News

Proactive vs. Responsive AI: Which One Protects Against Major Modern Cybersecurity Adversaries?

Artificial intelligence, machine learning, and deep learning are terms that are constantly being used in cybersecurity to the point that they get a bad rap due to false promises.

However, as we move into a future with advanced adversaries also using AI technology, the only option we have is to understand what distinguishes the good from the bad and what kind of AI or ML is really useful for advancing the companies. cybersecurity protections.

According to DARPAThe first two “waves” of artificial intelligence that have been applied to cybersecurity don’t really do much more than try to fix problems as they arise and learn from these past attacks to try to prevent them in the future.

This may seem effective, and many companies continue to use them, but the problem is that, by the time first and second wave AI algorithms detect that there is an intruder on the network and label it as such, it is already too late and it is likely that the hacker has accomplished everything he has come to do.

Third wave or unsupervised AI is completely different from what is currently touted as AI in the marketAs it does not rely on rules or labels to detect threats, and it is able to stop attacks that you have seen before due to its ability to predict what should and should not appear on the network at any time.

This “predictive” AI works by forming a baseline of regular network activity after studying the network for just seven days. That way you know if your baseline has been tampered with and the AI ​​will detect it. This makes it very difficult to cheat.

For an attack to be effective, the hacker would have to behave exactly as the network behaves, which does not get the bad actor anywhere.

Third Wave AI Cybersecurity protects against some of these more advanced attack methods, such as GAN, Ransomware, and Man in the Middle Attacks.

These guys won’t allow for a first or second wave AI approach because when you’re responding to something like this, it’s already too late.

The reactive approach of the AI ​​would be to patch it … to try to find out if some of the traffic has been redirected, after the intruder has already entered, redirected it and did the damage that the bad actor wanted to do.

Have a unique and proactive AI algorithm applied to all the information on the web is a predictive approach that alerts analysts before an attack occurs.

If you have reached the end point, it is over. The job of a security system should be to ensure that they never go that far. Although third-wave AI is not focused on the endpoint, it is capable of finding an intruder long before it can reach the endpoint, which makes it so brilliant at preventing ransomware attacks.

Third wave AI is predictive in nature because it knows what the network should look like at all times. As soon as the network is disrupted, the AI ​​reports it as an anomaly and the security team is alerted – all of this happens long before the endpoint is breached.

Once the attacker reaches the endpoint, encryption can occur in seconds.

When it comes to a new attack that no one has seen before, there is no way reactive security solutions can protect it. The only way to stop an attack that no one has seen before is to catch it on the network before it reaches the endpoint, and the only way to do that is to employ a third wave predictive AI system that is capable of flagging anomalies (never even previously seen) as they arrive.

Attackers have a variety of ways to enter the endpoint, so writing rules to try to prevent this is useless as there are endless ways to try to attack, and that is exactly what hackers are trying to exploit with GAN.

GAN (generative confrontational networks)

The way most GANs work is by creating one type of attack after another in rapid succession. Basically you will test the network to try and infiltrate and learn what you don’t like to create something close enough to get inside and allow hackers to wreak havoc.

First and second wave AI security often cannot handle the myriad of different attacks and can fail, causing irreparable damage to the security of a company’s data.

A third wave generative artificial intelligence system is built to bypass exactly this. It will detect each anomaly as it occurs and regardless of how it changes. It will still be considered an anomaly and will be flagged with a third wave artificial intelligence system to disrupt the company network.

There is no way these primitive methods will effectively protect against attack when they don’t know what it’s supposed to look like, rendering them useless when it comes to GAN.

Man in the middle attacks

A man-in-the-middle attack is when an attacker secretly transmits and possibly disrupts communications between two parties who believe they are communicating directly with each other.

First and second wave AI have a hard time detecting this type of attack because the victim will continue to see the network traffic behaving normally, while the hacker redirects the traffic from the victim’s IP to the host machine. has infiltrated.

The approach used by first and second wave AI security vendors is to try to find out if some of the traffic has been redirected, but only after the intruder has already entered, redirected it, and did whatever damage they wanted to do.

Having a third wave generative artificial intelligence system would alert you the second someone tried to redirect traffic on the network, because that action would immediately be marked as anomalous network behavior.

AI adversaries

Hackers are only getting better at what they do, which means enterprise security teams and vendors have to adapt even faster and adopt the most advanced technology available if we hope to stay one step ahead of our adversaries.

The advent of third wave generative AI, with its predictive and self-adaptive capabilities, makes it possible to stop hackers before they can cause serious damage to an organization’s network data.

Third wave of #AI #cybersecurity touted to protect against some of the most advanced methods of #cyberattacks, such as GAN, #ransomware and man-in-the-middle attacks. #respectdata

Click to tweet

Hackers are constantly finding ways to circumvent today’s cybersecurity systems found in most businesses, large and small. So far, Third Wave AI has the most promising “foolproof” features on the market and the accolades it has received from DARPA only point to the validity of its capabilities. It’s hard to imagine a future without cyberattacks, particularly after such a bad period during COVID-19, but it is possible to at least greatly reduce the amount of damage caused by hackers, if not eliminate it at all by applying Third Wave or AI. predictive.

Source: www.cpomagazine.com

Leave a Reply

Your email address will not be published. Required fields are marked *