The use of AI to defend against the threats of cyberspace could be very fruitful
If there is one industry which may benefit immensely from the implications of AI technology, it would be cybersecurity. With the power and capabilities that improved machine learning and algorithms could offer, potentially two major problems could be resolved to establish a safer and more secure cyberspace. The first concerns the main thrust of many cyber-attacks, which rely on manipulating the loopholes and weaknesses of human behaviour and habits, allowing hackers to deploy malicious software, steal precious data and corrupt networks. Secondly, the difficulty of building effective cyber defences, particularly with the constant evolvement and rapidly changing methods and schemes utilised by hackers, can be greatly reduced with the help of AI. As soon as one kind of attack is deflected, a new variation of it emerges, meaning that the development of security parameters is consistently out-paced and thus, out-mashed by the development of malicious software and the cyber criminals using them.
But one of the advantages of AI is that it is not subject to those natural habits and misjudgements that feature among humans. Due to this, AI-powered cybersecurity can provide better detection systems than any other human-operated systems. Startups such as CyberX and Dojo-Labs have managed to build programmes which can detect and block suspicious activity even on devices with low computing power. This is particularly needed with the explosion of IOT (‘Internet of Things’) devices in the past few years, many of which tend to lack even the most basic of security parameters, drastically widening the attack surface. The advent of AI-based detection systems will be able to analyse masses of data to improve accuracy and better differentiate between false alarms and real threats.
Cyber-attacks often come thick and fast, meaning that much smaller or less noticeable attacks can essentially go ‘under the radar’ while only the seemingly more obvious attacks are detected and dealt with. A report in 2014 by Damballa, a security firm, showed that there were approximately 10,000 security events taking place every day on the devices used by businesses. This number will most likely rise which would make the number of security alerts which pop up every day completely overwhelming for human operators. But one of the benefits of AI is its ability to analyse and learn from masses of data and information. CyberLytic is a startup using the power of AI to build detection systems for businesses to cope with these constant and growing threats. Its software uses machine learning techniques to classify attack data and successfully detect and deter threats. Such software has even been used by the UK government for its cyber operations. It is not so inconceivable to think that the need for a security team to carry out such tasks will become less critical as this technology improves.
One company which is taking advantage of implementing AI into cybersecurity is London-based Monzo, a smartphone based bank. This financial startup uses machine learning and big data to crackdown on financial crime and says that such techniques allow the company to stay ahead of the cybercriminals. Its fraud detection model, for instance, is based on Google’s Tensorflow library (an open source software library for numerical computation using data flow graphs) analysing numerous metrics, such as behavioural patterns, to identify potential fraudsters.
So far, it has been working. In June 2016, the company processed £5 million pounds worth of top ups and lost £316,000 to fraud, while in December 2016, it processed £21 million and lost just £40,000 to fraud. The digital bank has also managed to get better at distinguishing between genuine and fraudulent users; it now manages to ban only 1 genuine user for every 3 fraudsters as compared to its previous efforts of 6 for every 3. The use of machine-based learning detection system is how companies like Monzo are able to implement more accurate and dynamic cybersecurity that was much harder to achieve before.
But more than that, the use of AI allows Monzo to become a more secure bank without putting the burden of security on customers. One part of the payment process when using their app requires going through the 3D secure mechanism which, when enabled, redirects the customer to the bank that issued their payment card for further authentication when suspicious activity may be detected. This further layer of security, however, can sometimes worsen the user experience. Thus, Monzo has improved the accuracy of its fraud engine, not only meaning that customers have a much more smoother user experience, but also means that monthly financial losses are lower than 0.01% of the total top-up volume compared to 0.84%.
Aside from better detection systems, the use of AI can create cybersecurity that is more responsive and better at repairing vulnerabilities. Building security systems that not only more accurately detect breaches, but also use data about the coding structures of pieces of malware, or the exact features of the vulnerability in question, to produce patches and fill gaps in software, enable companies to cope with cyber-attacks far more effectively, especially zero-day attacks. Such systems would make companies far more responsive and adaptable to the improving sophistication of cybercriminals and hackers.
As beneficial as AI could be for cybersecurity, it will not eliminate all the problems and perhaps may not make the work of humans in the industry completely redundant, at least for now. Programmers and experts in security are still needed to not only build these programs but to maintain and improve them over time. Building software that has the ability to self-repair and self-improve are still in the early stages, and thus, there remains a need for specialists to continue working on such systems. While AI has improved drastically over the years, to build algorithms which can be left unsupervised, or at least partly supervised, has not yet been quite achieved, and there is perhaps still much of the journey left.
Furthermore, as many of these AI-powered security systems and parameters rely on masses of data, there accuracy and capabilities can only improve when this pool of data increases. The more data that can be analysed, more insights and patterns can be recognised to make these systems more accurate and more consumer friendly, much like the ambitions at Monzo.
Even so, could AI reach a point where machines understand humans more than humans themselves, which would, therefore, mean that the role of humans is unimportant? Cybersecurity is based on the behaviour of human beings in cyberspace, and in particular, how to protect against the more malicious behaviours and establish a sense of order and safety online which was never really considered at all in the first place. Up to now, humans were the only way to achieve a more secure cyberspace, since it was always accepted that humans knew best about humans. But AI is being combined with cybersecurity in a way that solves the problems and issues of the internet that humans have so far struggling to solve.
Cyberspace continues to grow, with IOT being playing a big part and thus widening the attack surface for hackers and other malicious online actors. The growth is at such a pace that humans have struggled to keep up, and ironically the work of humans has created more problems for the future. Therefore, in the context of cybersecurity, it is paramount that the necessary technologies are built and developed to cope with these dangers and evolutions, and AI seems to be providing those solutions.
NEXT | Know Thyself No More
The trends and technologies fuelling AI could change views on privacy and free will
BACK | Computer Capital
The economy in the age of AI