How AI and Security come together?
- Refer to AI
- Refer to Security
- How AI Will Be Used in the Security?
- Show the Learning Objectives
- Show Examples Related to AI and Security Use Cases Together.
Chapter Outline
- How AI security come together?
- Precautions that need to be taken to protect AI system
Key Learning Points
- How AI will be used in the security?
- Show the learning objectives
- Show examples related to AI security use cases together.
How Can AI be Used for Security?
Refer to previous chapters on artificial intelligence (AI) and security for more details.
How does AI and Security come together to play a major role in the industry?
AI Security
AI uses a modernized approach to security use cases (Wells 2019). This brings a unique approach to finding security solutions. Using AI as a tool and technique to the security use cases can be useful in solving and automating security issues. Here are some benefits:
- Saving time and money, and subsequently enabling automation of security AI.
- Able to access hidden data from a network location that is easily searchable.
- AI will initiate an automatic search through a massive amount of data to create thousands of signals. These signals give
the security workforce insight into high confidence
security stories that require attention to protect
government organizations, countries, and enterprise
organizations. - AI automation will buy time for the security workforce to investigate security threats, which can be useful for the organization. Usually, organizations must frequently deal with a large amount of data; however, large amounts of data and archaic processes create security gaps that are predicated by attackers’ enhanced technology.
- Devices such as Internet of things (IoT) devices, and sensors connecting through Wi-Fi, network, web service calls, application programming interface access, public network, and social media bring many possible security breaches. It is overwhelming to keep track of security issues and breaches that may occur in these interactions; this is the rationale behind using machine learning (ML).
AI Security Use Case
AI tends to have advanced technology parts that are capable of sensing, comprehending, acting, and learning.
The current exposure to AI is impacting how businesses are running and competing. AI provides insights that have not been thought of before, and allows business to thrive in ways that have not been seen since the Industrial Revolution period of the 18th century.
AI can track all the security requirements with workforce visibility. This saves time and effort. Blind spots in searching is not a weak functionality of AI.
AI can help leaders develop or implement drives to reveal new values.
AI will help leaders drive innovations to unlock trapped value in core businesses and beyond.
What could your organization achieve if every interaction with technology were intelligent?
Here are the two use cases on-premises security information and predictive cases.
The first use case is an assumption that attacks on the Cloud link security operations creates tools with the capability of providing responses and defenses based on AI reasoning. AI tools can make accurate predictions based on human behavior patterns. This could be a threat to the organization.
The second case is to protect user access. Improving the efficacy of cybersecurity will help detect and prevent cyberattacks.
Intelligently Secure Conditional Access
AI applications tend to lack the reasoning behind decisions (Gonzales Rivera, Chen, and Dahanayake 2008). These decisions are just black boxes. This is a reason why AI will not replace human workers. AI is believed to complement and support human beings. Many use cases can be cited, including speeding up routine tasks. Other use cases include detecting unusual activities or self-driving vehicles. The self-driving vehicle is currently being tested to avoid accidents and soothe human fears. Routine tasks are done accurately with defined decision rules.
Where AI Is Going
AI and human security are used to provide security protection in the physical environment of organizations. The security plan should include protection of equipment, resources, and other assets in production or office environments, including Cloud environment assets.
Physical security should consider the following: access from intruders, internal threats, cyberattacks, accidents, and natural disasters. The listed items should have a mix of technology and in-person monitoring of human security workforce. The security perimeter requires preventive measures and countermeasures.
It is helpful to consider the workforce as part of physical security for the simple reason that employees are important assets to the organization. A human can detect unseen use cases, and AI cannot. In the case of overwhelming and frequent attacks AI does a better of detecting use cases. Intrusion protection, a detector system, firewalls, cryptography, and strong data protection are strongly recommended as part of physical security.
AI and Security Marriage
It has been argued that human security teams will not be replaced soon (Fang, Qi, and Wang 2019). This may be due to trust or the fight against change. Cisco reports that cyberattacks are relentless, intelligent, and expensive. This calls for immediate action. Cyberattacks are automated and sophisticated. This creates more work for organizations and organizations must do something about this quickly. Incidents of AI malware going after defensive AI have been documented. This is a problem to watch out for. The solutions that would be ideal in this situation would be for ML and AI to fight the automated attacks. It will be helpful for ML to identify the attack’s essential detection content. The attacks consist of malware and botnets that replicate and change rapidly. Predictions tell us that attackers generate a massive amount of iterations on malware every minute.
This means malware threats are exponentially increasing daily. ML and AI are tools that can handle these attacks and no human needs to be involved. ML and AI usage can be extended to incident detection and identifying risks.
Organizations should start or continue investing in a workforce that includes expertise in ML and AI and use contingency plans outside of vendors where necessary. This approach will upskill the requirements for an experienced workforce.
Advancing technology to the next level means including blockchain: the evolution from ML to true AI. Top organizations—such as the banks—are already looking at quantum computing.
Not an Overnight Transformation
AI does not transform overnight. AI can sift through many datasets, enabling it to learn from known and unknown security threats. This leads to improved security responses and solutions for security threats. Smart and autonomous security systems are necessary.
It is a fact that AI is powerful; however, AI does not make humans redundant when it comes to addressing security issues. People are still required to defend security attacks and corrective actions need to be carried out by a human. AI will continue to detect threats, defend systems, respond quickly to security events, better analyze data, and predict behaviors using statistical models. Humans struggle with pure and raw data analysis and predictions.
Use Cases for Start-Ups
Trending start-up companies are embracing AI as a security solution. Similarly, technology giants such as Google, Amazon, IBM, and Microsoft are also playing with AI security. These companies use AI to create encryption and to launch cybersecurity products in the Cloud. It is predicted that AI will soon automate a 24×7 security surveillance, which will enable organizations to concentrate on their business continuity and most critical support tasks.
AI promises to be a key weapon in cyberwarfare, but human security teams won’t be replaced anytime soon (Delaney 2018).
AI can fight security attacks if it can withstand the hype. ML for malware will work well if it has the capability to generate different looks. As a result, Google has a type of ML called deep learning that has an algorithm capable of independently adjusting and self-regulating to train and evolve for the purposes of determining an attack’s potential. Too much data is a problem for humanity; yet, ML learns and trains more effectively the more data it has. ML can prevent violent images, scan comments, prevent phishing, and detect malware. ML is used to detect fraudulent payments, protect the Cloud, and detect negotiated computers.
Many ML and AI systems have shown tremendous promise, but they have limitations. Attackers have started using ML as a threat. This is mainly done through data poisoning. The poisoning occurs if the attacker figures out how algorithms are set up, draws the training data, and introduces misleading data that builds a counter-narrative. This becomes a situation between legitimate data versus malicious data. This approach is used on a campaign of many accounts to mark malicious data as not spam, which can be misleading. The Cyxtera organization built an ML-based phishing generator that is trained on more than 100 million effective attacks. The system automatically generated scam and e-mails. The AI-based system bypassed the attacks by 15 percent with 0.3 percent accuracy.
AI Solutions for Federal Cybersecurity
Human beings have the tendency to experience and learn how to respond to situations. The same approach can be used to countermeasure security issues on computer systems. Collective knowledge and mastered trends can be used to respond to attacks with greater confidence, scale, and speed. An intelligent system such as ML and AI can be used to fight and beat security attacks.
New Trends With AI and Security
- Evolution of AI bots for real-time adaptive security.
- 2020 is predicted to have AI Bots protecting and attacking through AI bot intruders. This is going to be a challenging time for all organizations.
- Every organization must implement AI solutions to mitigate the challenging time.
Cyber criminals will build systems that can learn and adapt to defense attacks.
- Worm: RPC vulnerability, disaster removal, and installed patches.
- Zombie: a malware strain that enslaves the IoT.
- Reaper and IoTroop: computer worms that are built to spread automatically.
- AI researchers warn that hundreds of Internet-connected robots are calling on governments to ban weaponized robots.
- Bots (computers that talk like humans such as Siri or Cortina, a computer program that completes automated tasks) are becoming one of the fastest growing trends with intelligent reasoning, messaging, and conversational interfaces. Intruders can bluff through these bots.
List of AI security capabilities:
- AI-bot capabilities
- ML
- Cyber-intelligence
- Behavioral analysis
- Ontology
- Understands entity state (posture)
- Orchestration and deception tactics
- Reactive AI-bots
- Reasoning AI-bots
- Chat with your bots software
- Creates talking knowledgebases for phone calls (Alexa).
- Enables increased accuracy
Data Protection
Useful data protection information is listed here:
CSO Online
CSO provides state-of-the art information and best practices on business continuity, data protection, prevention of social engineering scams, malware, and breaches. CSO also provides tips and advice about security issues and leadership.