AI – Powerful Tool in Cyber Security

artificial intelligence

This post is also available in: עברית (Hebrew)

AI (Artificial Intelligence) related methods are being more and more applied in the next wave of cyber security techniques. Whether using deep learning for malware detection or machine learning for behavior analysis and risk assessment, AI technology has broad applications to cyber security.

The confluence of parallel computing platforms using GPUs, innovative new algorithms based on neural nets and massively scalable infrastructure available in the cloud have fueled an explosion of innovation and corresponding applications. Although much of the hype and more than a little PR AI-washing centers on AI’s use for image recognition, natural language processing and business intelligence, the same strength in pattern matching that enables algorithms to ‘see’ a potential tumor or identify latent customer preferences, makes AI a powerful tool in cyber security.

As attacks have gotten more sophisticated, it’s much harder for organizations to defend against. Even those with dedicated security teams using the latest products as part of a multi-layered defense often find themselves overwhelmed by data and false alarms, struggling to separate legitimate attack signals from streams of noise.

AI can act as a force multiplier in the cyber security realm. Whether by adding a powerful set of eyes to screen and filter security data, improving defenses through the use of reinforcement learning and predictive analytics or by applying machine learning to highlight significant incidents by predicting the severity and business implications of identified threats.

According to diginomica.com, AI has been an active area of security research and investment and the fruits of numerous projects in both startups and established vendors alike are coming to fruition. The website mentions several examples to the use of AI to confront cyber challenges, including: Deep Instinct’s use of AI to create malware detection software that can identify previously unknown threats in real time for a raw stream of network traffic; .SparkCognition, which uses a similar machine learning approach to malware detection, and SMFG which has built a neural network for fraud detection. These work by detecting obscure, latent patterns common to malicious applications, not by matching code signatures to a known malware database.

The amount of startup companies applying AI to various security problems illustrates the potential for using new algorithms for a variety of security challenges.

Startups aren’t the only ones applying AI to security, as Cisco used machine learning as part of several modules in its new network security suite, including for encrypted traffic analysis and traffic analysis(DNA-Center). Many large companies choose to acquire AI security technology from startups, with several notable deals already in 2017 by Amazon, HP Enterprise, Sophos, Accenture and more.

Undoubetdly, the technology has broad applications to cyber security, concludes diginomica.com.