Machine learning is increasingly being seen as the solution, dealing - or at least appearing to deal - with a number of the problems organizations are having implementing their cybersecurity initiatives. Former Department of Defense Chief Information Officer, Terry Halvorsen, believes that'within the next 18-months, AI will become a key factor in helping human analysts make decisions about what to do.' This point of view is being reinforced by significant investment in the field by the world's largest technology companies. MIT has been experimenting with it for some years, while IBM is training its AI-based Watson in security protocols and has now made it available to customers. Amazon also recently acquired AI-based cyber-security company Harvest.ai,
Telstra has acquired the assets of New Zealand security analytics provider Cognevo, part of software company Wynyard Group which entered voluntary administration last month, in order to bolster its managed security services worldwide. Telstra was an existing customer of Cognevo prior to the purchase agreement -- which is still subject to conditions being met -- having signed a AU$3.2 million, three-year cybersecurity deal a year ago. "Cognevo provides Telstra with a powerful intelligence and analytics platform that will allow us to quickly identify and explore key cyber threats and to contain those first-seen cyber issues before they become a serious breach," former Telstra CISO Mike Burgess previously said. "A data analytics capability that identifies true'unknown-unknowns' should be a fundamental part of any organisation's cyber defence. Cognevo's security analytics solution has an ability to identify true mathematical anomalies, rather than relying on known understanding of what is bad."
MIT's Computer Science and Artificial Intelligence Lab (CSAIL) has led one of the most notable efforts in this regard, developing a system called AI2, an adaptive cybersecurity platform that uses machine learning and the assistance of expert analysts to adapt and improve over time. The system uses near-real-time analytics to identify known security threats, stored data analytics to compare samples against historical data and big data analytics to identify evolving threats through anonymized datasets gathered from a vast number of clients. Combining this capability with the data already being gathered by IBM's threat intelligence platform, X-Force Exchange, the company wants to address the shortage of talent in the industry by raising Watson's level of efficiency to that of an expert assistant and help reduce the rate of false positives. This technique gives the cybersecurity firm the unique ability to monitor billions of results on a daily basis, identify and alert about the publication of potentially brand-damaging information and proactively detect and prevent attacks and data loss before they happen.
Researchers from the Massachusetts Institute of Technology have created an AI system that can predict a cyberattack before it happens in 85% of incidents. Analyst-driven systems rely on rules created by people and consequently can't detect attacks that don't adhere to those rules, whereas machine-learning systems rely on anomaly detection, which tends to generate false positives that have to be investigated by people.MIT researchers have announced that they've concocted a new artificial intelligence system capable of successfully detecting 85% of cyber-attacks. Part of the challenge of merging human- and computer-based threat detection has been the manual labeling of data for algorithms.The system has been tested on 3.6 billion log lines or pieces of data that reveal major system activities triggered by millions of users over a period of three months. It then reports this activity to a human analyst who can then judge if there's an actual attack.With that feedback, it takes on board whether or not it should be classifying the events as attacks or not, then refines its internal models.According to Engadget, Kaylan Veermachaneni, co-creator of the system, said that one should think of the new system as a virtual analyst. In the near future the industry and federal regulators will need to figure out a balance between the need of cyber security and protecting consumers' privacy.
The future of cyber-security looks part human and part machine, according to MIT's Computer Science and Artificial Intelligence Laboratory but what does the broader industry think? According to researchers from MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL), working with machine-learning startup, PatternEx, the future of cyber-security could be part-human and part-bot. A newly published paper from MIT suggests that the prototype AI2 system it has developed combines machine learning with human analysis to end up with an 85 per cent successful cyber-attack prediction rate. The MIT researchers maintain that analyst-driven security systems miss too many attacks as they rely upon humans to create rules that have to be matched. On the other hand, machine-learning solutions rely upon anomaly-detection which is prone to triggering false positives and so lead to mistrust.