Artificial Intelligence in Cybersecurity : Advancing Threat Modeling and Vulnerability Assessment
DOI:
https://doi.org/10.32628/CSEIT241051066Keywords:
Artificial Intelligence, Cybersecurity, Threat Modeling, Vulnerability Assessment, Machine LearningAbstract
This article examines the transformative role of Artificial Intelligence (AI) in revolutionizing cybersecurity practices, with a particular focus on threat modeling and vulnerability assessment. As cyber threats grow increasingly sophisticated, traditional security measures often fall short in providing comprehensive protection. We explore how AI and machine learning algorithms enhance the accuracy and efficiency of threat modeling by analyzing vast datasets to identify patterns and anomalies indicative of potential security risks. The article also investigates AI's contribution to vulnerability assessment, highlighting its capacity for continuous monitoring and real-time analysis of diverse data sources, including network traffic, system logs, and threat intelligence feeds. By simulating various attack scenarios and prioritizing security vulnerabilities, AI-driven tools enable organizations to adopt a more proactive and dynamic approach to cybersecurity. While acknowledging the challenges and ethical considerations associated with AI implementation in this domain, this article underscores the significant potential of AI in fortifying cyber defenses and safeguarding digital assets in an ever-evolving threat landscape.
Downloads
References
A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, "Survey of intrusion detection systems: techniques, datasets, and challenges," Cybersecurity, vol. 2, no. 1, 2019. [Online]. Available: https://cybersecurity.springeropen.com/articles/10.1186/s42400-019-0038-7 DOI: https://doi.org/10.1186/s42400-019-0038-7
M. A. Al-Garadi, A. Mohamed, A. K. Al-Ali, X. Du, I. Ali, and M. Guizani, "A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security," IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1646-1685, 2020. [Online]. Available: https://arxiv.org/abs/1807.11023 DOI: https://doi.org/10.1109/COMST.2020.2988293
A. Shostack, "Threat Modeling: Designing for Security," John Wiley & Sons, 2014. [Online]. Available: https://www.wiley.com/en-us/Threat+Modeling%3A+Designing+for+Security-p-9781118809990
R. Sommer and V. Paxson, "Outside the Closed World: On Using Machine Learning for Network Intrusion Detection," 2010 IEEE Symposium on Security and Privacy, pp. 305-316, 2010. [Online]. Available: https://ieeexplore.ieee.org/document/5504793 DOI: https://doi.org/10.1109/SP.2010.25
D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, and K. Rieck, "DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket," in Proceedings of the Network and Distributed System Security Symposium (NDSS), 2014. [Online]. Available: https://www.ndss-symposium.org/ndss2014/programme/drebin-effective-and-explainable-detection-android-malware-your-pocket/ DOI: https://doi.org/10.14722/ndss.2014.23247
A. L. Buczak and E. Guven, "A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection," IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153-1176, 2016. [Online]. Available: https://ieeexplore.ieee.org/document/7307098 DOI: https://doi.org/10.1109/COMST.2015.2494502
F. Pendlebury, F. Pierazzi, R. Jordaney, J. Kinder, and L. Cavallaro, "TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time," 28th USENIX Security Symposium, pp. 729-746, 2019. [Online]. Available: https://www.usenix.org/conference/usenixsecurity19/presentation/pendlebury
Y. Shen, E. Mariconti, P. A. Vervier, and G. Stringhini, "Tiresias: Predicting Security Events Through Deep Learning," Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 592-605, 2018. [Online]. Available: https://dl.acm.org/doi/10.1145/3243734.3243811 DOI: https://doi.org/10.1145/3243734.3243811
G. Apruzzese, M. Colajanni, L. Ferretti, A. Guido, and M. Marchetti, "On the effectiveness of machine and deep learning for cyber security," 2018 10th International Conference on Cyber Conflict (CyCon), pp. 371-390, 2018. [Online]. Available: https://ieeexplore.ieee.org/document/8405026 DOI: https://doi.org/10.23919/CYCON.2018.8405026
A. Tsamados, N. Aggarwal, J. Cowls, J. Morley, H. Roberts, M. Taddeo, and L. Floridi, "The ethics of algorithms: key problems and solutions," AI & Society, vol. 37, pp. 215-230, 2022. [Online]. Available: https://link.springer.com/article/10.1007/s00146-021-01154-8 DOI: https://doi.org/10.1007/s00146-021-01154-8
A. Kurakin, I. Goodfellow, S. Bengio, Y. Dong, F. Liao, M. Liang, T. Pang, J. Zhu, X. Hu, C. Xie, et al., "Adversarial attacks and defenses competition," in The NIPS'17 Competition: Building Intelligent Systems, Springer, pp. 195-231, 2018. [Online]. Available: https://arxiv.org/abs/1804.00097 DOI: https://doi.org/10.1007/978-3-319-94042-7_11
M. Naumov, J. Cohen, M. Sourelos, S. Zeng, R. Garifullin, and I. Fросков, "Deep Learning Training in Facebook Data Centers: Design of Scale-up and Scale-out Systems," arXiv preprint arXiv:2003.09518, 2020. [Online]. Available: https://arxiv.org/abs/2003.09518
Downloads
Published
Issue
Section
License
Copyright (c) 2024 International Journal of Scientific Research in Computer Science, Engineering and Information Technology
This work is licensed under a Creative Commons Attribution 4.0 International License.