The rampant progress in technology over the past decade has led to an exponential rise in data generation. Mobile computing devices make personal data easy to store and readily available. While it might be convenient to be able to access data at the click of a button, it also engenders looming security threats. If you think your data is protected when it’s on your electronic gadgets, you might want to rethink. When your computers or mobile devices are connected to the Internet, they are meagre nodes in the vast web of networks spread throughout the world. While it enables them to access data from over the world, it also makes them susceptible to global security attacks. Hackers need not be in physical vicinity to establish unauthorized access to your devices. They have a myriad of attacks and breaches which could bring down your entire system in the blink of an eye if left exposed. Maintaining cybersecurity over the local network is of paramount importance. However, due to the staggering development in hacking, abiding by cybersecurity protocols might not be substantial towards granting immunity to your system.
Due to recent developments in Artificial Intelligence, it has become apparent that cybersecurity can be bolstered through applications of machine learning. A majority of machine learning algorithms are focused on network and endpoint protection. Intrusion Detection System, Network Traffic Analytics and Unusual Pattern Recognition are a few areas with copious applications of AI. According to the statistics presented by the Cyber Crime Investigation Cell, 11,592 cases of cybercrime were reported in the year 2015 across India¹. In May of 2017, a nasty cyber attack hit more than 200,000 computers in 150 countries over the course of just a few days. Dubbed “WannaCry”, it exploited a vulnerability that was first discovered by the National Security Agency (NSA) and later stolen and disseminated online². This alarming rate of cybersecurity violations is a clear indication for the enforcement of stringent cybercrime laws.
Digital Forensics is a field of forensic sciences which deals closely with the analysis of digital data for investigation and redressal of cybercrimes. The information procured through validation of data has to be confined to the standards set by the National Institute of Standards & Technology, to be judicially viable. Despite the systematic nature of forensic processes, the results are not completely reliable due to the possibility of errors in perpetrator detection, data duplicity and credibility of information obtained. The gigantic volume of data which needs processing takes a toll on even the most robust computing systems, often enervating the servers gradually.
Intelligent agents can be employed in the investigative process to abstain from pragmatic inconsistencies. Abstract Intelligent Agents(AIA) are often used for protection against DDoS or Man-in-the-middle attacks in networks³. The raw data utilized by forensic models in empirical cases is rarely structured. Most of it is obtained from social networks or relevant activities of the suspect. Intelligent agents are capable of analyzing and correlating unconventional types of data including videos, telephone records, credit card transactions, etc. which provide insight into user behaviour. The Center for Information Security and Cryptography(CISC)⁴ conducted a 15-month project into understanding the key behavioural characteristics and profiles of cybercriminals who conduct Internet piracy, cyber-stalking, and online auction site fraud. The outcomes of this project can prove useful for training and formulation of intelligent agents. Findings of intelligent agents are stored in secure databases which can be later perused for application. These include active databases like the UK National DNA Database (NDNAD), the UK National Fingerprint Database (IDENT1) and the USA Integrated Automated Fingerprint Identification System (IAFIS).
Expert systems are another renowned and efficient application of AI in diagnostic systems. They are responsible for synthesizing authentic solutions to the queries provided by users or software. Expert systems consist of two major components i.e. Knowledge Base & Inference Engines. Information obtained through digital forensics can serve as the knowledge base, whereas inference engines apply logical rules to deduce said information⁵. Although they are vaguely susceptible to Knowledge Acquisition Problem, expert systems play a significant role in network security planning. The knowledge of extant malware, trojans, unauthenticated users and approved IP addresses can be utilized to analyze connection attempts, timestamps and patterns for identification of irregular activity in the network.
The unprecedented expansion of hacking & cybercrime demands astute troubleshooting which can be effectively provided through applications of AI, thus making this world a safer place!
Credit: BecomingHuman By: Tanmay Bhagwat