Machine Learning and Security

By Justin S.

Is machine language going to be the future of cyber security or is it just a pipe dream? Many people in the technology community have their own opinions referring to this statement. According to Simon Crosby, CTO at Bromium, argues that “There is no silver bullet in security”. He states that in cyber security you are going up against people that for the most part were taught to learn security for good. Some people with devious minds however learn how to alter the minds of machine language for the bad. Crosby makes a good point because most black hat hackers can learn how to alter machine language so having machine language as an ally in the security field could be more of a con than a pro. Others believe that machine language can and will eventually be the future of security. According to Mike Paquette, VP of products at Prelert, says that “machine learning is cyber security’s answer to detecting advanced breaches, and it will shine in security IT environments as they grow increasingly complex”. Both have very valid arguments and it could be both a pipedream or potentially be the answer we have all been waiting for.

Machine learning is very dynamic in the fact that it can learn and interpret patterns and repetition. But with security there is almost zero to non repetition and that’s why hackers are so successful. So there would need to be some form of machine language software to actively be learning and watching. This is something called BBAC or Behavior-Based Access Control that will allow security to be actively used in a security approach. According to “crosstalk: The Journal of Defense Software Engineering”, the development “and validation of advanced cyber security technology frequently relies on data capturing normal and suspicious activities at various system layers”. The more we learn from machine language and AI the more we can learn to prevent attacks before they even happen.

Another reason we should be leaning towards Machine language is the fact that the demand for security professionals is so high and those jobs are increasingly difficult to fill. According to cybersecurity-review.com, “there is a lack of qualified, experienced individuals to successfully defend vital infrastructure and systems”. With hackers always working 24/7, everyone working a 9 to 5 aren’t going to be able to keep up. The demand for these professionals is going to increasingly grow and there are always going to be challenges. We do already have machine language implemented in certain software from companies like Palo Alto Networks and CyberArk, but the growth for machine language to stay above the trend is going to need to be improved.

In conclusion, I believe that machine language is going to need to be improved but so are the personnel in the security profession. With the higher demand in security we are going to need as many people filling those jobs as we can. As more and more people enter the profession we are going to be able to learn more as well as implement machine learning. Machine learning will never take over humans, at least for a long time but instead we should be able to use them both together to try and stop all of these cyber attacks. There are already companies and business that are combining machine learning with humans. A company called F-Secure from Finland, is attempting to “reduce the time it takes to detect and respond to cyber attacks down to 30 minutes with Rapid Detection Service”(Techcrunch.com). I don’t believe that there is no silver bullet to cyber security but instead humans and computers should be able to find a way to work together so they can both learn from each other

Sources :
1. https://techcrunch.com/2016/07/01/exploiting-machine-learning-in-cybersecurity/
2. http://www.cybersecurity-review.com/industry-perspective/applying-machine-learning-to-advance-cyber-security-analytics
3. “CrossTalk: The Journal of Defense Software Engineering” By Michael Atighetchi and Michael Jay Mayhew. March/April 2014 Volume 21 Issue 2 Pages 25-29
4. Image : https://www.slideshare.net/liorrokach/cyber-securityshort

Leave a Reply