Select Page

Apr 13, 2022

Trending in 2022: AI’s Evolution in Cyber Security

by

New trends in cybersecurity are popping up left and right like moles in whack-a-mole. Some are knocked aside, but some are here to stay. In this blog series, we will discuss the trends we believe will mature and gain traction in 2022.

AI. From the terminator to the Matrix, to Viki, and other iterations of this fascinating concept, it’s safe to say AI is here to stay. Although a more advanced form of AI, such as artificial general intelligence is still far from reality, some forms of artificial intelligence technology, such as deep learning via artificial neural networks, have achieved significant results in the fields of computer vision, natural language processing, and autonomous driving.

In terms of network security, usage of artificial intelligence technology has matured greatly and proliferated throughout the cybersecurity industry. One innovative way of leveraging AI is PCA, or, principal component analysis. Principal component analysis is used for creating predictive models. It can shrink high-dimensional data – data with too many attributes — into a 2D graph that is interpretable, showing how the principal components correlate to one another. AI can then leverage the correlation between these principal components to create predictive models or explore how these principal components would react in various situations. In cybersecurity, PCA can automatically identify API usage characteristics to discover Zero-day vulnerabilities. Some other methods of leveraging AI are using recurrent neural networks to identify binary program vulnerabilities, graph clustering to enable bot-detection based on Domain Generated Algorithms (DGA), multi-layer perceptron (MLP) to detect abnormal network traffic, etc.

Here at the Hillstone Research Team, we have a few opinions on the matter. To start off, we believe more vendors will devote more resources to in-depth research on how other existing artificial intelligence can be leveraged creatively to improve the detection, protection, and response capabilities of their products. Although AI is not advanced to the point of functioning standalone, it can greatly enhance security workflows, relinquishing the more mundane and repetitive tasks from security teams and instead allowing them to focus their efforts on more business-critical issues that would require human intelligence.

Hillstone Research Team’s Take:

  • In 2022, more vendors will devote more resources to in-depth research on how artificial intelligence technology can improve the detection, protection, and response capabilities of their products.
  • The use of deep neural networks will be increased to automatically extract features of raw data from the network side and the host side. This will help mitigate dependency on security experts to extract data features, which can be automated. As a result, security experts can use their time on more strategic and pressing tasks.
  • Given that black box attack methodology is still in early-stage development, at present, there does not exist a reliable method of judging the performance of machine learning models. Therefore, small sample learning (SSL) is still extremely valuable to the network security industry.
  • The general framework of deep neural networks needs deeper inspection.
  • Threat detection technology based on the Graph Neural Network model deserves attention. A Graph Neural Network (GNN) model can learn from graph-structured data, as opposed to more linear traditional data. By learning the flow patterns of attacks, the GNN model can dynamically detect attacks even when they intentionally modify the packet size and inter-arrival times to throw off traditional detection methods.

AI’s maturation in the security space is inevitable, as evidenced by the status quo, and by the predictions Hillstone Networks has outlined. Stay tuned for our next blog on another cybersecurity trend we foresee maturing in 2022, Big Data.