Nand Kishor Contributor

Nand Kishor is the Product Manager of House of Bots. After finishing his studies in computer science, he ideated & re-launched Real Estate Business Intelligence Tool, where he created one of the leading Business Intelligence Tool for property price analysis in 2012. He also writes, research and sharing knowledge about Artificial Intelligence (AI), Machine Learning (ML), Data Science, Big Data, Python Language etc... ...

Follow on

Nand Kishor is the Product Manager of House of Bots. After finishing his studies in computer science, he ideated & re-launched Real Estate Business Intelligence Tool, where he created one of the leading Business Intelligence Tool for property price analysis in 2012. He also writes, research and sharing knowledge about Artificial Intelligence (AI), Machine Learning (ML), Data Science, Big Data, Python Language etc...

Data science is the big draw in business schools
89 days ago

7 Effective Methods for Fitting a Liner
99 days ago

3 Thoughts on Why Deep Learning Works So Well
99 days ago

3 million at risk from the rise of robots
99 days ago

15 Highest Paying Programming Languages Trending
100 days ago

Top 10 Hot Artificial Intelligence (AI) Technologies
166968 views

Here's why so many data scientists are leaving their jobs
64785 views

Want to be a millionaire before you turn 25? Study artificial intelligence or machine learning
62328 views

Google announces scholarship program to train 1.3 lakh Indian developers in emerging technologies
54042 views

2018 Data Science Interview Questions for Top Tech Companies
51960 views

The Truth About Machine Learning In Cybersecurity: Defense

Dec 4, 2017 | 4443 Views

A considerable number of articles cover machine learning and its ability to protect us from cyberattacks. Still, it's important to separate the hype from the reality and see what exactly machine learning (ML), deep learning (DL) and artificial intelligence (AI) algorithms can do right now in cybersecurity.

First of all, I have to disappoint you. Unfortunately, machine learning will never be a silver bullet for cybersecurity compared to image recognition or natural language processing, two areas where machine learning is thriving. There will always be a person who tries to find issues in our systems and bypass them. Therefore, if we detect 90% attacks today, new methods will be invented tomorrow. To make things worse, hackers could also use machine learning to carry out their nefarious endeavors.

Nevertheless, machine learning can help us with typical ML tasks, including regression (prediction), classification, clusterization, recommendation and reinforcement. ML can solve all of them with different levels of efficiency for various needs. Now, we will address the typical cybersecurity tasks.

According to Gartner's PPDR model, all security tasks can be put into five categories: prediction, prevention detection, response and monitoring. To be more precise, they can be used for technology layers such as network (network traffic analysis and intrusion detection), endpoint (anti-malware), application (WAF or database firewalls) or user (UBAs, anti-fraud).

Now, let's see the examples of how current machine learning methods can be applied to cybersecurity tasks.

Regression
Regression, or in other words prediction, is a simple task. We want to utilize our knowledge about existing data to make opinions on new data. A traditional example is house prices prediction. In cybersecurity, it can be implemented for tasks such as user behavior analytics as well as fraud detection. Network traffic analysis is another good choice to use machine learning. As for technical aspects of regression, various types of recurrent neural networks work best.

Classification
Classification is also straightforward. If you have two piles of pictures -- let's say dogs and cats -- you will easily put new pictures to the matching ones. This is usually known as supervised learning. We know exactly what we are searching for and bear in mind the examples of certain groups. Undoubtedly there can be countless classes, but we define them in the beginning. So let's say we want to detect a malicious activity on different layers. For the network layer, we are able to apply it to the intrusion detection system (IDS) and identify different classes of network attacks such as scanning, spoofing, etc. On the application layer, we can apply it to WAF and detect OWASP top 10 attacks. On the end-point layer, we can divide programs into such categories as malware, spyware and ransomware. Finally, on the user level, it can be applied to anti-phishing solutions to tell us if a particular email is legitimate or not. Technically, algorithms (SVM or random forests), as well as better options (simple artificial neural networks or convolutional neural networks), can resolve these tasks.

Clustering
Clustering is similar to classification with only one major difference: We donā??t know any information about the classes of our data. Moreover, we have no idea whether this data can be classified. This is called unsupervised learning. It is a curious topic and actually be employed in cybersecurity tasks, at least in all those where we can introduce classification.

I feel that one of the best tasks for clustering is forensic analysis -- when we are unaware what happened and classify all activities in order to find outliers. Solutions for malware analysis (i.e., malware protection or secure email gateways) may implement it to separate legal files from outliers. Another interesting area where clustering can be applied is user behavior analytics. In this instance, application users cluster together and it is possible to see if they should belong to a particular group.

Recommending
Recommendation systems are well-known. For example, we all use Netflix and SoundCloud and see how they work. Based on your movies or music preferences, they can recommend films or songs they think you'd like. It also can be applied to cybersecurity. It can be used primarily in incident response. If a company faces a wave of incidents and offers various types of responses, a system can learn what type of response it should recommend for a particular incident. Risk management solutions can also benefit in that they automatically assign risk values for new vulnerabilities or misconfigurations built on their description. There are algorithms that are used to solve recommendation tasks. The latest ones are based on restricted Boltzmann machines and their updated versions, such as deep belief networks.

Conclusion
There are many areas where machine learning can be applied in addition to those I mentioned. If you want to protect your systems, machine learning is definitely not a silver-bullet solution, but at the same time, it will be mandatory in near future. It is better to start now since hackers can utilize machine learning as well. How exactly ML can be used by attackers will be revealed in my next article.

Source: Forbes
Nand Kishor Contributor

Nand Kishor is the Product Manager of House of Bots. After finishing his studies in computer science, he ideated & re-launched Real Estate Business Intelligence Tool, where he created one of the leading Business Intelligence Tool for property price analysis in 2012. He also writes, research and sharing knowledge about Artificial Intelligence (AI), Machine Learning (ML), Data Science, Big Data, Python Language etc... ...

Full Bio 
Follow on

Nand Kishor is the Product Manager of House of Bots. After finishing his studies in computer science, he ideated & re-launched Real Estate Business Intelligence Tool, where he created one of the leading Business Intelligence Tool for property price analysis in 2012. He also writes, research and sharing knowledge about Artificial Intelligence (AI), Machine Learning (ML), Data Science, Big Data, Python Language etc...

Data science is the big draw in business schools
89 days ago

7 Effective Methods for Fitting a Liner
99 days ago

3 Thoughts on Why Deep Learning Works So Well
99 days ago

3 million at risk from the rise of robots
99 days ago

15 Highest Paying Programming Languages Trending
100 days ago

Top 10 Hot Artificial Intelligence (AI) Technologies
166968 views

Here's why so many data scientists are leaving their jobs
64785 views

Want to be a millionaire before you turn 25? Study artificial intelligence or machine learning
62328 views

Google announces scholarship program to train 1.3 lakh Indian developers in emerging technologies
54042 views

2018 Data Science Interview Questions for Top Tech Companies
51960 views