The Role Benefits and Challenges of Applying Artificial Intelligence for Enhancing Cybersecurity
Keywords:
artificial intelligence, cybersecurity, threats detection, malware analysisAbstract
Cyber threats are continuously evolving, becoming more severe and complex. Malware attacks, denial-of-service attacks, and new threats such as ransomware severely impact organizations and individuals worldwide. Traditional security systems have limitations in dealing with these threats, making the application of Artificial Intelligence (AI) an attractive alternative. This academic article aims to review the literature on applying AI to tackle cyber threats from 2014-2024, using a systematic literature review methodology. It compares research papers in terms of AI techniques used, types of threats studied, and system performance. The study found that applying various AI techniques, whether machine learning, deep learning, or a combination of techniques, can significantly improve threat detection accuracy, response speed, and ability to learn new patterns compared to traditional methods. Notably, the use of deep learning in malware analysis showed up to 98% accuracy and was 20 times faster than human analysis.
References
Accenture. (2019). Artificial intelligence: Is your organizational ‘cyber resilience’ up to the challenge? Retrieved from https://www.accenture.com/gb-en/insights/artificial-intelligence/cybersecurity-artificial-intelligence
Aliar, A. A., Gowri, V., & Zbins, A. A. (2024). Detection of distributed denial of service attack using enhanced adaptive deep dilated ensemble with hybrid meta-heuristic approach. Transactions on Emerging Telecommunications Technologies, 35(1), e4921. https://doi.org/10.1002/ett.4921
Bhuyan, M. H., Bhattacharyya, D. K., & Kalita, J. K. (2015). NADO: A hybrid kernel based approach for network anomaly detection. IEEE Communications Surveys & Tutorials, 17(2), 706-722. https://doi.org/10.1109/COMST.2015.2417967
Bogatinov, D., & Bogdanoski, M. (2022). Using artificial intelligence as a first line of defense in cyberspace. NATO Science for Peace and Security Series - E: Human and Societal Dynamics, 155, 56-68. doi: 10.3233/NHSDP220006
Burgess, M. (2022). Russia’s Central Bank digital services disrupted by DDoS attacks, Wired UK. Retrieved from https://www.wired.co.uk/article/russia-central-bank-ddos-attack
Chen, Y. H., Lin, S. C., Huang, S. C., Lei, C. L., & Huang, C. Y. (2023). Guided malware sample analysis based on graph neural networks. IEEE Transactions on Information Forensics and Security, 18, 4128-4143. doi: 10.1109/TIFS.2023.3283913.
Chivukula, S. A., Yang, X., Liu, B., Liu, W., & Zhou, W. (2023). Adversarial attack surfaces. In Adversarial machine learning (pp 47–72). Berlin, Germany: Springer. https://doi.org/10.1007/978-3-030-99772-4_3
Cimpanu, C. (2021). Waikato DHB cyber-attack: Hackers had access to hospitals’ IT systems for around five months. The record by recorded future. Retrieved from https://therecord.media/waikato-dhb-cyber-attack-hackers-had-access-to-hospitals-it-systems-for-around-five-months/
Clarke, R. (2023). The re-conception of AI: Beyond artificial, and beyond intelligence. IEEE Transactions on Technology and Society, 4(1), 24-33. doi: 10.1109/TTS.2023.3234051.
Cox, J. (2023). DDoS attacks jumped 150% in the past year, network provider says. CNET. Retrieved from https://www.cnet.com/tech/services-and-software/ddos-attacks-jumped-150-in-past-year-network-provider-says/
FBI. (2022). 2021 internet crime report. Retrieved from https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf
Guo, Q., Chen, Y., Chen, J., Shen, H., & Wu, J. (2020). A survey on adversarial attacks and defense strategies in machine learning-based cyber security applications. IEEE Access, 8, 205806-205831.
Han, H., & Trimi, S. (2024). Analysis of cloud computing-based education platforms using unsupervised random forest. Educ Inf Technol, 29, 15905–15932. https://doi.org/10.1007/s10639-024-12457-w
Hassan, N. A. (2019). Enterprise defense strategies against ransomware attacks. In Ransomware Revealed (pp. 115-154). CA Berkeley: Apress https://doi.org/10.1007/978-1-4842-4255-1_5
Jo, T. (2020). Semi-supervised Learning. In Machine Learning Foundations (pp 309–334). Berlin: Springer. https://doi.org/10.1007/978-3-030-65900-4_14.
Kizza, J. M. (2020). Guide to computer network security (5th ed.). Berlin: Springer.
Kwon, H., & Sea, J. (2022). Characteristics of sexual homicide: Based on random forest analysis. Journal Article Korean Criminological Review, 33(1), 165-192. doi: 10.36889/KCR.2022.3.31.1.165
Kumar, A., Han, S. T., & Soni, A. K. (2022). Survey on artificial intelligence for cybersecurity. IEEE Access, 10, 16679-16709. https://doi.org/10.1109/ACCESS.2022.3146309
Li, C., Liu, Q., Guo, Q., & Wu, Y. (2022). A federated graph neural network approach for privacy-preserving network intrusion detection. IEEE Transactions on Network Science and Engineering, 9(1), 247-260. doi:10.21203/rs.3.rs-1191595/v1
Li, P., Xiong, F., Huang, X., & Wen, X. (2024). Construction and optimization of vending machine decision support system based on improved C4.5 decision tree. Heliyon, 10(3), e25024. doi: https://doi.org/10.1016/j.heliyon.2024.e25024
Liu, Y., Kang, Y., Zou, T., Pu, Y., He, Y., Ye, X., Zhang, Y.Q., & Yang, Q. (2024). Vertical federated learning: Concepts, advances, and challenges. IEEE Transactions on Knowledge and Data Engineering, 36(7), 3615-3634. doi: 10.1109/TKDE.2024.3352628.
Marino, D. L., Wickramasinghe, C. S., & Riehle, L. (2021). Metamorphic testing for cybersecurity: Securing machine learning cyber-physical systems through metamorphic testing. IEEE Transactions on Reliability, 70(1), 264-280.
Morse, A., & Satter, R. (2021). Data on 533 million Facebook users leaked online. Reuters. Retrieved from https://www.reuters.com/technology/hackers-leak-data-533-mln-facebook-users-2021-04-03/
Mothukuri, V., Parizi, R. M., Pouriyeh, S., Huang, Y., Dehghantanha, A., & Srivastava, G. (2021). A survey on security and privacy of federated learning. Future Generation Computer Systems, 115, 619-640. https://doi.org/10.1016/j.future.2020.10.007
Nanda, S., Zafari, F., DeLong, C., Bustinza, R., & Raina, R. (2022). XAI for data-driven cyber security: Opportunities, challenges & future directions. arXiv preprint arXiv, 2204, 11234.
Roger, A. (2022). Grimes, future of ransomware. In Ransomware protection playbook (pp. 261-272). New York: Wiley
Sarker, I. H., Kayes, A. S. M., Badsha, S., Alqahtani, H., Watters, P., & Ng, A. (2020). Cybersecurity data science: An overview from machine learning perspective. Journal of Big Data, 7, 41. https://doi.org/10.1186/s40537-020-00318-5
Sharif, M. H. U., & Mohammed, M. A. (2022). A literature review of financial losses statistics for cyber security and future trend. World Journal of Advanced Research and Reviews, 15(1), 138–156. https://doi.org/10.30574/wjarr.2022.15.1.0573
Srinivasan, S., & Sharmili, A. S. (2022). Graph neural network-based intrusion detection systems for cyber security applications. In AI and Machine Learning for Cyber Security (pp. 79-104). Berlin: Springer.
Taylor, I. (2024). Is explainable AI responsible AI? In AI & Soc (pp. 1-10). Berlin: Springer. https://doi.org/10.1007/s00146-024-01939-7
The Securities and Exchange Commission Thailand. (2022). Cyber attack trends 2022. Retrieved from https://www.sec.or.th/TH/Pages/CYBERRESILIENCE-STATISTICS-2565.aspx (in Thai)
Töndel, I. A., & Cruzes, D. S. (2022). Continuous software security through security prioritisation meetings. Journal of Systems and Software, 194, 111477. https://doi.org/10.1016/j.jss.2022.111477
Wang, S., He, R., Shan, C., Choo, K. K. R., Yang, Y., & Chen, W. (2023). Defending against cybersecurity attacks: A comprehensive survey. ACM Computing Surveys, 55(6), 125. https://doi.org/10.1145/3534389
Wang, Y. C., Houng, Y. C., Chen, H. X., & Tseng, S. M. (2023). Network anomaly intrusion detection based on deep learning approach. Sensors, 23(4), 2171. https://doi.org/10.3390/s23042171
Warnecke, A., Arp, D., Wressnegger, C., & Rieck, K. (2020). Evaluating explanation methods for deep learning in security. IEEE European Symposium on Security and Privacy (EuroS&P) (pp. 158-174). Genoa, Italy: IEEE. doi: 10.1109/EuroSP48549.2020.00018.
Whittaker, Z. (2022). Marriott to pay £18.4 m fine after massively bungling data breach disclosures, TechCrunch. Retrieved from https://techcrunch.com/2022/10/11/marriott-uk-data-breach-fine/
Wollerton, M. (2023). Ransomware attacks. In CQ Researcher. Thousand Oaks, CA: CQ Press. https://doi.org/10.4135/cqresrre20230818
Zeadally, S., Adi, E., Baig, Z., & Khan, I. A. (2020). Harnessing artificial intelligence capabilities to improve cybersecurity practices. Information, 11(10), 490. https://doi.org/10.3390/info11100490
Zhang, H., Chen, L., Liu, X., & Wang, X. (2021). Meta-learning based adversarial detection framework for few-shot learning in cybersecurity. IEEE Transactions on Information Forensics and Security, 16, 4306-4320.
Zhong, Y., Yu, W., Yuantao, S., Liu, J., & Qu, Y. (2020). Hierarchical graph neural network for network intrusion detection. IEEE Transactions on Information Forensics and Security, 15, 2653-2662.
