AI in cyber Defense Essays

AI in cyber Defense Essays AI in cyber Defense Essay AI in cyber Defense Essay The speed of procedures and the amount of data to be used in defending the cyber space cannot be controlled by humans without significant automation. On the other hand, It is hard to develop software with conservative fixed algorithms (hard-wired logic on decision making level) for efficiently defending In opposition to the vigorously evolving attacks in networks. The applications of artificial intelligence an be used to handle this situation that offers flexibility and learning potential to software. A brief review of artificial intelligence applications in cyber defense, and analysis of prospects of enhancing the cyber defense capabilities by increasing the intelligence of the defense systems have been presented in this paper. After surveying the papers available about artificial Intelligence applications In cyber defense, we conclude that useful applications are already present. They belong to applications of artificial neural nets in perimeter defense and some other cyber defense fields. So it has become clear that only AY techniques can guarantee successful solutions to many cyber defense problems. For instance, use of extensive knowledge Is essential In decision making, and Intelligent decision support Is so far one of unanswered problems in cyber defense. 1. INTRODUCTION: 1 . 1. Background of Study. 1. 1. 1 . Limitations in cyber security that are need to be addressed. Cyber security Is a multidisciplinary field that Is targeted on reduction of risks to the secrecy, affinity and integrity of data, information and resources in computer as well as in network systems. Modern systems have become much complex. Need for an intelligent, adaptive and multimode solution raises here for which best suited approach is artificial intelligence. [l]. There was not apparently strong collaboration between cyber security and artificial intelligence in early days. Researchers of AY were paying attention In making computers do things that only humans had been able to do, while security researchers Intended to fix the leaks In examining the computing communications or design communications they consider leak proof. Further, AY researchers were often most interested in building systems with behaviors that could hangs over time through knowledge or adaptation, and hence were to some degree unpredictable. From the security point of view, volatile system behavior seemed unwanted. But the two fields have developed closer over the years, mainly where human users but also at lower system layers. [2] 1. 1. 2. Why has the role of intelligent software in cyber operations augmented so rapidly? Looking closer at the cyber space, one can see the following answer. Artificial intelligence is required, first of all, for swift response to various scenarios in Internet. One has to be able to handle large annuity of information very fast in order to portray and investigate events that take place in cyber space and to make essential assessments. The speed of processes and the amount of data to be used cannot be controlled by humans without significant automation but, it is hard to develop software with conservative fixed algorithms (hard-wired logic on decision making level) for efficiently protecting against the assault in cyber space, because new deterioration become visible continuously. Here is a place for artificial intelligence methods. [3] 1. 2. PROBLEM DEFINITION: Do some artificial intelligence techniques exist to improve certain aspects of cyber security? 1. 2. 1 . Remarks concerning the problem definition. The aim of the thesis is to determine whether the possibilities in artificial intelligence can effectively address some of the limitations in todays cyber security. Figure : Cyber Attack. 2. ABOUT ARTIFICIAL INTELLIGENCE: AY as an area of research is very old. It is equally old to electronic computers. There is possibility of building devices more intelligent than human beings from the early days of AY on the realm. The time realm moves away when time passes. A number of intelligently hard problems have been witnessed to be solved by computers like playing good chess. Chess playing was deemed a benchmark showing a real intelligence during the initial days of computer. Even in seventies of the last century, when the computer chess has reached on the masters level, it appeared almost impossible to make a program that could smack the world champion. However, this came about faster than estimated. Three reasons are important to mention here for success of chess computer: computing power has been increased, efficient search algorithms have been developed (that can be used in many applications beside chess, see the section on search below), and knowledge bases has been organized so well that they became able to include all available chess knowledge(first of all, opening and end games). In core, the chess problem could be solved because it was a specific intellectual problem which was related to professed narrow artificial intelligence. A special instance is translating from one language into another that Chamoiss work in structural linguistics, it was expected that the natural language translation problem will be solved soon. It has not happened yet, although success is evident in some specific applications like, for example, Googles AY linguistics. The reason is that this demand of artificial general intelligence possessing of an aptitude to handle large quantity of information in every field associated to human actions. It is usually acknowledged that AY can be considered in two manners: as a science intended at attempting to determine the fundamental nature of intelligence and emerging generally intelligent machines, or as a science providing ways for solving complex problems that cannot be solved without applying some intelligence eke, for example, playing good chess or making right decisions based on large amounts of data. [3]Len the present paper we will take the second approach, supporter for applying specific AY methods to cyber defense problems, and will refer to the existing AY algorithms described in [4]. . CHALLENGES IN INTELLIGENT CYBER DEFENSE: If we talk about the future research in development and applications of artificial intelligence techniques in cyber defense, we need to make a distinction between immediate objectives and long-term goals. Numbers of AY techniques are immediately applicable in cyber defense and a lot of problems are yet need to be dressed. We have talked about alre ady present immediate applications. One can expect encouraging perspectives of completely new principles of knowledge handling in situation management and decision making process. Proposed principles are introduction of a modular and hierarchical knowledge architecture. Expert systems are already being used in many applications, sometimes hidden inside an application, like in the security measures planning software. Still, expert systems can get wider application areas, if large knowledge bases will be developed. This will need substantial investment in knowledge achievement, and development of large dollar knowledge bases. Also further development of the expert system technology will be required: modularity must be introduced in the expert system tools, and hierarchical knowledge bases must be used. A futurist Ray Kurt well has extrapolated the development to come up with Singularity in 2045 [5]. One need not to believe in the Singularity threat, but the rapid development of information technology will definitely enable one to build considerably better intelligence into software in coming years. (Consider the recent impressive performance of IBM-s Watson program)[6]. Elementally of whether the GAG is available or Singularity moms, it is critical to have the ability to use better AY in cyber defense than the offenders have it. 4. PRESENT WORK OF AY IN CYBER DEFENSE: There are numerous useful applications available in the field of AY application cyber defense. They all belong to application of artificial neural nets in perimeter defense, and they are helping in solving many cyber defense problems. Wide knowledge usage is necessary in decision making, and the intelligent decision support is still to problem, which required human interference. We have grouped all AY methods and architectures in several categories like neural nets, expert system, intelligent agents, reach and machine learning. 4. 1 . Neural NetsNeural nets have long history that begins with the invention of perception by Frank Reasonable in 1957. Perception is an artificial neuron, and popular element of neural nets. Small number of perceptions combined together can learn and solve interesting problem. Neural nets consist of a large number of artificial neuron, which provides a functionality of parallel learning and decision making. They are suitable for learning pattern recognition, for classification, for selection of response to attack etc. They can be implemented either in hardware or in footwear. Neural nets are well applicable in intrusion detection and intrusion prevention. There have been proposals to use them in DOS detection, computer worm detection, spam, detection, zombie detection, mallard classification and in forensic investigations. The neural nets in cyber defense are popular because of their high speed, if implemented in hardware or used in graphic processors. There are new developments in the neural nets technology like third generation neural nets, spiking neural network that mimic biological neurons more realistically, and provide more application opportunities. Figure : Intrusion Alarm System. . 2. Expert Systemsalt is most widely used AY tools. It can be directly used for decision support, in cyberspace. An expert system includes a knowledge base where expert knowledge about a specific application domain is stored, it also includes an inference engine for deriving answers based on this knowledge and possibly additional knowledge about a situation. Empty know ledge base and inference engine are together called expert system. Developing an expert system means first selection of an expert system shell and second acquiring expert knowledge and filling the knowledge base with knowledge. There are many different knowledge representation forms in expert system, the most common is rule based representation. But the usefulness of expert system depends mainly on the quality of knowledge in the expert system depends mainly on the quality of knowledge in the expert system knowledge base. Example of cyber defense expert system is one for security planning. This expert system facilitates considerably selection of security measure, and provides guidance for optimal usage of limited resources. 4. 3. Intelligent agentslengthier agents are software components that process some torture of intelligent behavior that makes them special like protectiveness, understanding of an agent communication language (CAL), reactivity etc. They possess planning ability, mobility and reflection ability. Intelligent agents can consisting of mobile intelligent agents after solving some legal and also commercial problems. This will require implementation of infrastructure for supporting the cyber agent mobility and communication. This will require cooperation with Sips. 4. 4. SearchSearch is a universal method of problem solving that can be applied in all cases. Very little must be known in order to apply some general search algorithm n the formal setting of the search problem, one has to able generate candidates of solution, and a procedure must be available for deciding. The search is hidden in the software and it is not visible as an AY application. Search on and or trees, up-search, maxima search and stochastic search are useful in decision making for cyber defense. 4. 5. LearningLearning is improving a knowledge system by extending or rearranging its knowledge base or by improving the inference engine. Machine learning comprises computational methods for acquiring new knowledge, new skill and new ways to organize existing knowledge. Problem of learning fluctuates with respect to the complex from simple parametric learning which means learning values of some parameters, to complicated forms of symbolic learning, for example learning of concept, grammars, functions and learning of behavior. AY provides methods for both supervised learning as well as unsupervised learning. Data mining has originally grown out of unsupervised learning in AY. Unsupervised learning can be a functionality of neural nets, in particular of self organizing maps. Parallel learning algorithms are suitable for execution on parallel hardware. These learning methods re represented by genetic algorithms and neural nets. 4. 6. Video and CATV semantic analysis for terrorist or criminal action detectionA new generation of intelligent CATV cameras that can hear as well as see will alert police to crimes in progress by recognizing clues such as a person running or the sound of a scream. Researchers hope the smart cameras will have a dramatic impact on crime detection and prevention by cutting response times and ensuring that more incidents are caught on tape. The Daily Telegraphs Gordon Earner reports that a team at the University of Portsmouth has already developed software which enables Amerada to spot visual clues to anything from violent crime to vandalism, by looking for tell-tale signs such as someone raising their arm suddenly or even a snapped car aerial. This artificial intelligence software is now being taught to recognize sounds associated with crimes, including breaking glass, shouted obscenities, and car alarms going off. Cameras which hear the sounds will automatically swivel to the direction they have come from, and will alert the person monitoring the system to a possible crime progress. [7]. 5. ANALYTICAL CONCLUSION: The present situation of hastily growing intelligence of mallard and erudition of Weber attacks advocates that it is obvious to develop intelligent cyber defense methods. The incident of Dodos(Denial-of-service attack) alleviation has revealed that even a defense against large-scale attacks can be successful with relatively limited resources with usage of intelligent methods. An analysis of publications illustrates research in artificial neural nets. Applications of neural nets will continue in cyber defense. There is also an vital need for application of intelligent cyber defense systems in numerous fields where neural nets are not the most appropriate technology. These fields include decision support, situation awareness and knowledge management. Expert system technology is the most promising in this context. We are not sure about how rapid development of general artificial intelligence is ahead, but a threat exists that a new level of artificial intelligence may be used by the invaders, as soon as it becomes accessible. Clearly, the latest developments in knowledge understanding, representation and handling also in machine learning will significantly boost the cyber defense competence of systems that will utilize them.