Impact Of Artificial Intelligence And Machine Learning In Cyber Security


Trends are cyclical. New, shiny, fancy objects take the sheen off the old ones.

The latest to enter the arena is Artificial intelligence (AI) and machine learning (ML).

As expected, the arrival of these two has led to the formulation of new use cases such as predictive recommendations and self-driving cars.

In this write-up, we will try and focus on how does the arrival of AI and ML influence the cybersecurity world?

Can the modern-age organizations leverage AI and ML to tackle the old foes – cybercrime, fraud and identity theft?

AI and ML are in the process of being adopted and integrated into many cybersecurity platforms. Let us analyze the benefits and impact that these technologies can potentially wield in cybersecurity.

As is typically the case – when any new tool or technology goes mainstream, a couple of things happen:

a) we expect too much and hope them to change the world, or

b) we don’t fully comprehend the primary application of the tool and end up writing bad implementations leading to disenchantment

In the case of AI and ML, they are cousins but one separated. While there is no consensus on the exact definition of AI – Wikipedia, Technopedia, Forbes, Inc., etc. all differ on what AI represents – the fact is that AI and ML are here and aren’t going away anytime soon.

Here is a rule of thumb:

1. Can a computer convince a human they’re communicating with another human?

2. The Employment Test – when a robot can completely automate economically essential jobs. Maybe, a robot could walk into a house unknown to it and brew coffee.

These are a couple of metrics – there are many more.

Machine learning happens on data, loads of it. ML could be a set of algorithms trained on a set of data to detect patterns, anomalies, or any other routine that introduces efficiency and productivity at scale. There is, of course, the possibility that the algorithms may stray away from the real intent and begin generating erroneous or unwarranted conclusions.

Let’s review a few examples of AI and ML use cases and applications:

1. Recommendations and Predictions:
We see this on a daily basis. The emails we receive, the content we read, the offers and promotions sent our way or even pricing options offered for flights and hotels are all personalized to a degree, and Machine Learning powers this personalization. The algorithms monitor our behavior, draw inferences from those patterns and continuously learn from the dataset.

2. Self-driving cars:
Tesla is pioneering the concept of autonomous, intelligent, self-driving fast cars. It’s not 100% AI based on textbook definition but the ability of vehicles to be able to forewarn the driver and passengers about the possibility fatal accidents is pretty neat.

3. Cybersecurity:
There’s a new breed of hackers and disruptors out there. Fame alone no longer suffices for this crop – they want to hold people hostage by hijacking their data or threatening to release sensitive information. Remember the Ashley Madison case?

AI and ML have made it a bit easier to detect the proliferation of malware and identify early on in the lifecycle if a file/resource is showing signs of belligerent behavior. This level of automation has been possible with pattern detection, behavior-based anomaly detection and advanced use of heuristics – all based on Machine-learned solutions – to keep the intruders out.

It’s not the case that human beings lack the intelligence to detect such anomalies and curate solutions, the ability to do it at scale in an independent, adulteration-free fashion is the difference.

The responsibility to vet the results of the algorithm and make adjustments to fine tune the recommendations and false positives / false negatives lies with the creators and writers of such algorithms, and that is where ML remains grounded to the influence wielded by its author while true AI can learn and course correct automatically,

The ability to detect and attribute the source of an attack, for example, is generally not straightforward. Most of the time, due to lack of markers on the origin of the attack, wild accusations fly in all directions. ML algorithms, however, can help in this regard by creating a signature of the attacker and doing the backward math on possible origination points and intended targets.

While this article is not going to dig into Chaos Theory, but there are several implementations of intelligent algorithms where assignments for infrastructure security, Los Angeles International Airport, for example, are determined by the secondary output of these algorithms.

Several other airports around the world use these ML engines to figure out the threat levels and whether or not to flag a package, bag, customer for random inspection.

As always, technology is gullible. With tens of good use cases, there would be few bad ones as well. It’s still early days for both ML and AI, and it would take a little time and better implementations for these technologies to be completely hands-off and running independently.

It is, therefore, a prerequisite to prevent the occurrence of Adversarial Machine Learning scenarios wherein the perpetrators can influence the determination logic of the algorithms to let their malware or malicious code through the defense mechanism. Each such implementation will and should have a near-unique check-and-balance tool to audit the predictions and outcomes emanation from the ML and AI implementations.

No system is perfect though. As long as steps are taken to mitigate the adverse outcomes and amplify the positive use cases by continually improving the base system led by injecting new data sets, the evolution is on track. AI and ML will continue to evolve, grow and solidify with time. We are still some time away from having iRobot, Minority Report and similar-themed movies in our real lives, but the sparks are all there, and it’s only a matter of time.

Ready to create the next big thing?