Cybersecurity AI Machine Learning

The fuzz about Artificial Intelligence (AI) is on the rise.

Key words like Machine Learning (ML) has started to infiltrate the cybersecurity industry.

Other key phrases such as machine learning, artificial intelligence had several new mentions at hacker cons in 2018.

When talking about AI and cybersecurity most will think about the Terminator hacker.

Automated intelligent cybersecurity robot.

What do AI even mean?

An AI system  learns from its own and keeps improving its capabilities to make improved decisions just like a human would do it.

Popular AI systems like Alexa and Siri have yet to be advanced enough to develop any patches for unknown vulnerabilities to prevent attacks.

Machine Learning ML is used by cars to drive by them self and for Twitter robots.

An AI can be used in an IDS system to look at all the data and look for non normal traffic and create new blocking IDS patterns.

ML Machine Learning still needs to be supervised and tuned by humans to avoid false positives.

AI Machine Learning for Accurate results

The AI Machine learning engine can be used to analyze the results of found vulnerabilities on a target system.

Based on the learning engine it is possible for the AI Machine learning to determine the accurancy and reliability of found vulnerabilities.

The risk with vulnerability scanning can be the target CMS or web system respond to requests with non standard invalid responses.

Example if requesting a file that is not present on the server should result in a 404 error code.

Instead it reply with 200 OK to any request.

This can sometime confuse the vulnerability scanner engine to thinking the target file has been found

even it is not present on the target system.

The result can be the vulnerability scanner reports a false positive.

The AI Machine learning can be used in this situation to verify from learned data.

The AI Machine learning engine can look at data from previously made scans and compare earlier verified results with new results.

It is then possible to determine if the new vulnerabilities are confirmed or marked as false positives.

The AI Machine learning process happens instantly and with automation so the user do not have to do anything.

Earlier it is up to the user to verify the results of vulnerabilities by looking at the output of every vulnerability.

This can be a time consuming process.

Again the AI Machine learning can do it automatically and free up the users time in an effective way.