An Article written by Trainee Wafa'a Hafiz From University Of Prince Mugrin about Machine Learning in Cybersecurity.
Introduction: With increased cybercrime and attacks you must increase security level and protection of devices. Machine Learning has contributed to increased safety, responsiveness and decision-making to protect devices. It is a branch of artificial Intelligence. it is the behavior and properties acquired by the device make it acquire some of the human abilities and human mental capacity. Some of the most important characteristics of the ability of the machine to do things not programmed on it but acquired like learning, conclusion and respond. This technic is also useful in cybersecurity to analyze data and take decision to protect him self. Artificial Intelligence still improving. Machine Learning: Is an algorithm that absorbs the environment and tries to learn, gain experience and strategy and then make decisions. It is designed to make the device learn and improve his properties by him self. Also it can do complex processes and tasks intelligently after it learn and take experience. Machine learning still improving and it is very helpful program specific in cybersecurity. In our days the number of attacks is in increasing and there are different types and ways for attacks. One of the solution to develop machine learning to help detecting the attacks. machine learning in security is a fast-growing trend. Analysts at ABI Research estimate that machine learning in cyber security will boost spending in big data, artificial intelligence (AI) and analytics, while some of the world’s technology giants are already taking a stand to better protect their own customers. To build machine learning system there are seven steps as the following: Step 1 Gathering Data Step 2 Date preparation Step 3 Choosing a model Step 4 Training Step 5 Evaluation Step 6 Hyperparmeter Tuning Step 7 prediction 5 best machine learning use cases for security: Machine learning has a big role in cyber security. While attacker trying to access or attack your device it can detect and take a decision to prevent the attacker. Also before it is happened and discover the vulnerabilities before the attackers find it and alert you. Some of this tectonic. Anomaly detection or data mining. It detection any unusual behavior not expected, called outliers. it could be attack or error in the system…etc. it is detect events that have never been seen. User behavior analytics (UBA) or user and entity behavior analytics (UEBA) it is designed to detect advanced cyberattack And detect Malicious insider threats to inform you if there is something maliciously or not. Insider threats mean if one of your employees tried to connect to VPN or shared data..etc. Insider threats is more dangerous than the outsider threats because it easer for them. Closing IOT vulnerabilities is technique widely used and is expected to increase its use over the coming years. Smart devices connected to the Internet can Increased threat to your organization because, still need to increased security. We can use machine learning technology to analyze data and determine activity behavior that will facilitate the identification and prevention of abnormal activity. Stopping exploits before they stop you In zero day attack often difficult to prevent these attacks and there are there are frequent attempts at penetration because, it is a new system and is often full of weakness and it is difficult to know that someone trying to attack your system before it happens, but machine learning can know and track these threats and prevent these attacks before it happened by detecting these weaknesses and vulnerabilities before hackers and handle it conclusion: In our days the numbers of attacks and cyberwar is increasing. So we have to improve our security and accident response. With artificial Intelligence and machine learning it will became more easer for us to respond these attacks and prevent it. References
Choudhary, P. (n.d.). Introduction to Anomaly Detection. Retrieved from. https://www.datascience.com/blog/python-anomaly-detection
CISOs Investigate User Behaviour Analytics (UBA) | LogRhythm. (n.d.). Retrieved from https://logrhythm.com/cisos-investigate-user-behaviour-analytics-report-emea/?utm_source=google&utm_medium=cpc&utm_campaign=PILLAR|G|Search|EMEA-METAT1|Generic|UEBA|Exact&AdGroup=UBA&utm_term=what is user behavior analytics&matchtype=e&utm_region=EMEA&utm_language=en&utm_program=EMEAcpcUEBA
5 ways machine learning can be used for security today. (2017, March 16). Retrieved from https://blog.trendmicro.com/5-ways-machine-learning-can-be-used-for-security-today/