Cybersecurity is often likened to a cat-and-mouse game, with Jerry a step or two ahead of Tom as the rodent gets up to mischief. That’s because cybersecurity is a cat-and-mouse game. Hackers almost always have the advantage of surprise, while IT departments are left picking up the broken pieces should their defenses fail.
However, a new tool promises to ease the work of sifting through data to stop an attack before it unfolds.
That new tool is Artificial Intelligence, or AI. “New” is perhaps not an adequate description for AI, but it fits the bill considering its recent evolution and foray into cybersecurity.
Machine Learning is an application of AI that gives systems the ability to automatically learn and improve from experience without being explicitly programmed. Machine Learning focuses on the development of computer programs that can access data and use it to learn for themselves.
According to independent research group AV-Test, more than 121.6 million new malware programs were discovered in 2017, or about 231 new malware samples every minute, the WSJ reports.
“The problem we’re running into these days is the amount of data we see is overwhelming,” says Mathew Newfield, chief information-security officer at Unisys Corp. “Trying to analyze that information is impossible for a human, and that’s where machine learning can come into play.”
An increasing number of organizations are showing interest in machine learning-enhanced cybersecurity, because it solves the problem of coping with the ever-increasing number of threats while managing to accurately identify new and unknown ones.
An Enterprise Strategy Group survey revealed in 2017 that 12% of organizations were already doing this on a limited basis. Some 27% were adding machine learning to their existing security analytics tools as a test, 22% were engaged in a project for deployment, and 8% were planning a project for deployment. Another 12% said they had no plans but were still interested in deploying AI for cybersecurity, and only 6% said they were not interested.
Machine-learning algorithms significantly accelerate detection of modern threats, as they can analyze large amounts of data much faster than any human. Training to accurately detect various types of malware behavior can give machine-learning algorithms a high detection rate, even on new or unknown samples.
“The systems analyze existing malware and see what characteristics the files have in common, then check to see if potential new threats have any of those traits,” the Wall Street Journal quotes Gartner analyst Avivah Litan as saying.
From its total of 72 patents, Bitdefender has received 42 patents for core technologies in the past three years alone. The company has filed for 35 more that are under consideration. With almost 10 percent of Bitdefender patents pertaining to machine-learning algorithms for detecting malware and other online threats, deep learning and anomaly-based detection techniques play a vital role in proactively fighting new and unknown threats.
Merging human ingenuity with the fast and relentless data analysis of machine learning significantly accelerates reactions against new malware samples, offering protection even from previously unknown samples – APTs, zero-day attacks, and ransomware.