Bibhu Dash,Meraj Farheen Ansari,Pawankumar Sharma,Azad Ali

DOI: https://doi.org/10.5121/ijsea.2022.13502

2022-09-30

International Journal of Software Engineering & Applications

Abstract:Internet usage has increased quickly, particularly in the previous decade. With the widespread use of the internet, cybercrime is growing at an alarming rate in our daily lives. However, with the growth of artificial intelligence (AI), businesses are concentrating more on preventing cybercrime. AI is becoming an essential component of every business, affecting individuals worldwide. Cybercrime is one of the most prominent domains where AI has begun demonstrating valuable inputs. As a result, AI is being deployed as the first line of defense in most firms' systems. Because AI can detect new assaults faster than humans, it is the best alternative for constructing better protection against cybercrime. AI technologies also offer more significant potential in the development of such technology. This paper discusses recent cyber intrusions and how the AI-enabled industry is preparing to defend itself in the long run.

Caroline Hillier,Talieh Karroubi

DOI: https://doi.org/10.48550/arXiv.2204.11076

2022-04-23

Abstract:The threat hunting lifecycle is a complex atmosphere that requires special attention from professionals to maintain security. This paper is a collection of recent work that gives a holistic view of the threat hunting ecosystem, identifies challenges, and discusses the future with the integration of artificial intelligence (AI). We specifically establish a life cycle and ecosystem for privacy-threat hunting in addition to identifying the related challenges. We also discovered how critical the use of AI is in threat hunting. This work paves the way for future work in this area as it provides the foundational knowledge to make meaningful advancements for threat hunting.

Computers and Society

Mosa Sankaram,,Ms Roopesh,Sasank Rasetti,Nourin Nishat,,

DOI: https://doi.org/10.62304/jbedpm.v3i05.180

2024-07-10

Abstract:This literature review explores the transformative impact of artificial intelligence (AI) on enhancing cybersecurity measures across various domains. The study systematically examines the integration of AI in Intrusion Detection Systems (IDS), malware detection, phishing detection, threat intelligence, network security, and endpoint protection. Key findings reveal that AI-driven techniques significantly outperform traditional methods, particularly in real-time threat detection, accuracy, and adaptive response capabilities. Network-based IDS benefit from supervised and unsupervised learning algorithms, improving the identification of malicious network traffic and novel attack patterns. In malware detection, AI-enhanced static and dynamic analysis methods surpass signature-based approaches by detecting previously unknown malware and complex behaviors. Phishing detection has seen substantial improvements with AI applications in email filtering and URL analysis, reducing phishing incidents despite challenges like false positives. AI's role in threat intelligence is critical, automating data analysis to uncover hidden threats and employing predictive analytics to anticipate and mitigate cyber attacks. AI techniques in network security and endpoint protection enhance real-time monitoring and authentication processes, providing robust defenses against cyber intrusions. Despite these advancements, challenges such as handling high data volumes and the need for continuous learning to adapt to emerging threats remain. This review underscores the significant advancements, practical implementations, and ongoing challenges of leveraging AI in cybersecurity, highlighting its potential to fortify digital defenses and address the complexities of contemporary cyber threats.

Chinenye Cordelia Nnamani

DOI: https://doi.org/10.58578/ijemt.v2i3.3904

2024-10-05

Abstract:This Article thoroughly examines the revolutionary impact of Artificial Intelligence (AI) on improving threat detection and response tactics within the swiftly changing realm of cybersecurity. Conventional security measures, struggling against the complexity of contemporary cyber threats, fail to provide adequate protection. In response, AI, driven by machine learning algorithms and predictive analytics, becomes a dynamic and adaptive entity strengthening digital defenses. The investigation commences with a comprehensive analysis of the methods by which AI enhances danger detection. Behavioral analytics utilizes AI to assess user behaviors and network activity, creating a proactive baseline, while anomaly detection and predictive analysis harness machine learning to recognize deviations from the norm and forecast potential dangers. This comprehensive strategy enables organizations to remain proactive against emerging cyber threats. Moreover, the study explores the crucial function of AI in incident response. AI-driven automated incident analysis expedites reaction times by rapidly analyzing and prioritizing security warnings. The amalgamation of AI with threat intelligence streams guarantees a perpetually updated knowledge repository, enabling organizations to respond adeptly to emerging dangers. The dynamic flexibility of AI allows systems to evolve and learn from each incidence, hence enhancing their defensive capacities over time. The discourse recognizes the significant advantages of AI in cybersecurity while simultaneously addressing the obstacles associated with its application. False positives, a potential drawback, require a measured approach to prevent the perception of typical action as harmful. Ethical factors, including privacy concerns and responsible AI practices, highlight the necessity for a judicious and principled incorporation of AI in cybersecurity. The paper underscores the essential collaborative synergy between human expertise and AI technologies. The essay emphasizes the importance of continuous investment in AI training programs for cybersecurity professionals, acknowledging that AI is best successful when enhanced by human insights. Additionally, it advocates for routine security audits to assess and refine cybersecurity protocols, collaborative research efforts to tackle ethical issues, and user education activities to strengthen collective defenses. As the digital landscape evolves, the incorporation of AI in cybersecurity seems not as a cure-all but as a formidable ally. This partnership guarantees a robust protection against increasingly complex cyber-attacks, reinforcing the basis for a secure digital future.

Zarif Bin Akhtar,Ahmed Tajbiul Rawol

DOI: https://doi.org/10.59400/cai.v2i2.1485

2024-10-25

Abstract:The integration of artificial intelligence (AI) into cybersecurity has brought about transformative advancements in threat detection and mitigation, yet it also introduces new vulnerabilities and potential threats. This research exploration systematically investigates the critical issues surrounding AI within cybersecurity, focusing on specific vulnerabilities and the potential for AI systems to be exploited by malicious actors. The research aims to address these challenges by swotting and analyzing existing methodologies designed to mitigate such risks. Through a detailed exploration of modern scientific research, this manuscript identifies the dual-edged impact of AI on cybersecurity, emphasizing both the opportunities and the dangers. The findings highlight the need for strategic solutions that not only enhance digital security and user privacy but also address the ethical and regulatory aspects of AI in cybersecurity. Key contributions include a comprehensive analysis of emerging trends, challenges, and the development of AI-driven cybersecurity frameworks. The research also provides actionable recommendations for the future development of robust, reliable, and secure AI-based systems, bridging current knowledge gaps and offering valuable insights for academia and industry alike.

,Praveen Kumar Thopalle

DOI: https://doi.org/10.47363/jaicc/2022(1)e172

2022-06-30

Abstract:In an era where cyber threats are not just evolving but escalating at an alarming rate, traditional cybersecurity measures are proving inadequate to safeguard sensitive digital assets. This research confronts the pressing need for a radical transformation in cybersecurity practices through the aggressive integration of Artificial Intelligence (AI) models. By harnessing the power of AI, we aim to redefine the landscape of cybersecurity, enabling organizations to preemptively identify, analyze, and neutralize threats before they manifest into catastrophic breaches. This study meticulously examines the integration of AI across key cybersecurity domains: threat modeling, real-time threat analysis, automated backup management, disaster recovery strategies, and rigorous source code review. As cybercriminals employ increasingly sophisticated tactics to exploit vulnerabilities, it becomes imperative for organizations to adopt a proactive stance powered by AI-driven automation and intelligent analytics. We delve into the fundamental reasons behind the urgent necessity for AI in cybersecurity, spotlighting the escalating complexity of cyberattacks and the inadequacy of conventional defenses. Current practices are critically analyzed to expose gaps and highlight the dire need for robust solutions that can adapt and evolve. The research provides a blueprint for leveraging cutting-edge AI technologies to transform threat identification and mitigation processes, fostering a security culture that is anticipatory rather than reactive.

Lampis Alevizos,Martijn Dekker

DOI: https://doi.org/10.3390/electronics13112021

IF: 2.9

2024-05-23

Electronics

Abstract:Cyber threats continue to evolve in complexity, thereby traditional cyber threat intelligence (CTI) methods struggle to keep pace. AI offers a potential solution, automating and enhancing various tasks, from data ingestion to resilience verification. This paper explores the potential of integrating artificial intelligence (AI) into CTI. We provide a blueprint of an AI-enhanced CTI processing pipeline and detail its components and functionalities. The pipeline highlights the collaboration between AI and human expertise, which is necessary to produce timely and high-fidelity cyber threat intelligence. We also explore the automated generation of mitigation recommendations, harnessing AI's capabilities to provide real-time, contextual, and predictive insights. However, the integration of AI into CTI is not without its challenges. Thereby, we discuss the ethical dilemmas, potential biases, and the imperative for transparency in AI-driven decisions. We address the need for data privacy, consent mechanisms, and the potential misuse of technology. Moreover, we highlight the importance of addressing biases both during CTI analysis and within AI models, warranting their transparency and interpretability. Lastly, our work points out future research directions, such as the exploration of advanced AI models to augment cyber defenses, and human–AI collaboration optimization. Ultimately, the fusion of AI with CTI appears to hold significant potential in the cybersecurity domain.

engineering, electrical & electronic,computer science, information systems,physics, applied

Sakthiswaran Rangaraju

DOI: https://doi.org/10.53555/ephijse.v9i3.211

2023-12-01

Abstract:In recent years, the escalating complexity and frequency of cyber threats have presented a formidable challenge to traditional cybersecurity measures. The emergence of artificial intelligence (AI) technologies has revolutionized the landscape, offering a promising solution to fortify defenses against evolving threats. This paper introduces AI Sentry, an innovative approach to cybersecurity that leverages the power of AI for intelligent threat detection and prevention. AI Sentry embodies a paradigm shift in cybersecurity, integrating machine learning, neural networks, and advanced algorithms to proactively identify, analyze, and mitigate potential threats in real time. By continuously learning from vast datasets and adapting to new attack vectors, AI Sentry enhances its ability to recognize anomalous patterns and behaviors, thereby thwarting sophisticated cyber assaults. The core strength of AI Sentry lies in its capability to detect anomalies and predict threats with a high degree of accuracy, surpassing the limitations of traditional signature-based systems. Through anomaly detection, behavioral analysis, and contextual understanding, AI Sentry not only identifies known threats but also anticipates zero-day attacks and previously unseen malicious activities. This paper delves into the technical underpinnings of AI Sentry, elucidating its architecture, data processing techniques, machine learning models, and the orchestration of various AI components. Furthermore, it explores the ethical considerations and challenges associated with AI-powered cybersecurity, including issues of privacy, bias mitigation, and transparency in decision-making.

Bhavik Patel,Patel Krunalkumar Bhagavanbhai,Niravkumar Dhameliya

DOI: https://doi.org/10.36676/dira.v12.i4.126

2024-10-09

Abstract:The sophistication and breadth of cyber threats are continuously expanding, making it more difficult for traditional security measures to keep up. Artificial intelligence is revolutionizing cybersecurity by equipping businesses to proactively counter threats with automated reaction systems and predictive threat intelligence. Data analytics, behavioral analysis, and machine learning enable AI-powered systems to anticipate cyber assaults, enabling more efficient and rapid threat detection. By automating reaction mechanisms and mitigating threats in real-time, AI systems can minimize human error and maximize damage mitigation. AI techniques, such as anomaly detection, predictive modeling, and real-time threat analysis; data privacy, ethics, and the risks of hostile attacks are among the subjects covered, as are the benefits and drawbacks of utilizing AI in cybersecurity. This article provides the framework for future intelligent, automated cyber defense methods and illustrates how AI may alter cybersecurity using real-life examples and case studies.

Pankaj Kumar,Mohammad Wazid,D. P. Singh,Jaskaran Singh,Ashok Kumar Das,Youngho Park,Joel J. P. C. Rodrigues

DOI: https://doi.org/10.1002/spy2.312

2023-03-18

Security and Privacy

Abstract:Cyber threat hunting proactively searches for cyber threats, which are undetected by the traditional defense mechanisms. It scans deep to identify malicious programs (ie, malware) that escape from detection. It is important because sophisticated cyber threats can bypass the cyber security mechanisms. The performance of the cyber threat hunting can be improved through artificial intelligence (AI), especially, explainable AI (XAI), which adds trust component to the cyber threat hunting process. Due to the inclusion of XAI, the security experts get the full explanations of the detected threats as the working of the detection model in XAI is known. Information, like, which one is a threat, how it has been detected, and why it has been detected, can be obtained very easily due to the inclusion of XAI in the cyber threat hunting. Therefore, an XAI‐envisioned mechanism for cyber threat hunting has been proposed (in short, XAISM‐CTH). The network and threat models of XAISM‐CTH are designed and discussed. The conducted security analysis proves the security of XAISM‐CTH against various potential attacks. XAISM‐CTH also performs better than the other existing schemes. At the end, a practical implementation of XAISM‐CTH has been provided to observe its impact on the performance of the system.

Hussein A. Abbass,George Leu,Kathryn Merrick

DOI: https://doi.org/10.1109/ACCESS.2016.2571058

2016-03-16

Abstract:Despite the advances made in artificial intelligence, software agents, and robotics, there is little we see today that we can truly call a fully autonomous system. We conjecture that the main inhibitor for advancing autonomy is lack of trust. Trusted autonomy is the scientific and engineering field to establish the foundations and ground work for developing trusted autonomous systems (robotics and software agents) that can be used in our daily life, and can be integrated with humans seamlessly, naturally and efficiently. In this paper, we review this literature to reveal opportunities for researchers and practitioners to work on topics that can create a leap forward in advancing the field of trusted autonomy. We focus the paper on the `trust' component as the uniting technology between humans and machines. Our inquiry into this topic revolves around three sub-topics: (1) reviewing and positioning the trust modelling literature for the purpose of trusted autonomy; (2) reviewing a critical subset of sensor technologies that allow a machine to sense human states; and (3) distilling some critical questions for advancing the field of trusted autonomy. The inquiry is augmented with conceptual models that we propose along the way by recompiling and reshaping the literature into forms that enables trusted autonomous systems to become a reality. The paper offers a vision for a Trusted Cyborg Swarm, an extension of our previous Cognitive Cyber Symbiosis concept, whereby humans and machines meld together in a harmonious, seamless, and coordinated manner.

Computers and Society,Artificial Intelligence,Human-Computer Interaction

Desta Haileselassie Hagos,Hassan El Alami,Danda B. Rawat

2024-10-28

Abstract:Artificial Intelligence (AI) techniques, particularly machine learning techniques, are rapidly transforming tactical operations by augmenting human decision-making capabilities. This paper explores AI-driven Human-Autonomy Teaming (HAT) as a transformative approach, focusing on how it empowers human decision-making in complex environments. While trust and explainability continue to pose significant challenges, our exploration focuses on the potential of AI-driven HAT to transform tactical operations. By improving situational awareness and supporting more informed decision-making, AI-driven HAT can enhance the effectiveness and safety of such operations. To this end, we propose a comprehensive framework that addresses the key components of AI-driven HAT, including trust and transparency, optimal function allocation between humans and AI, situational awareness, and ethical considerations. The proposed framework can serve as a foundation for future research and development in the field. By identifying and discussing critical research challenges and knowledge gaps in this framework, our work aims to guide the advancement of AI-driven HAT for optimizing tactical operations. We emphasize the importance of developing scalable and ethical AI-driven HAT systems that ensure seamless human-machine collaboration, prioritize ethical considerations, enhance model transparency through Explainable AI (XAI) techniques, and effectively manage the cognitive load of human operators.

Human-Computer Interaction,Artificial Intelligence,Computers and Society

Desta Haileselassie Hagos,Danda B Rawat

DOI: https://doi.org/10.3390/s22249916

2022-12-16

Abstract:This paper presents the findings of detailed and comprehensive technical literature aimed at identifying the current and future research challenges of tactical autonomy. It discusses in great detail the current state-of-the-art powerful artificial intelligence (AI), machine learning (ML), and robot technologies, and their potential for developing safe and robust autonomous systems in the context of future military and defense applications. Additionally, we discuss some of the technical and operational critical challenges that arise when attempting to practically build fully autonomous systems for advanced military and defense applications. Our paper provides the state-of-the-art advanced AI methods available for tactical autonomy. To the best of our knowledge, this is the first work that addresses the important current trends, strategies, critical challenges, tactical complexities, and future research directions of tactical autonomy. We believe this work will greatly interest researchers and scientists from academia and the industry working in the field of robotics and the autonomous systems community. We hope this work encourages researchers across multiple disciplines of AI to explore the broader tactical autonomy domain. We also hope that our work serves as an essential step toward designing advanced AI and ML models with practical implications for real-world military and defense settings.

Iwona Chomiak-Orsa,Artur Rot,Bartosz Blaicke

DOI: https://doi.org/10.1007/978-3-030-28374-2_35

2019-01-01

Abstract:The current challenge with defense against cyberattacks is that the speed and quantity of threats often outpace human-centered cyber defense capabilities. That is why a new Artificial Intelligence driven approach may enhance the effectiveness of security controls. However, it can also be used by adversaries to create more sophisticated and adaptable attack mechanisms. Distinguishing three key AI capabilities (knowledge acquisition, human-like perception and decision making), the goal of this paper is to assert where within the cyber kill chain have AI capabilities already been applied, and which phase holds the greatest near-term potential given recent developments and publications. Based on literature review, authors see the strongest potential for deploying AI capabilities during the reconnaissance, intrusion, privilege escalation and data exfiltration steps of the cyber kill chain with other uses being deployed in the remaining steps.

Ramanpreet Kaur,Dušan Gabrijelčič,Tomaž Klobučar

DOI: https://doi.org/10.1016/j.inffus.2023.101804

IF: 18.6

2023-04-09

Information Fusion

Abstract:Artificial intelligence (AI) is a powerful technology that helps cybersecurity teams automate repetitive tasks, accelerate threat detection and response, and improve the accuracy of their actions to strengthen the security posture against various security issues and cyberattacks. This article presents a systematic literature review and a detailed analysis of AI use cases for cybersecurity provisioning. The review resulted in 2395 studies, of which 236 were identified as primary. This article classifies the identified AI use cases based on a NIST cybersecurity framework using a thematic analysis approach. This classification framework will provide readers with a comprehensive overview of the potential of AI to improve cybersecurity in different contexts. The review also identifies future research opportunities in emerging cybersecurity application areas, advanced AI methods, data representation, and the development of new infrastructures for the successful adoption of AI-based cybersecurity in today's era of digital transformation and polycrisis.

computer science, artificial intelligence, theory & methods

Sakthiswaran Rangaraju

DOI: https://doi.org/10.53555/ephijse.v9i3.212

2023-12-01

Abstract:In an increasingly interconnected digital landscape, the proliferation of sophisticated cyber threats poses significant challenges to the security and integrity of products and services. As traditional security measures struggle to keep pace with evolving threats, there exists a pressing need for innovative and adaptive approaches to safeguarding digital assets. This abstract introduces the concept of "Secure by Intelligence," a paradigm shift in product security that leverages the power of Artificial Intelligence (AI) to fortify defenses and proactively mitigate risks. This paper explores the integration of AI-driven security measures as a foundational element in enhancing the resilience of various products across industries. It delves into the core principles of AI-powered security, emphasizing the utilization of machine learning, deep learning, natural language processing, and anomaly detection to predict, detect, and respond to potential threats in real time. The key focus areas include Dynamic Threat Detection and Prediction, Behavioral Analysis and Anomaly Detection, and Automated Response and Adaptation: Through AI-based automation, systems can autonomously respond to security incidents, mitigating risks in real-time. Furthermore, adaptive AI systems learn from each encounter, enhancing their ability to preempt future attacks. Privacy-Preserving Solutions, Cross-Industry Applications. This paper illustrates real-world case studies and implementations where AI-driven security measures have significantly bolstered product security and resilience. It highlights the tangible advantages of adopting AI-centric security solutions, including improved threat detection accuracy, reduced response times, and enhanced adaptability to emerging cyber threats.

Paul Théron,Alexander Kott

DOI: https://doi.org/10.48550/arXiv.1912.01959

2019-11-26

Abstract:In the coming years, the future of military combat will include, on one hand, artificial intelligence-optimized complex command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) and networks and, on the other hand, autonomous intelligent Things fighting autonomous intelligent Things at a fast pace. Under this perspective, enemy forces will seek to disable or disturb our autonomous Things and our complex infrastructures and systems. Autonomy, scale and complexity in our defense systems will trigger new cyber-attack strategies, and autonomous intelligent malware (AIM) will be part of the picture. Should these cyber-attacks succeed while human operators remain unaware or unable to react fast enough due to the speed, scale or complexity of the mission, systems or attacks, missions would fail, our networks and C4ISR would be heavily disrupted, and command and control would be disabled. New cyber-defense doctrines and technologies are therefore required. Autonomous cyber defense (ACyD) is a new field of research and technology driven by the defense sector in anticipation of such threats to future military infrastructures, systems and operations. It will be implemented via swarms of autonomous intelligent cyber-defense agents (AICAs) that will fight AIM within our networks and systems. This paper presents this cyber-defense technology of the future, the current state of the art in this field and its main challenges. First, we review the rationale of the ACyD concept and its associated AICA technology. Then, we present the current research results from NATO's IST-152 Research Task Group on the AICA Reference Architecture. We then develop the 12 main technological challenges that must be resolved in the coming years, besides ethical and political issues.

Cryptography and Security

Peng Gao,Fei Shao,Xiaoyuan Liu,Xusheng Xiao,Zheng Qin,Fengyuan Xu,Prateek Mittal,Sanjeev R. Kulkarni,Dawn Song

DOI: https://doi.org/10.1109/icde51399.2021.00024

2020-01-01

Abstract:Log-based cyber threat hunting has emerged as an important solution to counter sophisticated attacks. However, existing approaches require non-trivial efforts of manual query construction and have overlooked the rich external threat knowledge provided by open-source Cyber Threat Intelligence (OSCTI). To bridge the gap, we propose ThreatRaptor, a system that facilitates threat hunting in computer systems using OSCTI. Built upon system auditing frameworks, ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, (3) a query synthesis mechanism that automatically synthesizes a TBQL query for hunting, and (4) an efficient query execution engine to search the big audit logging data. Evaluations on a broad set of attack cases demonstrate the accuracy and efficiency of ThreatRaptor in practical threat hunting.

Gourav Nagar

DOI: https://doi.org/10.18535/ijsrm/v6i7.ec05

2018-07-28

Abstract:It is now clear that as new cyberthreats emerge, old security measures are less successful in thwarting increasingly sophisticated cyberattacks. One of the most significant and influential technologies of the last few years, artificial intelligence (AI) is a game-changer for security operations because it can automate critical processes, maintain real-time threat recognition, and respond with equal speed and efficiency. Based on the automation of threats, vulnerabilities, and events, this abstract analyzes the use of AI in security. It looks at specific AI use cases, such as automated patch management, UEBA, and machine learning-based anomalous activity detection, and explains how the technologies greatly increase the speed and accuracy of thwarting cyberthreats. As a tool, AI offers massive advantages: it helps minimize human effort, act faster, and scale easily but is not without risks inherent to operating on the internet. Namely, some responsibilities involve inputting relevant context, making ethical decisions, and interpreting what AI systems have to offer to human operators will always be needed.This abstract also explores the further discussion of the integration of AI security processing capabilities and experienced security personnel so that both facets are achieved efficiently and rightfully ethically. Finally, the abstract concludes that the key to the future advancement of cybersecurity is the ability to find the best conditions for the collaboration of artificial intelligence and human thought, to strengthen the security of organizations and reduce the consequences of plan implementation.