Friday, March 5, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Machine Learning

The impact of machine learning on security

August 19, 2019
in Machine Learning
The impact of machine learning on security
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Machine learning (ML) is changing security in much the same way that it’s changing other fields. Although many tools are immature or overhyped, vendors are starting to offer legitimately effective solutions for a growing collection of security uses.

Today’s ML-based tools are rarely designed to fully replace existing traditional tools. However, they can be a powerful addition to your toolkit when aimed at a specific high-value use to solve problems that involve data classification, pattern recognition and anomaly detection.

You might also like

AI and machine learning’s moment in health care

Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY]

The use of artificial intelligence in life sciences and the protection of the IP rights

The most appropriate ways to use ML are to learn the characteristics of the environment being protected; the characteristics of “known bad” behaviour; and to support decision making by security analysts. It’s most suitable where traditional methods are intractable, inefficient or simply impossible, as well as where relevant data of high quality is sufficiently available.

ML reaches almost every area of security and identity, including the detection of anomalous user behaviour, signatureless malware detection, advanced vulnerability prioritisation, phishing and fraud detection, network anomaly detection and bot mitigation.

Be aware of the drawbacks

There are a number of drawbacks, however, to applying ML and other artificial intelligence (AI) approaches to security. Most ML tools are black-box in nature and can also be difficult to audit. In addition, appropriate security data may not be sufficiently available.

ML can adapt to new instances of known threats, but it can’t adapt to entirely new threat vectors. Security threat analysts still need to understand truly novel threats before new ML can be developed to detect them.

The output of an ML model is a statistical probability, not an absolute answer. The probabilistic nature can generate many false positives, make alerts more difficult to triage and increase the complexity of tuning. Teams with relevant skills in data science are more likely to extract maximum value from ML-based security products.

The best approach is to avoid the search for ML itself. Instead focus on better overall security efficiency and effectiveness. As security solutions mature, ML will be incorporated as a way to achieve better results where it makes sense.


Read more Public Transport Victoria breached privacy rules with Myki data release

When selecting products, consider additional success criteria beyond detection capabilities, such as false positive rates, tuning effort and data requirements. Keep in mind that ML-based solutions are best positioned to augment, rather than replace, existing tooling and skill sets.

Although embracing new technology on all fronts is rarely a wise approach, there are steps security professionals can take right now to understand and harness ML to meet their business needs.

Cut through the hype

There’s a huge amount of marketing hype surrounding ML and AI, so it’s important to cut through the hype and carefully scrutinise vendor claims. Ask for clarification about their particularly stunning claims about detecting previously unheard of attacks, reducing false positive rates or otherwise solving all of your security problems.


Read more Government opposes push to limit police access to automated vehicle data

Stay abreast of emerging threat vectors

ML can undoubtedly be applied to security, but some areas such as discovering and understanding new threats, can only be performed by humans. This is because there’s no AI yet that can find threats not defined by a human. Most vendors use misleading language to make people think they can do it, but that type of AI doesn’t exist.

Until it does, continuously assess the threat landscape. Ransomware wasn’t a threat on most organisations’ radar 10 years ago, but it’s a main concern now. Many security tools have evolved to prevent, detect and respond to those threats, and new tools were created with the same objectives. New threats require humans to assess existing capabilities for appropriateness, and it’s not different for ML-based tools.

Selecting the right tools


Read more NSW government works on AI strategy, ethics framework

Employ a use-based approach to selecting tools. A user and entity behaviour analytics (UEBA) tool can be matched to a need such as detecting malicious insiders, detecting patient information snooping or identifying account sharing. For anti-malware based on ML, focus on the types of malware missed by your regular tools.

Evaluate the weaknesses and gaps in your current security capabilities before shopping for new ML-based tools. Expect ML to augment, rather than replace, existing tools.

Start with desired outcomes

Although you may be tempted to ask vendors what insight they can derive from a given dataset, don’t bother unless you have specific expectations. Otherwise comparing tools will become difficult if they reveal different findings from the same dataset. This exercise may also lead to a “dazzle with science” syndrome, where vendors reveal curious, but operationally useless, insights.

Before testing, create a test plan with a timeline, desired uses and needs, as well as detailed requirements for data sources. Don’t settle for “getting the logs in.” Instead, identify specific types of data, needed configuration changes and details of the people controlling the systems.

Carefully test the tools

One of the most effective ways to cut through the hype is to carefully test the tools before purchasing and deploying them. This may sound painfully obvious, but the rise of ML methods and AI claims have given it newly critical importance.

You can compare, for example, which of the traditional security information and event management (SIEM) solutions has more rules by simply counting the rules. However, you can’t judge the effectiveness of an ML brain for your environment without actually running the tool in your environment and on your production data.

You may be tempted to test the new tool like a rule-based security product, but you must test it like the ML-based product that it is.

Anna Belak is a senior principal analyst at Gartner in the security and risk management team. Anna will be presenting on ‘AI as Target and Tool: An Attacker’s Perspective on ML’ at the Gartner Security and Risk Management Summit in Sydney (19-20 August).

Join the newsletter!

Error: Please check your email address.

Tags Gartnercyber securitymachine learningartificial intelligence (AI)security


Credit: Google News

Previous Post

Data URIs

Next Post

Stock Market Futures Surge as Trump Gets Positive on China

Related Posts

AI and machine learning’s moment in health care
Machine Learning

AI and machine learning’s moment in health care

March 4, 2021
Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY]
Machine Learning

Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY]

March 4, 2021
Machine learning: is there a limit to technological patents in Brazil?
Machine Learning

The use of artificial intelligence in life sciences and the protection of the IP rights

March 4, 2021
AWS launches webinar for marketers looking to maximise their machine learning strategy
Machine Learning

AWS launches webinar for marketers looking to maximise their machine learning strategy

March 4, 2021
Deno 1.8 preps for GPU-accelerated machine learning
Machine Learning

Deno 1.8 preps for GPU-accelerated machine learning

March 4, 2021
Next Post
Stock Market Futures Surge as Trump Gets Positive on China

Stock Market Futures Surge as Trump Gets Positive on China

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Six courses to build your technology skills in 2021 – IBM Developer
Technology Companies

Is your Cloud infrastructure securely configured? Does your DevSecOps pipeline integrate ibm-terraform compliance checks? – IBM Developer

March 5, 2021
Ransomware as a service is the new big problem for business
Internet Security

Ransomware as a service is the new big problem for business

March 5, 2021
Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead
Internet Privacy

Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead

March 5, 2021
AI and machine learning’s moment in health care
Machine Learning

AI and machine learning’s moment in health care

March 4, 2021
The Examples and Benefits of AI in Healthcare: From accurate diagnosis to remote patient monitoring | by ITRex Group | Mar, 2021
Neural Networks

The Examples and Benefits of AI in Healthcare: From accurate diagnosis to remote patient monitoring | by ITRex Group | Mar, 2021

March 4, 2021
Welcome to events Thursdays: Thursday’s daily brief
Digital Marketing

Welcome to events Thursdays: Thursday’s daily brief

March 4, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Is your Cloud infrastructure securely configured? Does your DevSecOps pipeline integrate ibm-terraform compliance checks? – IBM Developer March 5, 2021
  • Ransomware as a service is the new big problem for business March 5, 2021
  • Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead March 5, 2021
  • AI and machine learning’s moment in health care March 4, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates