AI usages in cyber security

By Aditya Abeysinghe

Security on the internet has been a discussed issue for quite some time. When thinking about security on the internet, security in communications between users and services, security in the cloud and other types of security need to be thought. With increasing use of the internet and newer attacks to systems, securing internet systems has been a long-discussed issue. Many systems which have higher user interactions are using Artificial intelligence (AI) to automate prevention of attacks to safeguard systems.

Where is AI in cyber security?

AI systems can detect, predict or classify attacks from captured network data. Different types of algorithms which either predict or classify output(s) based on network data can be used to detect attacks. AI systems trained on data from a network can be used to detect when a change from the normal network activity is detected. Classification algorithms can be used to classify anomalies in networks and predictions can be used to predict network activity. Therefore, different types of attacks which are new to systems can be detected and prevented using AI models.

Natural language processing is a technique where data is processed using natural language and speech. Many systems use AI for interacting with users such as using chatbots, voice and text input menus etc. Natural language processing can be used to convert user inputs to machine readable format and break sentences to words. Then AI algorithms can detect anomalies in these data and predict attacks based on these anomalies.

Cloud services use AI to monitor systems and fix issues in networks and different services allocated by users. Many resources provided by these cloud services are used by large number of customers and their usage vary based on various factors. Monitoring such a large volume of user interactions using usual network attack detecting methods is often not feasible. Therefore, AI is used to automatically detect any anomalies from known network activity and then alert both users and providers.

What are the advantages?

With the volume of users on the internet monitoring network attacks is often not practical for detection systems which are based on non-AI based methods. Reasons for this are varied network attacks on the internet and the inability of non-AI methods to perform predictions on how the network will behave under certain event triggers. AI algorithms which classify attacks in networks often can self-learn and change their functions automatically without manual training. Therefore, novel attacks could be detected using AI-based detections as opposed to signature-based methods used in non-AI detection methods.

Most network detectors used to detect network attacks are costly to purchase and maintain. However, most AI models could be purchased and used without any additional charges. Large businesses which need to detect attacks in their systems also develop their own AI algorithms. Therefore, these AI models could be made for their own needs and have minimal side effects when deployed. AI models also have minimal storage requirements compared to most hardware-based monitoring systems and can be easily upgraded at less cost and effort.

Downsides

The main disadvantage of using AI models is that they require large datasets to train and test before being used. These datasets are often not available for public or are not suitable for most custom AI models. Therefore, network data required to train models need to be obtained and then cleaned. This is often a time consuming and costly process which also require experts in data analysis and AI.

Another disadvantage of AI models is their high computational usage during detection and model training. Many large-scale businesses use large scale servers which are costly and need separate space for hosting. Also, other services which should be used with AI services need to be merged. Therefore, additional costs in designing, integrating, and testing the platform need to be incurred.

Image Courtesy: https://xgrcsoftware.com