Machine learning in cybersecurity: the long road towards AI
There’s always plenty of buzz around AI, but does it even exist? We take a look at what the artificial neural network (ANN) of today tells us about the future…
Artificial Intelligence has been a popular ‘just around the corner’ concept for decades, but the reality is proving harder to nail down. The vast scope required of a science-fiction-style AI that could answer any question on any topic with super-human intelligence is still a long way off.
Ilia Kolochenko, CEO High-Tech Bridge said: “Artificial intelligence refers to a system where you can ask it any question, from philosophy to the weather, and it’ll be able to answer like you were speaking to a human.”
However, use of a branch of AI, the intelligent ‘cognitive systems’ is increasing, and gaining particular interest in the security industry. Just one example being the Cyber Grand Challenge run by the US Defense Advanced Research Projects Agency (Darpa) at DefCon in August. Dubbed the world’s first automated network defence tournament, the winning company walked away with $2 million in prize money to continue developing its machine learning technology.
Kolochenko continued: “It’s difficult to find a start-up that doesn’t claim to use it in some way,” he said. “We should not over-estimate it [machine learning] – we need to understand that it can’t replace humans, instead it can significantly aid human tasks.”
“A lot of cybersecurity companies misuse the term ‘AI’, as practically speaking AI shall be capable to solve any type of problem (similar to human brain), and such technology does not exist yet. However, machine learning technologies, such as Artificial Neural Networks (ANN), open a lot of opportunities for intelligent automation. Classical algorithms need to know all possible inputs to give you a reliable output, whereas an ANN - once trained - will be capable to solve problems where all possible inputs aren’t or cannot be known in advance, such as facial recognition.”
A recent study by the IBM Institute of Business Value (IBV) found that cognitive systems are predicted to drive more than $8 billion in revenue in 2016, and this figure is set to rise to become a $47 billion industry by 2020. The IBM study found that only seven per cent of security professionals claim to be using cognitive technologies currently, with this figure set to rise to 21 per cent in the next two to three years, which represents a tripling of adoption.
Cognitive systems - in the form of ANN is a technology that High-Tech Bridge is particularly familiar with, because the company’s ImmuniWeb web security testing platform is based on machine learning technology. High-Tech Bridge uses artificial neural networks (ANN) and advanced human augmentation to implement intelligent automation of vulnerability scanning, but each scenario needs careful preparation, and unsupervised ANN is not on the menu, as Kolochenko explained: “We continuously aggregate knowledge and skills of humans to feed into the ANN. You have to teach the network to make the decisions. Our intelligence needs to be very specific, so we use supervised learning.”
The IBM study found considerable common ground, with 57 per cent believing that cognitive security solutions can significantly slow the efforts of cybercriminals. When asked to pick the benefits of a cognitive-enhanced security solution, 40 per cent cited improved detection and incident response decision-making capabilities, 37 per cent pointed to significantly improved incident response time, and 36 per cent said increased confidence to discriminate between events and true incidents.
Forty-five per cent said that the top adoption challenges for cognitive system adoption are not being ready from a competency perspective and a lack of internal skills, an issue also highlighted by Kolochenko: “Each time, for a specific task, we need to re-educate our ANN, and explain what the inputs are, before the ANN can solve the problem. Definitely, ANN is a great technology that has a lot of potential, and will be used in the future, but it does have some clear limitations. There is no silver bullet!”
It certainly seems that cognitive systems offer hope to security professionals faced with ever-rising volume and sophistication in threats, and inevitable pressure on budgets – and staffing - to boot. Maybe cognitive systems will really prove to be a buzz-phrase worthy of repeating for the next few years…