Applying Machine Learning Tools to Detect Cyber Attacks in Financial Firms and Banks

The use of machine learning in cybersecurity is becoming increasingly important for detecting cyber attacks in financial firms and banks. Machine learning offers improved scalability, efficiency, and actionability compared to traditional methods that rely on human interaction. Various machine learning techniques, including deep learning, support vector machines, and Bayesian classification, have shown promise in detecting cyber attacks. This study uses machine-learning techniques and tools to detect cyber attacks in financial firms and banks, and recommends the use of XGBoost due to its high performance. Ensuring cybersecurity in financial firms and banks is crucial for maintaining the integrity, confidentiality, and transparency of transactions in virtual and online banking systems

Artificial intelligence in the cyber domain: Offense and defense

Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.Web of Science123art. no. 41

Seen the villains: detecting social engineering attacks using case-based reasoning and deep learning

Social engineering attacks are frequent, well-known and easy-toapply attacks in the cyber domain. Historical evidence of such attacks has shown that the vast majority of malicious attempts against both physical and virtual IT systems were based or been initiated using social engineering methods. By identifying the importance of tackling efficiently cybersecurity threats and using the recent developments in machine learning, case-based reasoning and cybersecurity we propose and demonstrate a two-stage approach that detects social engineering attacks and is based on natural language processing, case-based reasoning and deep learning. Our approach can be applied in offline texts or real time environments and can identify whether a human, chatbot or offline conversation is a potential social engineering attack or not. Initially, the conversation text is parsed and checked for grammatical errors using natural language processing techniques and case-based reasoning and then deep learning is used to identify and isolate possible attacks. Our proposed method is being evaluated using both real and semi-synthetic conversation points with high accuracy results. Comparison benchmarks are also presented for comparisons in both datasets

Statistical analysis driven optimized deep learning system for intrusion detection

Attackers have developed ever more sophisticated and intelligent ways to hack information and communication technology systems. The extent of damage an individual hacker can carry out upon infiltrating a system is well understood. A potentially catastrophic scenario can be envisaged where a nation-state intercepting encrypted financial data gets hacked. Thus, intelligent cybersecurity systems have become inevitably important for improved protection against malicious threats. However, as malware attacks continue to dramatically increase in volume and complexity, it has become ever more challenging for traditional analytic tools to detect and mitigate threat. Furthermore, a huge amount of data produced by large networks has made the recognition task even more complicated and challenging. In this work, we propose an innovative statistical analysis driven optimized deep learning system for intrusion detection. The proposed intrusion detection system (IDS) extracts optimized and more correlated features using big data visualization and statistical analysis methods (human-in-the-loop), followed by a deep autoencoder for potential threat detection. Specifically, a pre-processing module eliminates the outliers and converts categorical variables into one-hot-encoded vectors. The feature extraction module discard features with null values and selects the most significant features as input to the deep autoencoder model (trained in a greedy-wise manner). The NSL-KDD dataset from the Canadian Institute for Cybersecurity is used as a benchmark to evaluate the feasibility and effectiveness of the proposed architecture. Simulation results demonstrate the potential of our proposed system and its outperformance as compared to existing state-of-the-art methods and recently published novel approaches. Ongoing work includes further optimization and real-time evaluation of our proposed IDS.Comment: To appear in the 9th International Conference on Brain Inspired Cognitive Systems (BICS 2018

Learning Domain-Specific Word Embeddings from Sparse Cybersecurity Texts

Word embedding is a Natural Language Processing (NLP) technique that automatically maps words from a vocabulary to vectors of real numbers in an embedding space. It has been widely used in recent years to boost the performance of a vari-ety of NLP tasks such as Named Entity Recognition, Syntac-tic Parsing and Sentiment Analysis. Classic word embedding methods such as Word2Vec and GloVe work well when they are given a large text corpus. When the input texts are sparse as in many specialized domains (e.g., cybersecurity), these methods often fail to produce high-quality vectors. In this pa-per, we describe a novel method to train domain-specificword embeddings from sparse texts. In addition to domain texts, our method also leverages diverse types of domain knowledge such as domain vocabulary and semantic relations. Specifi-cally, we first propose a general framework to encode diverse types of domain knowledge as text annotations. Then we de-velop a novel Word Annotation Embedding (WAE) algorithm to incorporate diverse types of text annotations in word em-bedding. We have evaluated our method on two cybersecurity text corpora: a malware description corpus and a Common Vulnerability and Exposure (CVE) corpus. Our evaluation re-sults have demonstrated the effectiveness of our method in learning domain-specific word embeddings