AI vs. Hackers

Cybersecurity Teams Integrate Artificial Intelligence to Neutralize Threats



The annual cost of cyberattacks is expected to increase from US$3 trillion in 2015 to US$6 trillion by 2021.

With cybersecurity, the best defense might just be automated. As hackers grow more sophisticated, cybersecurity teams are increasingly incorporating adaptive tools built around artificial intelligence (AI) and machine learning technology.

The need is apparent: According to Cybersecurity Ventures, the annual cost of cyberattacks is expected to increase from US$3 trillion in 2015 to US$6 trillion by 2021. Enter AI-backed tools, which can be designed to constantly look for threatening patterns without much human intervention, says Humayun Zafar, PhD, associate professor of information security and assurance, Kennesaw State University, Kennesaw, Georgia, USA. “Most attacks are automated, so you need an automated tool to find them.”

DeepArmor, a project to develop the first AI-powered “cognitive” antivirus system, is one of the most well-known current efforts. Led by security software firm SparkCognition, DeepArmor leverages neural networks, machine learning analytics and natural language processing to identify files that appear malicious and remove them from a system. This approach enables the system to adapt as it learns about new types of attacks, which can prevent zero-day threats—when hackers find and exploit a software flaw that is unknown to the vendor.

“Traditional virus detection programs can't easily identify zero-day attacks,” Dr. Zafar says. “So this a great example of the role AI can play in cybersecurity.”

The Massachusetts Institute of Technology (MIT) and AI developer PatternEx are partnering on a similar project to create an AI platform called AI2 that predicts cyberattacks by analyzing massive amounts of data and incorporating input from human experts. In an article from MIT's Computer Science and Artificial Intelligence Laboratory about the project, research scientist Kalyan Veeramachaneni, who co-developed AI2, likens it to a virtual analyst. “It continuously generates new models that it can refine in as little as a few hours, meaning it can improve its detection rates significantly and rapidly,” he says.


—Humayun Zafar, PhD, Kennesaw State University, Kennesaw, Georgia, USA

But AI alone can't defeat hackers. The combination of humans and automated systems is vital, Dr. Zafar says. While AI technology can automate scanning for malicious events, humans still need to determine whether the threat is real. That presents a big challenge for project teams developing new software.

Typical cybersecurity software generates a lot of false positives, which can cause users to develop “alert fatigue” and stop paying attention, he says. But developers struggle to eliminate false positives because the nature of the attacks is constantly evolving. “It's hard to eliminate a problem when you don't know what it looks like.”

Teams must also be able to prove their technology works, which can be more difficult than it sounds. “Traditional project development testing practices fall short when it comes to an in-depth analysis of issues pertaining to software assurance,” Dr. Zafar says. “And the last thing you want to do is test your software with the same people who built it.”

He encourages project teams to employ professional ethical hackers to test systems, or to crowdsource testing by offering “bug bounties,” which incentivize people to hack a piece of software to intentionally uncover its flaws. The practice is common in the industry. For example, the U.S. federal government's Defense Advanced Research Projects Agency hosted a bug bounty challenge at the 2016 Def Con Hacking Conference. Competing teams were challenged to create and use an autonomous system to identify software flaws while protecting hosts and maintaining the software's correct function. The winning team received US$2 million in prize money.

“Bug bounties are a great way to find flaws in your system,” Dr. Zafar says. “It can also be a great way to find new talent for your team.” —Sarah Fister Gale



Related Content

  • PM Network

    3D Printing Takes to the Skies member content open

    By Fister Gale, Sarah The U.S. space shuttle had over 2.5 million parts—an incredible feat of engineering, but also a staggering number of pieces that could break. Recently, aerospace companies have been embracing 3D…

  • PM Network

    Cognitive Care member content open

    Artificial intelligence (AI) might be just what the doctor ordered. Healthcare organizations are collaborating with scientists and tech companies to launch R&D and pilot projects. The goal is to…

  • PM Network

    Autopilot Perils member content open

    From robots performing repetitive manufacturing tasks to computer programs that analyze data and generate solutions, automation is suddenly everywhere—and driving a new demand for projects. Nearly…

  • PM Network

    Change Is In The Ground member content open

    By Parsi, Novid Metric depiction of how the mining industry is leveraging new technologies to ensure ROI on exploration projects.

  • PM Network

    True Believers member content open

    By Parsi, Novid Building a crowning religious center in a seismic zone took a lot more than faith. The US$30 million, 14-year project was the last of eight continental temples around the world commissioned by the…