ARTIFICIAL

INTELLIGENCE
IN NETWORK SECURITY
• Concerns About AI
• Enhance Human Analysis – AI2
• Using ML to Automate Security Tasks – Booz Allen

“The cybersecurity industry is investing heavily in machine

learning in hopes of providing a more dynamic deterrent. ABI
Research forecasts machine learning in cybersecurity will
boost big data, intelligence, and analytics spending to $96
billion by 2021” (ABI Research, 2017)
Concerns
• ‘Skynet-like’ Intelligence – OpenAI, Gov Regulations

• Losing Control - AI Taking Over Jobs

• Ignorance of What AI is Capable of Today

• Programming Human Values and Consequences – Ethics, ‘Unfriendliness’

• Collection of Mass Data is Expensive & Hardware Needed

• False Positives

• ???????
“Let an ultra-intelligent machine be defined as a machine that can far surpass
all the intellectual activities of any man however clever. Since the design of
machines is one of these intellectual activities, an ultra-intelligent machine
could design even better machines; there would then unquestionably be an
"intelligence explosion," and the intelligence of man would be left far
behind... Thus the first ultra-intelligent machine is the last invention that
man need ever make.” (IJ Good, 1965)
 Enhance Human Analysis - AI2 CSAIL
In Development

• Digs through data, then presents to human for

review and confirmation
• Incorporates feedback to learn a supervised
model
• Uses supervised model in conjunction with
unsupervised
• Collects feedback from human, updates model
• So far detects 85% of attacks, tested on 3.6
billion pieces of data (log lines)
• Generates new models in a few hours
• Creates continuous active learning system
• Honed skill from an e-commerce platform

*Models – Learning Algorithm

*Supervised – Labeled Data
*Unsupervised – Unlabeled Data
AI2
Cons
• Not as easy as captcha training
• Security knowledge required by analysts
• Time – ML system needs to learn by itself
• False Positives – 85% Accuracy
• ???????
Pros
• Human-Machine interaction - Development
• Human oversight
• Cuts menial tasks for analyst
• Cannot replace human analyst, security
knowledge required by analysts
• Attacks evolve, so does AI
• ???????

“The more attacks the system detects, the more analyst feedback it
receives, which, in turn, improves the accuracy of future
predictions. That human-machine interaction creates a beautiful,
cascading effect.” (Veeramachaneni, 2016)
“Cyber attacks are continuously evolving and becoming more sophisticated.
To protect a network, defenses must be adaptable, intelligent, and
customized to that specific environment. ” - Joshua Patterson, NVIDIA

Cyber4Sight for Splunk - ML

• Uses Data from Human Sources
• Learns Threat and Environment
• Detects Shifts in Traffic and Flags It
• Easy for Users to Read
• Analyzes in “near real-time” (Boozallen)

Don’t know much about this…

Questions, More Concerns, Comments?
 References

5 top machine learning use cases for security. (2017, December 12). Retrieved from
https://www.computerworld.com.au/article/631162/5-top-machine-learning-use-cases-security/

Applying Machine Learning to Improve Your Intrusion Detection System. (2017, January 27). Retrieved from
https://securityintelligence.com/applying-machine-learning-to-improve-your-intrusion-detection-system/

Benefits & Risks of Artificial Intelligence - Future of Life Institute. (n.d.). Retrieved from
https://futureoflife.org/background/benefits-risks-of-artificial-intelligence/
Cyber Machine Intelligence Solution. (n.d.). Retrieved from https://www.boozallen.com/s/insight/thought-
leadership/cyber-machine-intelligence-solution.html

Dvorsky, G. (2014, January 15). Can we build an artificial superintelligence that won't kill us? Retrieved
from https://io9.gizmodo.com/can-we-build-an-artificial-superintelligence-that-wont-1501869007

System predicts 85 percent of cyber-attacks using input from human experts. (2016, April 18). Retrieved
from http://news.mit.edu/2016/ai-system-predicts-85-percent-cyber-attacks-using-input-human-experts-0418

Booz Allen Cyber4Sight. (n.d.). Retrieved from https://www.boozallen.com/s/product/cyber4sight.html