Redefining Cybersecurity with AI and Machine Learning
Abstract
In the age of digital transformation with adoption of Cloud and mobile computing and ever-increasing Internet of Things(IoT) devices, the cybersecurity risks and threat levels are increasing at a rapid pace. The data is spread across systems, devices and cloud leading to growing attack surface and increased frequency of the security attacks. IoT is extended to drones, driver-less cars, industrial equipment, smart buildings, consumer goods, home appliances leaving us with more vulnerable attack points. Organizations needs to have effective information security management system (ISMS) in place to proactively detect, react to security threats with reduced time to discover any potential breach. This paper highlights how Artificial Intelligence(AI) and Machine Learning(ML) can redefine cybersecurity to detect, prevent organizations from security threats and data breaches.
References
[2] Y. Xin et al., "Machine Learning and Deep Learning Methods for Cybersecurity," in IEEE Access. doi: 10.1109/ACCESS.2018.2836950
[3] I. Medeiros, N. Neves and M. Correia, "Detecting and Removing Web Application Vulnerabilities with Static Analysis and Data Mining," in IEEE Transactions on Reliability, vol. 65, no. 1, pp. 54-69, March 2016. doi:10.1109/TR.2015.2457411
[4] R. Komiya, I. Paik and M. Hisada, "Classification of malicious web code by machine learning," 2011 3rd International Conference on Awareness Science and Technology(iCAST),
Dalian, 2011, pp. 406-411. doi: 10.1109/ICAwST.2011.6163109
[5] S. O. Uwagbole, W. J. Buchanan and L. Fan, "An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack," 2017 Seventh International Conference on Emerging Security Technologies (EST), Canterbury, 2017, pp. 12-17.doi:10.1109/EST.2017.8090392
[6] M. Stampar and K. Fertalj, "Artificial intelligence in network intrusion detection," 2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, 2015, pp. 1318-1323. doi: 10.1109/MIPRO.2015.7160479
[7] Q. Chen and R. A. Bridges, "Automated Behavioral Analysis of Malware: A Case Study of WannaCry Ransomware," 2017 16th IEEE International Conference on Machine Learning and Applications (ICMLA), Cancun, 2017, pp. 454-460. doi: 10.1109/ICMLA.2017.0-119
[8] D. C. Le, A. Nur Zincir-Heywood and M. I. Heywood, "Data analytics on network traffic flows for botnet behaviour detection," 2016 IEEE Symposium Series on Computational Intelligence (SSCI), Athens, 2016, pp. 1-7. doi: 10.1109/SSCI.2016.7850078
[9] A. Joshi and V. Geetha, "SQL Injection detection using machine learning," 2014 International Conference on Control, Instrumentation, Communication and Computational
Technologies (ICCICCT), Kanyakumari, 2014, pp. 1111-1115. doi: 10.1109/ICCICCT.2014.6993127
[10] M. Ito and H. Iyatomi, "Web application firewall using character-level convolutional neural network," 2018 IEEE 14th International Colloquium on Signal Processing & Its Applications (CSPA), BatuFeringghi, 2018, pp. 103-106. doi: 10.1109/CSPA.2018.8368694
[11] P.Likarish, E. Jung and I. Jo, "Obfuscated malicious javascript detection using classification techniques," 2009 4th International Conference on Malicious and Unwanted Software (MALWARE), Montreal, QC, 2009, pp. 47-54. doi: 10.1109/MALWARE.2009.5403020
[12] R. Wang, X. Jia, Q. Li and S. Zhang, "Machine Learning Based Cross-Site Scripting Detection in Online Social Network," 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC, CSS, ICESS), Paris, 2014, pp. 823- 826. doi:10.1109/HPCC.2014.137
[13] M. Kruczkowski and E. N. Szynkiewicz, "Support Vector Machine for Malware Analysis and Classification," 2014 IEEE/WIC/ACM International Joint Conferences on Web Intelligence (WI) and Intelligent Agent Technologies(IAT),
Warsaw, 2014, pp. 415-420. doi: 10.1109/WI-IAT.2014.127
[14] S. Kumar, A. Viinikainenand T. Hamalainen, "Machine learning classification model for Network based Intrusion Detection System," 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST), Barcelona, 2016, pp. 242-249. doi: 10.1109/ICITST.2016.7856705
[15] G. C. Y. Tsang, P. P. K. Chan, D. S. Yeung and E. C. C. Tsang, "Denial of service detection by support vector machines and radial-basis function neural network," Proceedings of 2004 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.04EX826), 2004, pp. 4263-4268 vol.7. doi: 10.1109/ICMLC.2004.1384587
[16] I. Paik, "Improved malicious code classification considering sequence by machine learning," The 18th IEEE International Symposium on Consumer Electronics (ISCE 2014), JeJu Island, 2014, pp. 1-2. doi:10.1109/ISCE.2014.6884429
[17] S. Kilgallon, L. De La Rosa and J. Cavazos, "Improving the effectiveness and efficiency of dynamic malware analysis with machine learning," 2017 Resilience Week (RWS),Wilmington,
DE, 2017, pp. 30-36. doi: 10.1109/RWEEK.2017.8088644
[18] I. Firdausi, C. lim, A. Erwin and A. S. Nugroho, "Analysis of Machine learning Techniques Used in Behavior-Based Malware Detection," 2010 Second International Conference on Advances in Computing, Control, and TelecommunicationTechnologies,
Jakarta, 2010, pp. 201-203. doi: 10.1109/ACT.2010.33
[19] S. O. Uwagbole, W. J. Buchanan and L. Fan, "Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention," 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Lisbon, 2017, pp. 1087-1090. doi:10.23919/INM.2017.7987433
[20] G. Yuan, B. Li, Y. Yao and S. Zhang, "A deep learning enabled subspace spectral ensemble clustering approach for web anomaly detection," 2017 International Joint Conference on Neural Networks (IJCNN), Anchorage, AK, 2017, pp. 3896- 3903. doi:10.1109/IJCNN.2017.7966347
To ensure uniformity of treatment among all contributors, other forms may not be substituted for this form, nor may any wording of the form be changed. This form is intended for original material submitted to AJCT and must accompany any such material in order to be published by AJCT. Please read the form carefully.
The undersigned hereby assigns to the Asian Journal of Convergence in Technology Issues ("AJCT") all rights under copyright that may exist in and to the above Work, any revised or expanded derivative works submitted to AJCT by the undersigned based on the Work, and any associated written, audio and/or visual presentations or other enhancements accompanying the Work. The undersigned hereby warrants that the Work is original and that he/she is the author of the Work; to the extent the Work incorporates text passages, figures, data or other material from the works of others, the undersigned has obtained any necessary permission. See Retained Rights, below.
AUTHOR RESPONSIBILITIES
AJCT distributes its technical publications throughout the world and wants to ensure that the material submitted to its publications is properly available to the readership of those publications. Authors must ensure that The Work is their own and is original. It is the responsibility of the authors, not AJCT, to determine whether disclosure of their material requires the prior consent of other parties and, if so, to obtain it.
RETAINED RIGHTS/TERMS AND CONDITIONS
1. Authors/employers retain all proprietary rights in any process, procedure, or article of manufacture described in the Work.
2. Authors/employers may reproduce or authorize others to reproduce The Work and for the author's personal use or for company or organizational use, provided that the source and any AJCT copyright notice are indicated, the copies are not used in any way that implies AJCT endorsement of a product or service of any employer, and the copies themselves are not offered for sale.
3. Authors/employers may make limited distribution of all or portions of the Work prior to publication if they inform AJCT in advance of the nature and extent of such limited distribution.
4. For all uses not covered by items 2 and 3, authors/employers must request permission from AJCT.
5. Although authors are permitted to re-use all or portions of the Work in other works, this does not include granting third-party requests for reprinting, republishing, or other types of re-use.
INFORMATION FOR AUTHORS
AJCT Copyright Ownership
It is the formal policy of AJCT to own the copyrights to all copyrightable material in its technical publications and to the individual contributions contained therein, in order to protect the interests of AJCT, its authors and their employers, and, at the same time, to facilitate the appropriate re-use of this material by others.
Author/Employer Rights
If you are employed and prepared the Work on a subject within the scope of your employment, the copyright in the Work belongs to your employer as a work-for-hire. In that case, AJCT assumes that when you sign this Form, you are authorized to do so by your employer and that your employer has consented to the transfer of copyright, to the representation and warranty of publication rights, and to all other terms and conditions of this Form. If such authorization and consent has not been given to you, an authorized representative of your employer should sign this Form as the Author.
Reprint/Republication Policy
AJCT requires that the consent of the first-named author and employer be sought as a condition to granting reprint or republication rights to others or for permitting use of a Work for promotion or marketing purposes.
GENERAL TERMS
1. The undersigned represents that he/she has the power and authority to make and execute this assignment.
2. The undersigned agrees to indemnify and hold harmless AJCT from any damage or expense that may arise in the event of a breach of any of the warranties set forth above.
3. In the event the above work is accepted and published by AJCT and consequently withdrawn by the author(s), the foregoing copyright transfer shall become null and void and all materials embodying the Work submitted to AJCT will be destroyed.
4. For jointly authored Works, all joint authors should sign, or one of the authors should sign as authorized agent
for the others.
Licenced by :
Creative Commons Attribution 4.0 International License.