SCO

Técnicas de Inteligencia Artificial

Aplicadas en Ciberseguridad

Juan Carlos Olivares Rojas

November 2020
 Introduction

AI + Cybersecurity
= AI Safety & Security
 Outline
Motivation

Cybersecurity

AI

AI + Cybersecurity Examples
 Motivation

Everything Everything Everything Everything

Everything
becomes becomes generates can be needs to be
connected software-based data automated secured

Networking Programmability Security

Source: Cisco
Motivation

Source: Domo
 Cybercrime damage
estimated to hit $6
TRILLION BY 2021.

95% of cybersecurity
• Motivation breaches are due to human
error.

25 billion connected things

will be in use by 2021.
Source: Cisco
• Motivation Hackers stole half a billion
personal records in 2018.

4.07 million cybersecurity

jobs are unfilled.
Source: Invertia
Network Security Professionals

Source: Cisco
Motivation

Source: Cisco
 Outline
Motivation

Cybersecurity

AI

AI + Cybersecurity Examples
Cybersecurity
Zero Trust

Source: Among Us
Threats
Threats

Initial Code Red Worm Infection

Code Red Worm Infection 19 Hours

Later
 Cyber Threats

Source: Cisco
Data Privacy
Cybersecurity in Healthcare

Source: Cisco
Cybersecurity Tools
Cybersecurity Tools
Contai
nment

Inoculation Quarantine

Treatment
Cybersecurity Tools
Cybersecurity Tools
Cybersecurity Tools
 Cybersecurity Tools

Source: Cisco
 Cybersecurity Tools

Source: Cisco
 Cybersecurity Tools

Source: Cisco
 Outline
Motivation

Cybersecurity

AI

AI + Cybersecurity Examples
 AI Booming
What makes AI credible this time around . . .
2. ML, deep learning
1. Computing power algorithms

3. Big data

5. Huge investments

4. Age of the customer/

digital demand

Source: “Artificial Intelligence Can Finally Unleash Your Business Applications' Creativity” Forrester report
 AI is in Charge

Energy: Nuclear Utilities: Water Military: Nuclear

Power Plants Plants/Electrical Grid Weapons

Communications: Satellites

Stock Market: 75+% of all trade orders Aviation: Uninterruptible Autopilot System
generated by Automated Trading Systems
 AI Applications

Financial services Government Energy Retail

Fraud detection, ID verification Cyber-security, smart cities and utilities Seismic and reservoir modeling Video surveillance, shopping patterns

Health Consumer tech Service providers

Personalized medicine, image analytics Chatbots Media delivery Manufacturing
Predictive and prescriptive maintenance
 AI Financial Applications

Risk Modeling & CLV

Customer
Fraud Detection Credit Worthiness Prediction and Other
Segmentation
Check Recommendation

•• Behavioral
Behavioral Analysis
Analysis
•• Real-Time
Real-Time • Understanding •• Image Recognition
• Loan
Loan Defaults
Defaults •• Historical Purchase Understanding
Transactions
Transactions •• NLP
•• Delayed
Delayed Payments
Payments View
View Customer Quadrant
• Credit Card
Credit Card •• •• Security
•• Liquidity •• Pattern Recognition
Pattern Recognition Effective Messaging &
•• Merchant
Merchant Improved •• Video Analysis
•• Market & Currencies •• Retention Strategy
•• Collusion Engagement
•• Purchases and •• Upsell
•• Impersonation •• Targeted Customer
Payments •• Cross-Sell
Cross-Sell
•• Social Engineering Support
• Time Series •• Nurturing Support
Fraud • Enhanced
Enhanced Retention
Retention
 AI Development

A new paradigm What has changed?

More data
More New
computin algorithm
g power s

AI
AI Development Attacks
Cybersecurity Attacks in IA
 AI Ecosystem
Example Industry Use Cases

Solutions Fraud Detection Genome Research Customer 360 Video Surveillance

Data Science and

ML / DL Tools

Infrastructure
Data Platforms

HDFS/NFS
Data
Data Store Data Duplication Cloud

IT
User Access Security Time to Deploy Multi-Tenant
AI
Big Data
Data Analytics
Machine Learning
Regression
Time Series
Clustering
Decission Threes
SVM
 Outline
Motivation

Cybersecurity

AI

AI + Cybersecurity Examples
Evolution of security technology - three waves

CLOUD,
LAYERED INTELLIGENCE
AI and ORCHESTRATION,
DEFENSES and INTEGRATION
COLLABORATION
Cybersecurity using AI
 AI on Attack Tools

Source: Cisco
 AI and Cybersecurity

Human Expertise
• Common sense • Abstraction
• Morals • Dilemmas
• Compassion • Generalization

AI: Cognitive
Security Analytics Security
• Data correlation • Unstructured analysis
• Pattern identification • Natural language
• Anomaly detection • Question and answer
• Prioritization • Machine learning
• Data visualization • Bias elimination
• Workflow • Tradeoff analytics
 Cybersecurity Tools

Source: Cisco
Cybersecurity Tools
Cybersecurity Standards
Cisco Security Intelligence Operations
 Cybersecurity Tools

Source: Cisco
 AI Cybersecurity Solutions

WildFire

Phone/Tablet Laptops Desktops Servers Cloud

Source: WildFire
Artificial Neural Networks

Chen, Y., Abraham, A., & Yang, B. (2007). Hybrid flexible neural-tree-based
intrusion detection systems. International Journal of Intelligent Systems, 22,
337–352.
 Genetic Algorithms
Randomly Final Decision
Feature Decision Tree Decision Tree Fitness
Generated Computation
Tree
Selection Constructor Evaluator
Population Classifier

Validation Testing
Training Data
Data Data

Generate Next Generation

GA/Decision Tree Hybrid

Stein, G., Chen, B., Wu, A. S., & Hua, K. A. (2005). Decision tree classifier for network intrusion detection with GA-based feature selection. In
Paper presented at the proceedings of the 43rd annual Southeast regional conference. Kennesaw, Georgia.
 Neuro-fuzzing
Correct Teache Incorrect
(No Training) r (Training Needed)

Winner
(Decision)

Y(1) Y(2) Y(3) Y(n)

Φ1 Φ2 Φ3 Φn

w1 w2 w3 wn

X(1) X(2) X(3) X(4)

Chavan, Sampada, et al. "Adaptive neuro-fuzzy intrusion

detection systems. "Information Technology: Coding and
Computing, 2004. Proceedings. ITCC 2004. International
Conference on. Vol. 1. IEEE, 2004.
 Hybrid
Hybrid Decision Tree SVM Approach
Support Vector
Machine
Intrusion
Detection
Data

Decision Trees

Peddabachigari, Sandhya, et al. "Modeling intrusion detection system

using hybrid intelligent systems." Journal of network and computer
applications 30.1 (2007): 114-132.
 Hybrid ML NAD

Shon, T., & Moon, J. (2007). A hybrid machine learning approach to network anomaly detection. Information Sciences, 177, 3799–3821.
 Pattern Recognition

Intrusion Detection as a Pattern Recognition Problem

Multiple Classifier System for Intrusion Detection

Giacinto, Giorgio, Fabio Roli, and Luca Didaci. "Fusion of multiple classifiers for intrusion detection in computer networks." Pattern recognition letters 24.12
(2003): 1795-1803.
 Ensemble

Neural Networks
(Backpropagation)

Neural Networks (Scale

Conjugate Gradient)

Data Neural Network (One Step

preprocessor Secant)
Ensemble

Support Vector Machine

Multivariate Regression
Splines

Mukkamala, Srinivas, Andrew H. Sung, and Ajith Abraham. "Intrusion detection using an ensemble of intelligent
paradigms." Journal of network and computer applications 28.2 (2005): 167-182.
SMS Cybersecurity
 Questions?

[email protected],
[email protected],
[email protected]

Thanks you so much!