Cyber security with ai
Download as PPTX, PDF15 likes17,792 views
The document discusses the intersection of cyber security and artificial intelligence (AI), outlining the capabilities and technologies involved in both fields. It highlights AI's role in enhancing threat detection and incident response, while also addressing the potential for AI to be exploited by attackers. The text also examines advantages and disadvantages of using AI in cyber security, emphasizing the need for continuous monitoring and the unpredictability of AI systems.
Cyber security with ai
- 2. Cyber Security IN ARTIFICIAL INTELLIGENCE
- 3. Artificial Intelligence ARTIFICIAL INTELLIGENCE OR AI IS THE INTELLIGENCE SHOWN BY MACHINES. WHEN ANY MACHINE BECOMES AWARE OF ITS SURROUNDINGS AND DOES SOMETHING KEEPING THAT IN MIND IN ORDER TO ACHIEVE SOMETHING. USUALLY THE TERM ARTIFICIAL INTELLIGENCE IS USED WHEN A MACHINE BEHAVES LIKE A HUMAN IN ACTIVITIES SUCH AS PROBLEM SOLVING OR LEARNING, WHICH IS ALSO KNOWN AS MACHINE LEARNING. AI IS A SCIENCE AND TECHNOLOGY BASED ON DISCIPLINES SUCH AS: COMPUTER SCIENCE, ENGINEERING, PSYCHOLOGY ETC. THE MAIN GOAL OF ARTIFICIAL INTELLIGENCE IS TO CREATE A TECHNOLO GY THAT ALLOWS COMPUTERS AND MACHINES TO FUNCTION IN AN INTELLIGENT MANNER. THE ENTIRE PROBLEM HAS BEEN BROKEN DOWN INTO THE FOLLOWING SUB-PROBLEMS · LEARNING · NATURAL LANGUAGE PROCESSING · REASONING AND PROBLEM SOLVING · PLANNING · CREATIVITY
- 4. Cyber Security CYBER-SECURITY IS THE PRACTICE OF DEFENDING COMPUTERS, SERVERS, MOBILE DEVICES, ELECTRONIC SYSTEMS, NETWORKS, AND DATA FROM MALICIOUS ATTACKS. IT'S ALSO KNOWN AS INFORMATION TECHNOLOGY SECURITY OR ELECTRONIC INFORMATION SECURITY. THE TERM APPLIES IN A VARIETY OF CONTEXTS, FROM BUSINESS TO MOBILE COMPUTING, AND CAN BE DIVIDED INTO A FEW COMMON CATEGORIES. • NETWORK SECURITY IS THE PRACTICE OF SECURING A COMPUTER NETWORK FROM INTRUDERS, WHETHER TARGETED ATTACKERS OR OPPORTUNISTIC MALWARE. • INFORMATION SECURITY PROTECTS THE INTEGRITY AND PRIVACY OF DATA, BOTH IN STORAGE AND IN TRANSIT. • DISASTER RECOVERY AND BUSINESS CONTINUITY DEFINE HOW AN ORGANIZATION RESPONDS TO A CYBER-SECURITY INCIDENT OR ANY OTHER EVENT THAT CAUSES THE LOSS OF OPERATIONS OR DATA. DISASTER RECOVERY POLICIES DICTATE HOW THE ORGANIZATION RESTORES ITS OPERATIONS AND INFORMATION TO RETURN TO THE SAME OPERATING CAPACITY AS BEFORE THE EVENT. BUSINESS CONTINUITY IS THE PLAN THE ORGANIZATION FALLS BACK ON WHILE TRYING TO OPERATE WITHOUT CERTAIN RESOURCES.
- 5. The scale of the cyber threat The U.S. government spends $19 billion per year on cyber-security but warns that cyber-attacks continue to evolve at a rapid pace.To combat the proliferation of malicious code and aid in early detection, the National Institute of Standards and Technology (NIST)recommends continuous, real-time monitoring of all electronic resources. • The threats countered by cyber-security are three-fold: • 1. Cybercrime includes single actors or groups targeting systems for financial gain or to cause disruption. • 2. Cyber attack often involves politically motivated information gathering. • 3. Cyber terror is intended to undermine electronic systems to cause panic or fear.
- 6. Common methods attackers use to control computers or networks include viruses, worms, spyware,Trojans, and Ransom ware.Viruses and worms can self-replicate and damage files or systems, while spyware andTrojans are often used for surreptitious data collection. Ransom ware waits for an opportunity to encrypt all the user’s information and demands payment to return access to the user. Malicious code often spreads via an unsolicited email attachment or a legitimate- looking download that actually carries a malware payload. Cyber-security threats affect all industries, regardless of size.The industries that reported the most cyber attacks in recent years are healthcare, manufacturing, finance, and government. Some of these sectors are more appealing to cybercriminals because they collect financial and medical data, but all businesses that use networks can be targeted for customer data, corporate espionage, or customer attacks.
- 7. Artificial Intelligence for Cyber security • The next generation of cyber security products are increasingly incorporating Artificial Intelligence (AI) and Machine Learning (ML) technologies. By training AI software on large datasets of cyber security, network, and even physical information, cyber security solutions providers aim to detect and block abnormal behavior. • There are different approaches to using AI for cyber security, and it is important first to determine which is appropriate for the organization. Some software applications analyze raw network data to spot an irregularity, while others focus on user/asset/entity behavior to detect patterns that deviate from normal.The types of data streams, how they are collected, and the level of effort needed by analysts all vary by approach.
- 8. Artificial Intelligence for Cyber security • Cyber security solutions utilizing AI and ML can greatly reduce the amount of time needed for threat detection and incident response, often being able to alert IT staff of anomalous behavior in real time.These technologies also help reduce and prioritize traditional security alerts, increasing the efficacy of existing investments and human analysts. • Attackers are also using AI and ML to better understand their targets and launch attacks. AI increases the ability of defenders to identify attacks, but it may also help hackers learn about a target’s vulnerabilities.
- 9. Which types of artificial intelligence applications are being used in cyber security solutions? It is up to human imagination. For the sake of clarity, following application categories can be examined: • Spam Filter Applications (spam assassin) • Network Intrusion Detection and Prevention • Fraud detection • Credit scoring and next-best offers • Botnet Detection • Secure User Authentication • Cyber security Ratings • Hacking Incident Forecasting
- 10. How can an artificial intelligence application that does malware analysis be used? It’s possible to detect a software whether is a Malware or a normal software with artificial intelligence. In order to develop an artificial intelligence application that does malware detection the first thing to do is to determine some distinctive features. In addition of some harmless software and some malware to those features, the system is trained. Here are some features to use in analyzation of a software: • Accessed APIs. • Accessed fields on the disk. • Accessed environmental products (camera, keyboard etc.)
- 11. How can an artificial intelligence application that does malware analysis be used? • Consumed processor power. • Consumed bandwidth. • Amount of data transmitted over the internet. By using the distinguished features, the system is built. Once you give a test software to the system, it tries to detect whether the software is a malware or not by analyzing these distinguished features.
- 12. Is artificial intelligence(AI) used to detect cyber attacks, how is its success rate? Of courseAI can be used to detect cyber attacks.There are plenty of academic researches about detecting cyber attacks using artificial intelligence. The success rate of those researches varies between 85% and 99%. In the last few years, in addition to academic researches, some products have been improved to detect cyber attacks with the help of artificial intelligence like DarkTrace. DarkTrace claims to have more than 99% of success rate and it also has a very low rate of false positives.
- 13. Are there any companies that develop cyber security applications using artificial intelligence? There are lots of companies that develop cyber security applications by using artificial intelligence. The companies that started early focusing on this domain started worthing more in a very short time. Here are the example. Dark trace, the company that was founded in 2013, developed a product that does anomaly detection on a network with machine learning.The company is now worth 825 million$. CYLANCE, the company that was founded in 2012, developed a product to prevent advanced level of cyber threats.The company is worth 1 billion $ now.
- 14. Examples of the machine learning algorithms which are being used to develop cyber security applications Spam assassin, for instance, is a project that is an open source code and it does spam mail filtering. Spam assassin makes a feature list in order to control if an email is a spam mail or not. Extracted features from an analyzed email is processed with Naive Bayes algorithm.The most common algorithms in cyber attack systems are, Random Forest, DecisionTree, SupportVector Machines etc. In the last few years, the most commonly used machine learning algorithm is without a doubt, Deep Learning algorithm. Deep learning is a machine learning algorithm that uses artificial neural networks. Nowadays, most of the companies that do artificial intelligence researchers use this method.
- 15. Is it possible to detect cyber attacks before they happen? In order for a cyber attack to be successful, there are some steps to follow successfully.These steps are called “Cyber Kill Chain”. Attackers might leave some traces in some of these steps or they can access information about the targeted company that was leaked before, while they’re in information acquisition phase. We can see similar situations like this one. Preventing these kind of situations is only possible if you observe your company constantly with the eyes of an attacker. In addition to that, knowing what the attackers can find when they do their research about your company beforehand, and as a result, taking precautions prevents these situations.
- 16. Norm shield Cyber Risk Scorecard, scans most of the information about your company, that can be accessed via internet. Some of the information that can be accessed about your company are: • Posts that target your company in dark forums or social media. • Leaked information about your company’s customers and employees. (e-mail, passwords, credit card information etc.) • Phish website, mobile and desktop applications about your company. If you know your virtual existence well and can manage it, you can reduce the risk of being affected from a cyber attack. Cyber Risk Scorecard, gives you the possibility to access information about your company from various sources and lets you manage that data which results to taking precautions.
- 17. Advantages of Artificial Intelligence • Organizations face millions of threats each day making is impossible for security researcher to analyze and categorize them.This task can be done by using Machine Learning in an efficient way. • By finding a way to work towards unsupervised and supervised machine learning will enable us to fully utilize our current knowledge of threats and vectors. Once those are combined with the ability to detect new attacks and discover new vulnerabilities, our systems will be able to protect us from threats is a much better and efficient way. • Another benefit of using AI based machines is that, in theory, these systems would work in a more calculated approach and in a more accurate way resulting in eliminating human error. Additionally, these systems could work simultaneously on various tasks, monitoring and protecting a vast number of devices and systems.They can therefore mitigate large scale attacks
- 18. Disadvantages of Artificial Intelligence • The biggest disadvantage of any AI based system is that we cannot predict what it’ll do. If fallen into the wrong hands, the result could be fatal and a whole different level can could do more damage than good. • A super-intelligent AI will be really good at completing goals, but, if those goals aren’t aligned with ours, we’ll have a problem. AI in security systems had foregone the utilization of valuable analyst skills and therefore didn’t benefit from human feedback. • Even though the initial concerns about the development on AI in cyber security may revolve around concerns about eliminating the much needed human expertise, intuition and judgment, the real disadvantage of artificial intelligence is its unpredictability.
- 19. ThankYou