Using AI To Fight Cyberthreats


Millennials know exactly what they want and expectations are high - very high. They are empowered

SparkCognition, working with Carnegie Mellon and IBM's Watson, aims to provide cyber-security researchers with better threat data using predictive models powered by machine learning.

SparkCognition, a company that applies machine learning to predictive analytics, has begun working with Carnegie Mellon University's Software Engineering Institute (SEI) to develop an automated threat identification and remediation system that works in conjunction with IBM's Watson.

As part of the arrangement, SparkCognition says it plans to train researchers at SEI's CERT Division how to use IBM Watson to record and index vulnerabilities in the Common Weakness Enumeration (CWE) list and CERT Secure Coding Rules. By doing so, the researchers will make vulnerability information more accessible and more useful to those focused on protecting critical national infrastructure.

To fight automated attacks, organizations need automated defenses in order to help security professionals separate signal from noise.

"Cybersecurity has evolved to a point that without AI, it's really hard to keep up with all the attacks today," said CEO Amir Husain in a phone interview. "The purpose of this partnership is to combine our collective capabilities, and to be able to predict attacks even when the specific threat is not something that's been seen before."

Through automated modeling and machine learning, which the company uses outside the security industry to anticipate wind turbine failure, SparkCognition can predict the behavior of unknown software and flag it for analysis. Husain said these sort of models can help people make better decisions by presenting them with better information.

"AI will find things for me to pay attention to," said Husain, stressing that companies should not seek to completely automate their defenses out of concern for liability, "for the same reason the military does not want AI to pull the trigger."

It's an approach that Husain argues is superior to traditional antivirus tools like blacklists and signatures.

"The rate at which these attacks are being created is so rapid no blacklist can keep up," said Husain.

SparkCognition's SparkSecure automates the process of analyzing inbound and outbound server log data to aid in the detection of malicious software, bot traffic, and suspect IP addresses. It looks at how software is built and the resources it uses before the code gets run.

[See 10 Hot Security Technologies Enterprises Need Now.]

Husain said his company's system has flagged malware that was missed by more than 60 antivirus engines. When analyzed by a security researcher, the flagged software turned out to be a common decompression utility that had been injected with a previously unseen -- and thus undetectable by signature -- strain of malware.

The role of IBM Watson in this ecosystem is to provide advice, available through natural language queries, to those responsible for dealing with threats. Having been fed massive amounts of security-related information, like device manuals and vulnerability data, Watson acts as a AI help desk.

Husain contends his company's technology is ideal for organizations that have a security information and event management (SIEM) system in place that either is being underutilized or is overloading administrators with alerts.

More than half of all website traffic comes from bots, many of which are trying to scrape data, scan for vulnerabilities, or facilitate identity theft, said Husain. AI can make sense of that vast amount of data more readily than a person.

0 Comment

Leave a Reply

Captcha image


  • 5300c769af79e

    iOS 10 Adoption Tops 50 Percent

    In the weeks since Apple released iOS 10, the next-gen operating system has been installed on 54 percent of active iDevices, according to Cupertino.But iOS 10 suffered some early installation issues (including an iMessage GIF search glitch that surfaced hard-core porn), which may have discouraged some users from immediately updating.
  • 5300c769af79e

    Tech Giants: IoT Security Is Terrible, Here's How to Fix It

    The plan, published on Tuesday by the Broadband Internet Technical Advisory Group, argues for a major shift in the way device manufacturers approach security.They should be "restrictive instead of permissive," meaning instead of automatically allowing Internet traffic, in some cases without a password or firewall, IoT devices of the future should be inaccessible to inbound connections by default.
  • 5300c769af79e

    Apple Delays AirPod Shipments

    Removing the headphone jack from the iPhone 7 wasn't about making life harder for the Apple faithful: the wireless AirPods were intended to fill the void (and at $159 a pair, also to make Apple a little extra cash).AirPod shipments, which were supposed to begin by the end of October, have been indefinitely delayed.
  • 5300c769af79e

    OnePlus Co-Founder Shows Off Smartwatch Sketch That Will Never Happen

    On Twitter, OnePlus co-founder Carl Pei, showed off a smartwatch design that the company was apparently working on in 2015.However, as mentioned by Carl, the device will likely never see the light of day, reasons unknown.