AI In Cyber Security




"Bright Side Of AI"


In this digital world, when cyber security expert connect online linked devices, they face a lot of problems. The experts need all prevention technique for attacks and security cracks and respond to the attacks. So, when more security threat and security breaches occur with heavy traffic, at that time human cannot handle the whole situation. It is hard to create such a software with hard logic to maintain this cyber threats. Cyber security issues are settled with procedures of Artificial Intelligence(AI) area by using AI applications and the already existing methods.


The day to day increasingly cyber security threat can be reduced by AI into cyber security systems. With machine learning and AI, that peak of data could be solved in fraction of time, which helps any organization to identify and recover from the security threat.


What is AI ?


In early days, Computer Security and AI were not connected to each other but now AI is a part of computer science. It creates a machine who think and work like human. The goal of AI researchers were decrease human work. One of the example of AI is CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart). For a prevention of new exploits and weakness, AI can helps up very quickly by identification and analysing it and also give a best solution to us. AI can detect the anonymous threats and give better response before it spread in to system.


AI technique for cyber security:


Expert System:


An Expert System is a computer system that copies the decision making ability of a human. This is a best example of Knowledge Based system. These Knowledge-Based systems are composed of two subsystems: the Knowledge Base and the Inference Engine. The Knowledge Base represents the illustrations and assertions in the real world. The Inference Engine is an automatic reasoning system. It evaluates the current situation of the Knowledge Base and applies the rules relevant to that, then asserts new knowledge in to it. An expert system is a computer system which have decision making capability as a human, therefore, it is an example of Knowledge Based system.

The Knowledge Base system is consist of two sub parts:

  • The Knowledge Base.

  • Inference Engine.


The Knowledge Base can represents the illustrations and assertions in the real world. Where, the Inference Engine is an automatic reasoning system. It find out the new assert from knowledge base current situation through evaluating the current situation and apply the rules relevant to it. CSIA Cyber Security Artificial Intelligence Expert System has represent the following component for Knowledge Base and Inference Engine.

Knowledge Base Component:

  • Malicious IP Address

  • Known Malware

  • Known Virus

  • Approved Applications

  • Approved IP Address

  • End Point Usage Statistics

Inference Engine:

  • IP Address Geographical Location

  • Connection Attempts

  • Connection Patterns

  • Frequency of Program Use

  • Document Usage

  • Login Timestamps

  • Login Attempts

  • Port Communication

  • File/Folder Access Patterns

In Security expert system, they use rules to identify the cyber-attacks in process. If any cyber attacks is found then it will remove that process otherwise that process give to the Interference Engine who identify whether it is safe, moderate or severe and then add that process in the Knowledge Base.


Neural Nets:


Neural Nets is an advanced branch of AI. It work as a human brain. Neurons are largely general purpose and domain-independent. It can identify any type of data. By applying deep learning, we can identify the malicious file without human interaction. It is strongest way to detect any malicious activity, compared to classical machine learning systems. When it enforce in hardware or graphic cards it generate fast response so it decrease the detection time in cyber security.


Intelligent Agents:


Intelligent Agent is an independent entity. It uses a sensor to detect any movement and follows it by agent achieve the goal. It is either learn or use the knowledge base to reach that objectives. They might be extremely simple or very complex. A reflex machine is an example of intelligent agent. It understands agent interaction language, pro-activeness and reactivity. It catches real time things, learn new things through communication with environment. It is use memory based standard storage and recovery abilities.

Intelligent agent is work against Distributed Denial of Service (DDoS) attacks. It develop cyber policy in case, if there is any legal or business issue. Cyber Police should have mobile intelligent agents. Cyber police support the quality and interaction between the intelligent agents.



PROs:


  • Expert system provide decision support, intrusion detection, knowledge base, and inference engine.

  • Neural Nets provide intrusion detection and prevention system, high speed of operation, DOS detection, and forensic investigation.

  • Intelligent agents provide proactive, agent communication language, reactive, mobility and protection against DDOS.


To solve any cyber security threat, intelligent security is required. AI give more robust solution then temporary solution of cyber-attacks. So, if we want to increase a security implementation and dense against the anonymous threat we have to use AI in cyber security domain.


AI is evolving day by day , So do Cyber Security!

#cybersecurity #hacking #AIincybersecurity #infosec #hackwithai

People Do Crazy Stuff and We are one of them.

Thinkers and doers, from the field of Cybersecurity, Ethical Hacking, Python, Dark Net and Forensics, getting inspired from people from the same as well as different field of knowledge.

  • 800px-Telegram_2019_Logo.svg
  • Twitter
  • Instagram
  • Facebook

© 2020 by Bluefire Redteam LLP