DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Please enter at least three characters to search
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Zones

Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Last call! Secure your stack and shape the future! Help dev teams across the globe navigate their software supply chain security challenges.

Modernize your data layer. Learn how to design cloud-native database architectures to meet the evolving demands of AI and GenAI workloads.

Releasing software shouldn't be stressful or risky. Learn how to leverage progressive delivery techniques to ensure safer deployments.

Avoid machine learning mistakes and boost model performance! Discover key ML patterns, anti-patterns, data strategies, and more.

Related

  • Post-Pandemic Cybersecurity: Lessons Learned and Predictions
  • Understanding Properties of Zero Trust Networks
  • Rethinking Threat Detection and Response in Cloud-Native Ecosystems
  • The Perils of AI Hallucination: Unraveling the Challenges and Implications

Trending

  • My LLM Journey as a Software Engineer Exploring a New Domain
  • While Performing Dependency Selection, I Avoid the Loss Of Sleep From Node.js Libraries' Dangers
  • Solid Testing Strategies for Salesforce Releases
  • Is Agile Right for Every Project? When To Use It and When To Avoid It
  1. DZone
  2. Data Engineering
  3. AI/ML
  4. Advancing Cybersecurity Using Machine Learning

Advancing Cybersecurity Using Machine Learning

Cyber threats are becoming novel by the day. The development of machine learning will be an immeasurable advantage to cybersecurity professionals.

By 
Francis Ejiofor user avatar
Francis Ejiofor
·
Aug. 08, 22 · Opinion
Likes (1)
Comment
Save
Tweet
Share
5.4K Views

Join the DZone community and get the full member experience.

Join For Free

While businesses and services are expanding into cyberspace with minimum improvement in the traditional cybersecurity techniques, cybercriminals are revolutionizing cyber-attacks with artificial intelligence. Cyber threats are getting novel by the day and leaving under-resourced security operations analysts only to catch up. According to Sridhar Muppidi, Technology Security Chief at IBM, he alluded that security professionals are inundated with too many things to do, too much data, very little time, and too few skills. It is as though cybersecurity professionals are left to tackle ever-growing cyber-threats with their hands tied behind their backs while the threats continuously outsmart the traditional security techniques.

However, machine learning can curate threat intelligence from millions of data emanating from research papers and new stories. This can help provide rapid insights that will reduce response time. After being trained with the right data—tested for bias and robust in taking on novel cyber-threats—artificial intelligence through machine learning can provide accuracy in threat detection, accelerate cyber-attack investigation and automate mitigation response. Machine learning based on behavioral biometrics will help evaluate the risk of a specific user for a specific session.

There have been several instances when machine learning got cybersecurity analysts ahead of cyber-threats. To mention a few, a good example is Wimbledon 2017, in which behavioral biometrics and other security technologies enabled security analysts to quickly and efficiently identify and address the real threats hidden in nearly 200 million events which were experienced during the tournament. Another success story is when Sogeti Luxembourg used IBM QRadar Advisor with Watson to reduce the time for threat investigation and root-cause determination from three hours to three minutes. The development of machine learning will be an immeasurable advantage to cybersecurity professionals.

Advantages of Machine Learning to Cybersecurity

Its integration with traditional cybersecurity techniques will give rise to progressive methods and technologies that will greatly improve the solution to the following cybersecurity challenges:

  • Threat Hunting: Threat hunting is expensive and time-consuming when done manually with traditional security techniques. They use signatures or indicators of compromise to identify threats. They have proved to be ineffective at hunting threats, especially the ones that have not been encountered previously, thereby resulting in many unnoticed cyber-attacks. Traditional security techniques have amplified the reactive nature of current cybersecurity in predicting threats before they occur, especially considering the fact that cyber-attackers use different programs like Virtual Private Network (VPN), Proxy Servers, Tor browser, etc., to help them go anonymous and undetected. However, with machine learning, models can be created to develop profiles of every application within an organization’s network by processing large volumes of endpoint data–and this will make cybersecurity proactive.

  • Spear Phishing: Spear phishing is a form of targeted email phishing that utilizes social engineering of the victims to create provocative emails that cause the victims to take actions that install the malware in the victims’ systems, which then either blocks access to some files on the system or holds the data thereon hostage for ransom. Machine learning can be harnessed in creating better spam filters that are more effective in identifying and blocking unwanted emails. As well, it can be used to create artificial intelligent chatbots that are sensitive to pattern recognition, which can be used to intercept targeted phishing attempts and other attacks in extension.

  • Traditional vulnerability management methods wait for attackers to exploit high-risk vulnerabilities in network systems before counteracting them. However, machine learning techniques like User and Entity Behaviour Analytics (UEBA) can analyze the baseline behavior of users' accounts, endpoint data, and servers to identify atypical behaviors that may signal a potential unknown attack. They will help fish out vulnerabilities before they are officially reported and patched, as well as provide insights into what values would improve the effectiveness of security infrastructure. 

  • Monitoring data centers is indispensable in cybersecurity. Security operations professionals have, as a matter of fact, concluded that monitoring backup, power, cooling filters, internal temperatures, bandwidth usage, etc., of security infrastructure, will greatly improve cybersecurity. Google reported that after implementing machine learning technology within its data center in 2016, there was a 40% reduction in the cooling cost of the facility and a 15% reduction in power consumption.

  • Firewalls are amongst the most important tools available for protecting networks from attacks: When improved, they can block known malicious IP addresses and websites. In fact, they can be made more effective in blocking malicious traffic while allowing legitimate ones through. With machine learning, large volumes of data can be analyzed easily in real time for patterns that could indicate a potential security breach.

  • Network Segmentation: Network segmentation has been recommended as one of the ways to mitigate cyber-attacks. In effect, machine learning can help design security policies that will enable security professionals to identify legitimate networks and those that should be inspected further for malicious behavior. And given that many organizations lack exact naming conventions, machine learning will reduce the amount of time required to determine what set of workloads belong to a given application. It will improve network security through learning network traffic patterns and recommending both functional groupings of workloads and security policy.

  • Intrusion Detection Systems: Intrusion detection systems (IDSs) are essential to guard against cyber-attacks; they alert security professionals of potentially malicious activity in a network, especially the one that is instigated outside the network. Machine learning can bolster intrusion detection systems to be more effective at identifying and responding to malicious activities in a network while eliminating the false positives that traditional intrusion detection systems produce, which lead to unnecessary alerts and waste of time and resources.

From all indications, the advantages that machine learning will give to cybersecurity cannot be overemphasized. It will bridge the barrier that cybersecurity experts need to overcome due to the geographical distance between IT systems and infrastructures, thereby making monitoring of incidents across regions more successful. Besides, it will give rise to AI cyber-technologies that are capable of improving their “understanding” of cybersecurity threats and risks by consuming billions of data that are being produced so far. Then they will be effective at curating risk analysis and analyzing the relationship between threats from malicious files and suspicious IP addresses, thereby reducing the time security analysts need to make critical decisions and remediate threats.

Machine learning Network security systems

Opinions expressed by DZone contributors are their own.

Related

  • Post-Pandemic Cybersecurity: Lessons Learned and Predictions
  • Understanding Properties of Zero Trust Networks
  • Rethinking Threat Detection and Response in Cloud-Native Ecosystems
  • The Perils of AI Hallucination: Unraveling the Challenges and Implications

Partner Resources

×

Comments
Oops! Something Went Wrong

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends:

Likes
There are no likes...yet! 👀
Be the first to like this post!
It looks like you're not logged in.
Sign in to see who liked this post!