Share this
by Reflare Research Team on Jun 23, 2023 7:35:00 PM
Recent developments in artificial intelligence are now making its practical application more accessible to real-world challenges, including cybersecurity. You now must ask yourself, "Do I know how to use it correctly?"
First Published 1st June 2022 | Latest Refresh 23rd June 2023
"Byte my shiny artificial neural networked ass."
5 min read | Reflare Research Team
The future is now
With significant advancements in machine learning over the past several years, it is safe to say we are now entering the first ‘Golden Era’ of artificial intelligence’s practical applicability to our everyday lives.
From AI like Dall-E and Imagen that can produce beautiful drawings and photos from merely text descriptions to the likes of GPT-4 which possesses the writing skills that many of us would envy, it is truly mind-blowing (as is the energy consumption to produce this progress) just how far we have come in such a brief period of time.
And as cybersecurity professionals, these advancements excite us! We believe AI will play (if not, already is starting to play) a crucial role in the following functions.
Prevention of cyber attacks
AI can be used to identify and prevent cyber attacks by analysing data and identifying patterns that may indicate an impending attack. For example, if an AI system analysing data from a network detects a pattern of traffic that is similar to a known cyber attack, the system can raise the alarm and take steps to prevent the attack from happening.
Detection of cyber attacks
AI can be used to detect cyber attacks by analysing data for unusual patterns that may indicate an attack is in progress. For example, if an AI system monitoring a network detects a sudden increase in traffic from a particular IP address, it may flag this as suspicious activity and investigate further.
Response to cyber attacks
AI can be used to help organisations respond to cyber attacks by identifying the best course of action to take in order to minimise damage and restore systems. For example, if an AI system detects a cyber attack in progress, it can analyse the data to determine the best way to respond in order to minimise the damage.
Prediction of future cyber attacks
AI can be used to predict future cyber attacks by analysing data for trends and patterns that may indicate future attacks. For example, if an AI system analysing data from past attacks detects a pattern of attacks that tend to happen around a certain time of year, the system can warn organisations to be on heightened alert during that time period.
As important as knowing how to code
Having said that, we also believe that understanding how the various components of machine learning algorithms work and being able to implement some of the popular architectures is becoming as essential as knowing how to write code itself.
Ten years ago, having machine learning on your resume would be something of a unique differentiator to recruiters. Today, it is impressive, but not as rare. But for the coming years, machine learning knowledge will be a minimum expectation to secure a technical role.
But here is the important question, where to start?
A world of discovery?
Unfortunately, there are not too many educational resources for applying machine learning to cybersecurity problems. However, machine learning algorithms are rarely designed to be useful in only one particular domain, which means the concepts you can learn today can be universally applied to many disciplines, including cybersecurity.
Should you be interested in learning more about machine learning (and you probably should be), here is a non-exhaustive, periodically updated list of resources that we highly recommend take the time to explore.
Fast.ai (website)
Fast.ai is a non-profit AI community that focuses on deep learning. It was founded in 2016 by Jeremy Howard and Rachel Thomas to democratise deep learning. The duo deliver this by providing a free massive open online course (MOOC) named "Practical Deep Learning for Coders," which promises the only prerequisite the students need is the ability to write code in Python.
Deep Learning by Ian Goodfellow, Yoshua Bengio, and Aaron Courville (Book)
This textbook is being used at many top academic institutions, including Oxford. It is a good book if you want to learn about the theory behind deep learning. You need to know some mathematics to grasp the contents of the literature, but it is not too dense.
Mathematics for Machine Learning (Book)
Suppose you are someone like us who must know how everything works underneath. In that case, this book will provide you with all the essential mathematical concepts that underpin modern machine learning. This comprehensive text covers linear algebra, calculus, and probability theory.
Dive Into Deep Learning (Online Book)
If you prefer to learn by doing, this is the perfect book. This book not only covers all the theory and mathematics you need but also provides code examples with plenty of visualisation. Because the book is regularly updated, it is only available online.
Malware Data Science (Book)
There are not many machine learning books that specifically target security professionals. However, of those that do, this is one of our favourites. The book introduces you to the application of data science to malware analysis and detection. It also explores social network analysis, machine learning, data analytics, and visualisation techniques to identify cyber attack campaigns, detect previously unseen malware, and understand the trends in the malware threat landscape.
Malware Analysis Using Artificial Intelligence and Deep Learning (Book)
This is one costly book. It is basically a bound version of multiple academic papers. At around 650 pages, it's quite a heavy tome. If you prefer to have all the exciting papers in one place or simply lack access to download these papers, then we would highly recommend getting this book. However, if your budget is tight – you can find many good papers on Google Scholar.
Deep Learning on Disassembly (Blackhat Video Presentation - available on YouTube)
Cylance is a company that claims to leverage "big maths" and machine learning to discern the good from the bad. In this Blackhat presentation, two researchers from Cylance showed the effectiveness of applying deep learning techniques to disassembly to generate models that can identify malware. They begin with a brief explanation of deep learning, and then work through the different pipeline pieces, from collecting raw binaries to extraction and transformation of disassembly data and training a deep learning model. They also talk about the efficacy of these models before following up with a live demo to evaluate the models against active malware feeds.
If we were to suggest one additional resource, it would be to stay up to speed on the latest cybersecurity trends and analysis with your subscription to Reflare's research newsletter.
Additionally, you should explore some of our related articles listed to learn more.