The impact of AI on the cybersecurity arms race

 

Every day, the average firm receives 10,000 notifications from the different software tools it employs to detect intruders, malware, and other dangers. Cybersecurity personnel are frequently flooded with data that must be sorted through in order to maintain their cyber defences.

The stakes are really high. Cyberattacks are on the rise, affecting hundreds of companies and millions of people in the United States alone.

These difficulties highlight the need for improved methods to halt the flow of cyber-breaches. Artificial intelligence is very well adapted to detecting patterns in massive volumes of data. As a researcher who researches AI and cybersecurity, I see AI as a critical tool in the cybersecurity toolbox.

Human assistance

There are two major ways in which AI is improving cybersecurity. For starters, AI may assist in automating numerous operations that a human analyst would typically undertake manually. These include recognising unrecognised workstations, servers, code repositories, and other network gear and applications. It can also advise on how to effectively allocate security defences. These are data-intensive activities, and AI has the ability to filter through terabytes of data far more efficiently and effectively than humans can.

Second, AI can assist in detecting patterns in enormous amounts of data that human analysts cannot notice. For example, AI may recognise significant language patterns used by hackers when publishing developing dangers on the dark web and notify researchers.

More precisely, AI-enabled analytics can assist in deciphering the jargon and code phrases used by hackers to refer to their new tools, tactics, and processes. One example is the use of the moniker Mirai to refer to a botnet. The phrase was used by hackers to conceal the botnet issue from law enforcement and cyberthreat intelligence specialists.

There have already been some early breakthroughs using AI in cybersecurity. Companies like FireEye, Microsoft, and Google are increasingly exploring creative AI ways to identify malware, thwart phishing attempts, and track the spread of misinformation. Microsoft's Cyber Signals initiative, which employs AI to monitor 24 trillion security signals, 40 nation-state organisations, and 140 hacker groups to create cyberthreat information for C-level executives, is one notable result.

Federal funding agencies such as the Department of Defense and the National Science Foundation recognise AI's potential for cybersecurity and have invested tens of millions of dollars in developing advanced AI tools for extracting insights from dark web data and open-source software platforms such as GitHub, a global software development code repository where hackers, too, can share code.

AI's Drawbacks

Despite the potential benefits of artificial intelligence for cybersecurity, cybersecurity experts have questions and reservations regarding AI's position. Companies may be considering replacing human analysts with AI systems, but they may be concerned about how much they can trust automated systems. It's also unclear whether and how the well-documented AI issues of bias, fairness, transparency, and ethics will manifest themselves in AI-based cybersecurity solutions.

Furthermore, AI is beneficial not just to cybersecurity experts attempting to stem the flow of cyberattacks, but also to criminal hackers. Attackers are developing new sorts of cyberattacks that can elude cyber defences by employing methods such as reinforcement learning and generative adversarial networks, which generate new information or software based on limited samples.

Researchers and cybersecurity experts are constantly learning about the various ways that bad hackers use AI.

The path ahead

In the future, there is enormous possibility for advancement for AI in cybersecurity. Predictions made by AI systems based on patterns identified will, in particular, assist analysts in responding to new dangers. AI is a fascinating technology that, with proper nurturing, has the potential to become an essential tool for the future generation of cybersecurity experts.

However, the present rate of AI advancement suggests that completely automated cyber conflicts between AI attackers and AI defenders are likely years away.