Role of machine learning in cyber security

Introduction

Laymen explanation

Analysts at ABI Research estimate that machine learning in cybersecurity will boost spending in big data, artificial intelligence (AI) and analytics to $96 billion by 2021, while some of the world’s technology giants are already taking a stand to better protect their own customers.

Technical explanation

Machine learning has become a vital technology for cybersecurity. Machine learning preemptively stamps out cyber threats and bolsters security infrastructure through pattern detection, real-time cyber crime mapping and thorough penetration testing.

Applications

• Close zero-day vulnerabilities

• detect malicious activity like ransomware and stop attacks

• Automate repetitive security tasks

• Empower BYOD mobile devices against security threats

Nature of domain

• • Real time analysis is needed many times. For example, zero day attack needs analysis of real time traffic

  • Prediction of attacks based on temporal data (time series data) is important task.

ML helping hand in cybersecurity goals

ML tools

Anomaly detection models

Anomaly detection based ML models can help to detect intrusion and zero day attack. Refer here for the detail. Also, refer colab example for zero day attack demo.

Monte Carlo simulation

It assigns lower and upper limit for financial loss in case the threat occurs

Refer colab for monto Carlo simulation example for ransomware attack loss.

Graph based security analysis

This is recent area. Refer here for the detail. This is another paper

DeepDefense

Refer this paper for the detail

Data collection points

• Packet level data

• Flow level data

• Connection level data - For example, VPN session data

  • Host level data - For example Endpoint protection platforms (EPP) which resides in the BYOD devices

Refer here for detail of interesting security parameters

IS MACHINE LEARNING ENOUGH TO STOP CYBERCRIME?

It's a tool in the toolkit. Over-reliance on AI in cybersecurity can create a false sense of safety. That's why, in addition to judiciously applied algorithms, cybersecurity experts, data scientists and psychologists are crucial

Reference

https://www.mdsny.com/5-top-machine-learning-use-cases-for-security/

https://builtin.com/artificial-intelligence/machine-learning-cybersecurity

https://images.app.goo.gl/dmXX7emTrFTD4pip6

https://images.app.goo.gl/HEkAH9CDg5u7jv3A7

https://images.app.goo.gl/ZrpRGCueCB2DZrCN8

https://www.linkedin.com/posts/dpkumar_anomalydetection-cybersecurity-machinelearningmodels-activity-6767977267718184960-5xbh

https://images.app.goo.gl/NHvRv7cTmHbNk2HQ6

https://embracethered.com/blog/posts/2020/red-teaming-and-monte-carlo-simulations/

https://journalofbigdata.springeropen.com/articles/10.1186/s40537-020-00318-5

https://dzone.com/articles/positive-impact-of-graph-technology-and-neural-net

https://arxiv.org/pdf/1812.01661.pdf

https://www.semanticscholar.org/paper/DeepDefense%3A-Identifying-DDoS-Attack-via-Deep-Yuan-Li/2550d4f922f9652c4755695c822e492161524bce

https://colab.research.google.com/drive/1D4z6kRAnSqJ4X21kMxMF2QWlpylmDmVQ?usp=sharing

https://colab.research.google.com/drive/1D4z6kRAnSqJ4X21kMxMF2QWlpylmDmVQ?usp=sharing