Using AI To Fight Cyberthreats - InformationWeek
IoT
IoT
Data Management // Big Data Analytics
News
7/27/2016
08:06 AM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%
RELATED EVENTS
Ransomware: Latest Developments & How to Defend Against Them
Nov 01, 2017
Ransomware is one of the fastest growing types of malware, and new breeds that escalate quickly ar ...Read More>>

Using AI To Fight Cyberthreats

SparkCognition, working with Carnegie Mellon and IBM's Watson, aims to provide cyber-security researchers with better threat data using predictive models powered by machine learning.

Windows 10 At 1 Year: 9 Ways It's Changed
Windows 10 At 1 Year: 9 Ways It's Changed
(Click image for larger view and slideshow.)

SparkCognition, a company that applies machine learning to predictive analytics, has begun working with Carnegie Mellon University's Software Engineering Institute (SEI) to develop an automated threat identification and remediation system that works in conjunction with IBM's Watson.

As part of the arrangement, SparkCognition says it plans to train researchers at SEI's CERT Division how to use IBM Watson to record and index vulnerabilities in the Common Weakness Enumeration (CWE) list and CERT Secure Coding Rules. By doing so, the researchers will make vulnerability information more accessible and more useful to those focused on protecting critical national infrastructure.

To fight automated attacks, organizations need automated defenses in order to help security professionals separate signal from noise.

"Cybersecurity has evolved to a point that without AI, it's really hard to keep up with all the attacks today," said CEO Amir Husain in a phone interview. "The purpose of this partnership is to combine our collective capabilities, and to be able to predict attacks even when the specific threat is not something that's been seen before."

(Image: SparkCognition)

Through automated modeling and machine learning, which the company uses outside the security industry to anticipate wind turbine failure, SparkCognition can predict the behavior of unknown software and flag it for analysis. Husain said these sort of models can help people make better decisions by presenting them with better information.

"AI will find things for me to pay attention to," said Husain, stressing that companies should not seek to completely automate their defenses out of concern for liability, "for the same reason the military does not want AI to pull the trigger."

It's an approach that Husain argues is superior to traditional antivirus tools like blacklists and signatures.

"The rate at which these attacks are being created is so rapid no blacklist can keep up," said Husain.

SparkCognition's SparkSecure automates the process of analyzing inbound and outbound server log data to aid in the detection of malicious software, bot traffic, and suspect IP addresses. It looks at how software is built and the resources it uses before the code gets run.

[See 10 Hot Security Technologies Enterprises Need Now.]

Husain said his company's system has flagged malware that was missed by more than 60 antivirus engines. When analyzed by a security researcher, the flagged software turned out to be a common decompression utility that had been injected with a previously unseen -- and thus undetectable by signature -- strain of malware.

The role of IBM Watson in this ecosystem is to provide advice, available through natural language queries, to those responsible for dealing with threats. Having been fed massive amounts of security-related information, like device manuals and vulnerability data, Watson acts as a AI help desk.

Husain contends his company's technology is ideal for organizations that have a security information and event management (SIEM) system in place that either is being underutilized or is overloading administrators with alerts.

More than half of all website traffic comes from bots, many of which are trying to scrape data, scan for vulnerabilities, or facilitate identity theft, said Husain. AI can make sense of that vast amount of data more readily than a person.

(Cover image: alengo/iStockphoto)

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
7/27/2016 | 6:06:33 PM
A necessary move: automated defense
Machine learning as a pillar in defenses against cyber attacks is absolutely necessary and overdue. Whether Watson or some other system, the analysis of constantly evolving malware must be done by automated means to identify it and take remedial action more quickly. This is a good development.
Leandergaming
50%
50%
Leandergaming,
User Rank: Apprentice
7/27/2016 | 12:57:21 PM
Ibm watson as a virus checker ?
Thank you for the Image.
Numbers are crazy... between 400$ ~ 500$ billions... Hope IBM Watson will help in the future, maybe we will be able to "install it" as a Virus Checker.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll