Page 46 - Cyber Warnings
P. 46
INTEGRATION MAY ANSWER CHALLENGES IN MACHINE
INTELLIGENCE
Bringing several functions together creates a stronger security posture
by Martin Korec, Head of Quality Assurance, GREYCORTEX, s.r.o
Introduction
You are probably familiar with terms “Artificial Intelligence” and “Machine Learning,” i.e. the idea
that computers can be taught to learn, and then make predictions based on the data they are
given. Artificial Intelligence and Machine learning tools present huge opportunities in many
areas, especially in cyber security.
The UK government considers it technology which is the engine of the digital revolution. But,
some are skeptical. Gartner put Machine Learning (a subset of Artificial Intelligence) at the
“Peak of Inflated Expectations” in its 2015 Hype Cycle. Simon Crosby of Bromium considers
these tools to be a “pipe dream.”
What Are Artificial Intelligence and Machine Learning?
Both Artificial Intelligence and Machine Learning address the capability of machines to be taught
to make predictions based on “learned” data. Both are popular terms, and are often confused.
Deloitte has decided that a better term for their capabilities is “Machine Intelligence” - describing
it as “an umbrella term for a collection of advances representing a new cognitive era. We are
talking here about a number of cognitive tools that have evolved rapidly in recent years:
machine learning, deep learning, advanced cognitive analytics, robotics process automation,
and bots, to name a few.” I’ll use Machine Intelligence here (partly because “Artificial Learning”
didn’t work as well) to mean the use of data analytic/predictive tools in the network security
context.
The Benefits of Machine Intelligence are Significant
The essential benefit in Machine Intelligence is that it can take truly massive amounts of data,
analyze it in real time, and identify anomalous or malicious behaviors invisible to manual review,
or which would not be accurately identified through static detection rulesets (which are also a
hassle to set up).
Of course, the more data a Machine Intelligence solution has, the more effectively it can do its
job. Some have claimed prediction can be improved by over 90%. If the solution has limited
data, e.g. from only Netflow, it is limited in its effectiveness.
46 Cyber Warnings E-Magazine – April 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide