Artificial Intelligence and Big Data Analytics in Support of Cyber Defense

Cybersecurity analysts rely on vast volumes of security event data to predict, identify, characterize, and deal with security threats. These analysts must understand and make sense of these huge datasets in order to discover patterns which lead to intelligent decision making and advance warnings of possible threats, and this ability requires automation. Big data analytics and artificial intelligence can improve cyber defense. Big data analytics methods are applied to large data sets that contain different data types. The purpose is to detect patterns, correlations, trends, and other useful information. Artificial intelligence provides algorithms that can reason or learn and improve their behavior, and includes semantic technologies. A large number of automated systems are currently based on syntactic rules which are generally not sophisticated enough to deal with the level of complexity in this domain. An overview of artificial intelligence and big data technologies in cyber defense is provided, and important areas for future research are identified and discussed

Book Review: Spies, Lies, and Algorithms: The History and Future of American Intelligence

The security environment is entering a new threat landscape; one that must be fought in both the physical and virtual world. The seemingly instantaneous progress of digitization and the cyberspace domain threatens to destabilize traditional warfare strategies and intelligence norms. Amy Zegart, an American academic and leading national security expert, outlines the history and future of American intelligence with a specific emphasis on emerging cyber threats in the digital age. In Spies, Lies, and Algorithms, Zegart explains the roles of technological breakthroughs in a world of big data by chronicling the history of intelligence education and organizational reform, the evolution of American intelligence, what intelligence is and is not, the challenges of intelligence and counterintelligence analysis and covert operations, legislative responsibilities, the upsurge of non-state actors, and the advancement of cyber threats

The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing & other computational intelligence

Internet of Things (IoT) has given rise to the fourth industrial revolution (Industrie 4.0), and it brings great benefits by connecting people, processes and data. However, cybersecurity has become a critical challenge in the IoT enabled cyber physical systems, from connected supply chain, Big Data produced by huge amount of IoT devices, to industry control systems. Evolutionary computation combining with other computational intelligence will play an important role for cybersecurity, such as artificial immune mechanism for IoT security architecture, data mining/fusion in IoT enabled cyber physical systems, and data driven cybersecurity. This paper provides an overview of security challenges in IoT enabled cyber-physical systems and what evolutionary computation and other computational intelligence technology could contribute for the challenges. The overview could provide clues and guidance for research in IoT security with computational intelligence

SAINS DATA, BIG DATA, DAN ANALISIS PREDIKTIF: SEBUAH LANDASAN UNTUK KECERDASAN KEAMANAN SIBER

Abstrak – Data merupakan unsur terpenting dalam setiap penelitian dan pendekatan ilmiah. Metodologi sains data digunakan untuk memilah, memilih dan mempersiapkan sejumlah data untuk diproses dan dianalisis. Teknologi big data mampu mengumpulkan data dengan sangat banyak dari berbagai sumber dengan tujuan untuk mendapatkan informasi dengan visualisasi tren atau menyingkapkan pengetahuan dari suatu peristiwa yang terjadi baik dimasa lalu, sekarang, maupun akan datang dengan kecepatan pemrosesan data sangat tinggi. Analisis prediktif memberikan wawasan analisis lebih dalam dan kemunculan machine learning membawa analisis data ke tingkat yang lebih tinggi dengan bantuan teknologi kecerdasan buatan dalam tahap pemrosesan data mentah. Analisis prediktif dan machine learning menghasilkan laporan berbentuk visual untuk pengambil keputusan dan pemangku kepentingan. Berkenaan dengan keamanan siber, big data menjanjikan kesempatan dalam rangka untuk mencegah dan mendeteksi setiap serangan canggih siber dengan memanfaatkan data keamanan internal dan eksternal.Kata Kunci: analisis prediktif, big data, intelijen, keamanan siber, sains dataAbstract – Data are the prominent elements in scientific researches and approaches. Data Science methodology is used to select and to prepare enormous numbers of data for further processing and analysing. Big Data technology collects vast amount of data from many sources in order to exploit the information and to visualise trend or to discover a certain phenomenon in the past, present, or in the future at high speed processing capability. Predictive analytics provides in-depth analytical insights and the emerging of machine learning brings the data analytics to a higher level by processing raw data with artificial intelligence technology. Predictive analytics and machine learning produce visual reports for decision makers and stake-holders. Regarding cyberspace security, big data promises the opportunities in order to prevent and to detect any advanced cyber-attacks by using internal and external security data.Keywords: big data, cyber security, data science, intelligence, predictive analytic

DATA SCIENCE, BIG DATA, AND PREDICTIVE ANALYTICS: A PLATFORM FOR CYBERSPACE SECURITY INTELLIGENCE

Abstract – Data are the prominent elements in scientific researches and approaches. Data Science methodology is used to select and to prepare enormous numbers of data for further processing and analysing. Big Data technology collects vast amount of data from many sources in order to exploit the information and to visualise trend or to discover a certain phenomenon in the past, present, or in the future at high speed processing capability. Predictive analytics provides in-depth analytical insights and the emerging of machine learning brings the data analytics to a higher level by processing raw data with artificial intelligence technology. Predictive analytics and machine learning produce visual reports for decision makers and stake-holders. Regarding cyberspace security, big data promises the opportunities in order to prevent and to detect any advanced cyber-attacks by using internal and external security data.Keywords: Big Data, Cyber Security, Data Science, Intelligence, Predictive AnalyticsAbstrak – Data merupakan unsur terpenting dalam setiap penelitian dan pendekatan ilmiah. Metodologi sains data digunakan untuk memilah, memilih dan mempersiapkan sejumlah data untuk diproses dan dianalisis. Teknologi big data mampu mengumpulkan data dengan sangat banyak dari berbagai sumber dengan tujuan untuk mendapatkan informasi dengan visualisasi tren atau menyingkapkan pengetahuan dari suatu peristiwa yang terjadi baik dimasa lalu, sekarang, maupun akan datang dengan kecepatan pemrosesan data sangat tinggi. Analisis prediktif memberikan wawasan analisis lebih dalam dan kemunculan machine learning membawa analisis data ke tingkat yang lebih tinggi dengan bantuan teknologi kecerdasan buatan dalam tahap pemrosesan data mentah. Analisis prediktif dan machine learning menghasilkan laporan berbentuk visual untuk pengambil keputusan dan pemangku kepentingan. Berkenaan dengan keamanan siber, big data menjanjikan kesempatan dalam rangka untuk mencegah dan mendeteksi setiap serangan canggih siber dengan memanfaatkan data keamanan internal dan eksternal.Kata Kunci: Analisis Prediktif, Big Data, Intelijen, Keamanan Siber, Sains Dat

Deep Learning Enhanced Visulization Tool For Network Monitroing

In this era of web technology driven by social networks, cloud computing, big data, and E-business, technology is also rapidly evolving. Most of the information is stored and managed via the Internet. With an increase in these development tools and techniques, cyber-crime is constantly increasing. The level of damage these attacks cause to the system affects the organizations to the core. Contemporary Deep Learning and Machine Learning technologies have become the popular choice of intrusion detection systems for the detection and prediction of cyber-attack. Similarly, cyber-security visualization is also an integral and essential part of monitoring network traffic and optimization. Abundant work has already been done to detect attacks, but monitoring these attacks still appears as elusive as detection for cyber analysts. However, the current open-source visualization tool has not been integrated with Deep Learning models to gain intelligence on the network. While many researchers [3] are already working on cyber-attack defense mechanisms, this research also takes advantage of Deep Learning and Machine Learning technologies to contribute to the work against such crimes. A novel Deep Learning enhanced visualization tool is also proposed for malicious traffic node prediction and monitoring. The proposed method exploits the intriguing properties of Deep Learning models to gain intelligence for network monitoring. A real-world DARPA dataset has been used to validate the proposed method. Index Terms—Cyber-security, data analysis, data science, darpa-dataset, decision tree, deep learning, deep neural network, DL model, ML model, network analysis tool, network monitoring tool, supervised learning, support vector machine, visualization tool

MACHINE LEARNING ALGORITHMS FOR DETECTION OF CYBER THREATS USING LOGISTIC REGRESSION

The threat of cyberattacks is expanding globally; thus, businesses are developing intelligent artificial intelligence systems that can analyze security and other infrastructure logs from their systems department and quickly and automatically identify cyberattacks. Security analytics based on machine learning the next big thing in cybersecurity is machine data, which aims to mine security data to show the high maintenance costs of static relationship rules and methods. But, choosing the appropriate machine learning technique for log analytics using ML continues to be a significant barrier to AI success in cyber security due to the possibility of a substantial number of false-positive detections in large-scale or global Security Operations Centre (SOC) settings, selecting the proper machine learning technique for security log analytics remains a substantial obstacle to AI success in cyber security. A machine learning technique for a cyber threat exposure system that can minimize false positives is required. Today\u27s machine learning methods for identifying threats frequently use logistic regression. Logistic regression is the first of three machine learning subcategories—supervised, unsupervised, and reinforcement learning. Any machine learning enthusiast will encounter this supervised machine learning algorithm at the beginning of their machine learning career. It\u27s an essential and often applied classification algorithm

Cyber Security of Tomorrow & Personal Data of Yesterday

This paper aims to present new strategies of maintaining security that are powered by the (big) data. In its first part, the paper introduces the general idea of the big data analysis being used to empower security while stating obvious lack of progress in the data protection legislation. In its second part, the paper presents standard perimeter-based security and cyber security and, based on the available literature, states that it disproportionately enhances risks for computer systems. In its third part, the paper provides an overview of the intelligence-driven security, which is largely understood by the industry as the only way to maintain security facing advanced persistent threats. The last part briefly discusses possible outcome of functional separation, which protects the privacy, but renders big data for the purpose of security almost useless.

HYBINT: A Hybrid Intelligence System for Critical Infrastructures Protection

[EN] Cyberattacks, which consist of exploiting security vulnerabilities of computer networks and systems for any kind of malicious purpose (e.g., extortion, data steal, assets hijacking), have been continuously increasing worldwide in recent years. Cyberspace appears today as a new battlefield, along with physical world scenarios (land, sea, air, and space), for the organizations defence and security. Besides, by the fact that attacks from the physical world may have significant implications in the cyber world and vice versa, these dimensions cannot be understood independently. However, the most common intelligence systems offer an insufficient situational awareness exclusively focused on one of these decision spaces. This article introduces HYBINT, an enhanced intelligence system that provides the necessary decision-making support for an efficient critical infrastructures protection by combining the real-time situation of the physical and cyber domains in a single visualization space. HYBINT is a real cross-platform solution which supplies, through Big Data analytical methods and advanced representation techniques, hybrid intelligence information from significant data of both physical and cyber data sources in order to bring an adequate hybrid situational awareness (HSA) of the cyber-physical environment. The proposal will be validated in a detailed scenario in which HYBINT system will be evaluated.Hingant Gómez, J.; Zambrano-Vizuete, OM.; Pérez-Carrasco, FJ.; Pérez Llopis, I.; Esteve Domingo, M. (2018). HYBINT: A Hybrid Intelligence System for Critical Infrastructures Protection. Security and Communication Networks. 2018:1-13. https://doi.org/10.1155/2018/5625860S113201

The Technologization of Insurance: An Empirical Analysis of Big Data and Artificial Intelligence’s Impact on Cybersecurity and Privacy

This Article engages one of the biggest issues debated among privacy and technology scholars by offering an empirical examination of how big data and emerging technologies influence society. Although scholars explore the ways that code, technology, and information regulate society, existing research primarily focuses on the theoretical and normative challenges of big data and emerging technologies. To our knowledge, there has been very little empirical analysis of precisely how big data and technology influence society. This is not due to a lack of interest but rather a lack of disclosure by data providers and corporations that collect and use these technologies. Specifically, we focus on one of the biggest problems for businesses and individuals in society: cybersecurity risks and data breach events. Due to the lack of stringent legal regulations and preparation by organizations, insurance companies are stepping in and offering not only cyber insurance but also risk management services aimed at trying to improve organizations’ cybersecurity profile and reduce their risk. Drawing from sixty interviews of the cyber insurance field, a quantitative analysis of a “big data” set we obtained from a data provider, and observations at cyber insurance conferences, we explore the effects of what we refer to as the “technologization of insurance,” the process whereby technology influences and shapes the delivery of insurance. Our study makes two primary findings. First, we show how big data, artificial intelligence, and emerging technologies are transforming the way insurers underwrite, price insurance, and engage in risk management. Second, we show how the impact of these technological interventions is largely symbolic. Insurtech innovations are ineffective at enhancing organizations’ cybersecurity, promoting the role of insurers as regulators, and helping insurers manage uncertainty. We conclude by offering recommendations on how society can help technology to assure algorithmic justice and greater security of consumer information as opposed to greater efficiency and profit