With cybercrime mushrooming across the world, the players are not just limited to seasoned criminals, and traditional methods are giving way to sophisticated techniques.

Perhaps one of the strongest indicators of the escalation of such activities is the growth of the DoS/DDoS attack solution market, which is estimated to increase from $900 mn in 2019 to $9 billion in 2025.

The most recent DDoS attacks have been observed to hijack connected devices such as webcams, baby phones, routers, vacuum robots, etc. to launch their attacks.

The number of devices remotely controllable via apps is growing exponentially and the Internet of Things (IoT) is expected to easily surpass 20 billion connected devices by the end of 2020.

Current IoT system follows a centralized architecture that makes it more prone to DoS or DDoS attacks. Blockchain technology can be used to enable creation of IoT networks that are peer-to-peer (P2P) and trustless. This removes the possibility of centralized single point of failure. An attacker’s Command & Control server will not be able to gain access to publish the DDoS attack instructions because of the P2P network of blockchain.

Since we cannot control when, where or how an attack may come our way, and absolute prevention against these cannot be guaranteed yet, our best shot for now is early detection which will help mitigate the risk of irreparable damage such incidents can cause.

Organizations can use existing solutions or build their own to detect cyberattacks at a very early stage to minimize the impact. Any system that requires minimal human intervention would be ideal.

The post Using the Power of Machine Learning to Detect Cyber Attacks appeared first on Artificial Intelligence.

Businesses today continue to be bombarded by an increasing number of cyberthreats, as hackers become adept at identifying and exploiting vulnerabilities in security systems. A survey by the World Economic Forum ranked data theft and large-scale cyberattacks 4th and 5th in a list of the biggest risks facing our world. With cybercrime regularly hitting the headlines, regulators are implementing new security guidelines and costly fines for violations. Adding to the pressure are consumers who are increasingly prepared to abandon business with a company if they’ve been hit by a data breach. Businesses can’t afford to turn a blind eye to cybersecurity, which has now become a top priority for enterprises.

Attack vs defence: where things stand

The growth of IoT over the last decade has meant that thousands, if not millions, of devices are now contributing to network traffic, and all are potential entry points for attackers. With Gartner predicting that there will be 20.4 billion connected devices by 2020, the potential for unprecedented exposure is only going to continue. Furthermore, the more devices on a network, the more data security analysts have to wade through, making identifying potential threats harder than ever – especially when reports suggest that UK businesses faced a cyberattack every 50 seconds in the second quarter of 2019. While we’re seeing increased awareness around the threat IoT devices can pose, worryingly, cyberattacks on IoT devices have already increased by 300 per cent in 2019.

Compounding the vulnerabilities IoT devices can bring to networks is the nature of cybercriminals, who are constantly evolving their attacks which are becoming increasingly targeted and sophisticated. Furthermore, they’re also collaborating in marketplace environments, sharing tips and advice on how to launch attacks that will cause the most damage.

Most enterprises still rely on traditional approaches to network security to defend against threats. This approach relies on feeding historical data – i.e anomalous activity that was suspicious or malicious – into a learning algorithm so the system knows what to look out for in the future. This enables the system to flag suspicious activity that corresponds to historical data to security teams, and prevent such attacks slipping through the net.

However, this approach is no longer adequate in today’s evolving threat landscape, because it hinders an organisation’s ability to investigate activity that hasn’t been seen before, causing them to miss new attacks. Furthermore, behaviour that is deemed “normal” or “good” within an organisation is constantly evolving, and businesses have to be able to adapt in real time. This legacy approach to network monitoring also places additional stress and burden on security analysts, who don’t have the capacity to sift through the vast amounts of data collected by businesses and identify threats.  It’s no surprise that 56 per cent of senior executives think their cybersecurity analysts are overwhelmed by the sheer volume of data points they need to analyse to detect and prevent threats.

The result? Businesses that can’t identify new and sophisticated attacks, and attackers who are spending an average of 6 months within a network. Clearly, when it comes to enterprise anomaly detection, a change is needed.

Advanced detection: Deep learning & network monitoring

Deep learning powered network monitoring represents a solution to the problem. Increasingly seen as the next generation technology in network monitoring, deep learning is driven by unsupervised algorithms that continuously analyse an organisation’s regular behaviour in order to identify abnormalities. The algorithm is instructed to survey its own infrastructure and proactively search out and unearth the unknown, rather than the known “bad”. This allows businesses to detect unseen threats and take a proactive approach to cybersecurity.

Another advantage of deep learning algorithms is that they have the capability to sift through millions of pieces of data simultaneously in near real-time. The ability to identify anomalous patterns in vast data sets means deep learning network monitoring can perform a level of analysis that’s impossible for humans alone to replicate.

Empowered by deep learning tools, analysts are able to focus on the most rewarding part of their job: the investigation and detection of complex malicious activities. By accelerating access to the information, teams can collaborate and focus on understanding the root cause and the total extent of campaigns against organisations. As a result, security teams’ efficiency is boosted, stress is reduced, cybersecurity analysts’ work is highly valued and the overall organisation security is strengthened.

Businesses can no longer rely on traditional network monitoring methods that provide an inherently binary view of cybersecurity that focuses on good vs. bad behaviour. The volume of data collected by businesses is growing exponentially, and at the same time, cyberthreats are becoming increasingly sophisticated. Add in the fact that cybersecurity teams are under increasing pressure to do more with less and it’s easy to see why enterprises have historically been on the back foot.

Ultimately, deep learning transforms network security from a passive system that is fed seen behaviour, to an active solution that can detect threats in real-time and uncover things not seen before.

The post Boosting enterprise security with deep learning appeared first on Artificial Intelligence.

Artificial intelligence has increasingly been integrated into the weapons systems of the world’s leading militaries, and at least one expert has said the futuristic technology may soon be the subject of a new Cold War.

In a piece published Tuesday by The Conversation, North Dakota State University assistant professor Jeremy Straub argued that unlike the nuclear weapons that dominated much of the 21st century arms race between the U.S. and the Soviet Union, the use of cyberweapons and artificial intelligence largely remained “fair game,” even as tensions again flared between the rivals. Both countries have invested heavily in developing new tools to wage war on this new front, but Russia particularly has sought to use it as an opportunity to upstage the more conventionally powerful U.S.

“Now, more than 30 years after the end of the Cold War, the U.S. and Russia have decommissioned tens of thousands of nuclear weapons. However, tensions are growing. Any modern-day cold war would include cyberattacks and nuclear powers’ involvement in allies’ conflicts,” wrote Straub, who was also associate director of the university’s Institute for Cyber Security Education and Research, in his article.

“It’s already happening,” he added.

SOCIAL MEDIA

The U.S. has repeatedly accused Russia of conducting cyberattacks on targets in the West, going so far as to charge the Kremlin with hacking into Democratic Party servers in a bid to release information that would compromise the 2016 presidential election. The U.K. and Germany have also complained about alleged Russian hacking, and the latter formed a new military branch last year specifically dedicated to countering cyber ops, which Straub has previously warned could soon involve AI-generated assaults that would devastate current defenses.

Germany’s Cyber and Information Space Command joined Western military pact NATO in preparing for the Cyber Coalition exercise last November as the U.S.-led alliance sought to boost its electronic warfighting abilities. The U.S. military has also expressed concern that it was falling behind the pace of an ever-changing battlefield, and experts have urged the U.S. to quickly catch up.

As part of an ambitious effort to restore his military to its former Soviet glory and likely beyond that, Russian President Vladimir Putin has prioritized not only electronic warfare, but also the use of artificial intelligence, which he famously called “the future, not only for Russia, but for all humankind” in a September 2017 back-to-school speech to students in Yaroslavl.

“Whomever becomes a leader in this sphere will be the master of the world,” Putin said. “And I would very much like it that there is no monopoly of this in any specific pair of hands.”

ROSTEC

Innovations in weaponized artificial intelligence have already taken many forms. The technology is used in the complex metrics that allow cruise missiles and drones to find targets hundreds of miles away, as well as the systems deployed to detect and counter them. Russia has also used artificial intelligence to build powerful exoskeletons that give soldiers a near superhuman advantage and to develop literal war-fighting robots that can dual-wield guns, drive vehicles and potentially even travel to space.

As the U.S. employed groundbreaking artificial intelligence in its own weapon systems, such as the advanced, yet oft-troubled, F-35 Lightning Jet II, it faced a new challenger that also sought to close the capabilities gap between its own military and that of the U.S.: Chinese President Xi Jinping. Xi has committed billions to becoming a global pioneer in artificial intelligence and has made major strides in recent years. Chinese automation in the defense industry may also triple the country’s production of bombs and shells by 2028.

The post WILL ROBOTS FIGHT THE NEXT WAR? U.S. AND RUSSIA BRING ARTIFICIAL INTELLIGENCE TO THE BATTLEFIELD appeared first on Artificial Intelligence.

In the ever-changing environment of cybersecurity, executives are always looking for the next big trend that will set them apart from the rest of the competition. In a year where ransomware attacks have already increased by 250 percent, new technologies can give an advantage to those trying to protect you and your information online—especially when organizations are facing a cybersecurity skills gap and struggling to hire qualified people to handle the job.

Artificial Intelligence in Cybersecurity

A new report from Cylance—Artificial Intelligence in the Enterprise: The AI Race Is On—focuses on one of the latest technologies. Artificial intelligence (AI) enables organizations to gain an edge on any and all attacks on their systems.

The inaugural report was compiled from a survey of 652 IT executives in the United States, United Kingdom, Germany, and France. It shows that many value AI-powered security and plan to continue investing in the technology in the future. Of those polled, 60 percent already have AI-tools in place, and 79 percent say that it is a priority for their C-suite executives and boards.

Some of the more specific finding show:

• 77 percent of those asked think it is impossible for an all-human cybersecurity team to keep up with threats
• 81 percent said AI is detecting threats before security teams can
• 61 percent say AI skills are an essential hiring factor for security teams.

Artificial intelligence has already been shown to have substantial success in preventing breaches. For the cybersecurity world, AI is the ever-rising bar. The Cylance report shows that 77 percent of those surveyed have prevented more breaches following their use of AI tools. 74 percent of respondents say they wouldn’t be able to cope with the security skills gap without AI. These stats show why 64 percent of IT executives are expecting to see the ROI from their investment in AI-powered tools in less than 2 years.

“Executives who were first to make the leap of faith in AI have been the first to begin experiencing the rewards, particularly in the prevention of cyberattacks,” agrees Daniel Doimo, president and chief operating officer of Cylance. “Over the next year, I only expect to see this trend accelerate.”

Addressing the Cybersecurity Skills Gap

With so many advantages to AI-powered tools, one of the driving forces in further investments is to beat out the competitors–with 83 percent specifically investing to gain an advantage against competitors. To help add to the growing need for more security, AI-powered tools also offer increased cybersecurity jobs for humans.

AI can be a bit of a catch-22 when it comes to the cybersecurity skills gap and careers in cybersecurity. If AI can do the job more effectively and efficiently than humans, will humans just lose their jobs?

That is a very relevant question. According to the Cylance report, those concerns linger, but also present unique new opportunities. “68 percent of IT decision makers say AI will make certain jobs obsolete, and 74 percent are concerned AI technology will replace human jobs. But, 93 percent say it will create new job opportunities, and 80 percent believe AI will lead them to hire new workers and retrain existing employees.”

The post Can Increased Presence of Artificial Intelligence in Cybersecurity Address Skills Gap? appeared first on Artificial Intelligence.

Today, machine learning has come of age as it seeks to create predictive models and algorithms and gives computers the ability to carry out tasks without being explicitly programmed. Examples of Machine Learning we use on a day-to-day basis are Google search engines, recommendations from Amazon, Netflix and YouTube, and even suggested friends on Facebook.

However, machine learning is also being called out as the saviour of cybersecurity, with companies incorporating it into their technologies to predict, prevent and defeat the next major cyber-attack.

With internet crime growing at the rate it is, we need all the tools in our armory to stand any chance of keeping pace.  According to the Australian Competition & Consumer Commission, security scams have cost Australians over $950 000 to date in 2017, with hacking scams hitting the hardest.

Automation and machine learning is helping us to remove some of the heavy lifting from time-consuming security-related tasks. For example, we can analyse the normal behaviour for privileged users, privileged accounts, privileged access to machines and authentication attempts, and then identify deviations from the normal profile. Machine learning algorithms that continually adjust the baseline means we can continually adapt to a changing risk environment.

Adopting more of this technology will stop us from becoming too overwhelmed by the rise in the number of attacks. But this isn’t just about solving a volume issue; machine learning also helps us to combine insights gathered from customer data and produce a more complete and immediate understanding of evolving threats.

Surely, then, it is the answer we have been looking for to beat cyber attackers? Unfortunately, it’s not that straightforward. Two can play at this game, and cyber criminals are also findings intelligent new ways to use machine learning to their advantage.

AI-driven cyberattacks are able to learn and get better as they evolve. For example, ransomware attacks – already a huge concern for consumers and businesses – are using machine learning to get smarter and more targeted about what information is held hostage and how much to charge for it. Phishing scams are also become far more convincing using AI to mimic the writing style of friends and colleagues.

Cybercrime is a lucrative business, and attackers are prepared to invest in tools and technologies which will result in a higher number of successful attacks. The more advanced and more targeted attacks which were typically reserved for nation-states and criminal syndicates are becoming available on a greater scale.

We are moving towards a game of machine versus machine, and for this technology to stand any chance of becoming the saviour of cybersecurity, we need to make sure AI applications learn to defend must faster than they learn to attack. Continual innovation and industry collaboration will be critical for this technology to identify anomalous behaviour, adapt to a changing risk environment, and get ahead of the cyber criminals.

Greater attention will also need to be paid to securing corporate IT infrastructures against attacks and developing comprehensive IT security strategies to strengthen defences against what is an evolving threat landscape.

The post Machine learning: The saviour of cybersecurity? appeared first on Artificial Intelligence.