FEATURE
Machine Learning, Deep Learning is
highly dependent on matching the right
problems to the right tools.
Deep Learning applications are best
suited in the image processing and
natural language processing fields.
In cybersecurity, it has found a home
in packet stream and malware binary
analysis. These benefit most from
supervised learning, when labelled (i.e.
legitimate vs. malicious) data is available.
But for insider threat detection, DL
doesn’t enjoy wide adoption for several
technical reasons. One is the black box
nature of the model, where it’s impossible
to explain the causes of the alerts. This
renders investigations difficult.
Machine Learning
Machine learning is often expressed
in the same breath as AI, but ML is
more specific. To learn from collected
data, it uses algorithms for prediction,
classification and insight generation.
With Machine Learning, a formal body
of methods are grounded in solid
mathematical foundations. Applied to
cybersecurity, the right problems must
be matched with the right ML tools.
But not all problems require advanced
ML tools. For example, some popular
38
indicators used in user behaviour
analytics (UBA) are based on simple
statistical analysis, such as p-value
hypothesis testing used for rare event
detection. On the other hand, many
cybersecurity problems cannot be solved
without Machine Learning. Consider
phishing scam domain detection.
In this instance, the URLs, WHOIS data,
other properties, as well as the known
(legitimate or malicious) labels of URLs
are examined in a supervised learning
setting to predict whether a domain is
malicious. It does so without resorting to
conventional, but less effective, blacklist-
based matching. Keeping users’ data secure in an
AI system
Peer behind the messaging and
examine what’s under the hood Artificial Intelligence (AI) solutions
are transforming customer expectations
when interacting with digital systems.
These intelligent technologies provide
automated 24–7 access to information
and services across multiple
channels, which in turn enables
businesses to expand their offerings
and provide a more compelling user
experience, without increasing their
overhead expenses.
The cybersecurity marketplace is
buzzing with AI and ML terminology.
This isn’t surprising as data-driven
approaches do lead to exciting
applications that were never possible
before. That said, it’s all too easy to get
confused and thus, lost in the hype.
It’s important to question what the
problems or use cases being framed are
and which analytical approaches are
being used and why. Transparency and a
thorough understanding of the terms and
their use cases will help you demystify
the hype.
JOE MICHAEL, SOLUTIONS
ARCHITECT AT IPSOFT, offers detailed
insight on the steps that enterprises
can take to increase the security of
customer data within their AI systems.
However, while these systems present
massive opportunities for organisations
to completely revolutionise the way that
their customers and employees interact
with their digital services, assuring
the security and privacy of users’
Issue 13
|
www.intelligentciso.com