Artificial Intelligence in Cybersecurity : Advancing Threat Modeling and Vulnerability Assessment

Authors

  • Chirag Gajiwala Nutanix Inc., USA Author

DOI:

https://doi.org/10.32628/CSEIT241051066

Keywords:

Artificial Intelligence, Cybersecurity, Threat Modeling, Vulnerability Assessment, Machine Learning

Abstract

This article examines the transformative role of Artificial Intelligence (AI) in revolutionizing cybersecurity practices, with a particular focus on threat modeling and vulnerability assessment. As cyber threats grow increasingly sophisticated, traditional security measures often fall short in providing comprehensive protection. We explore how AI and machine learning algorithms enhance the accuracy and efficiency of threat modeling by analyzing vast datasets to identify patterns and anomalies indicative of potential security risks. The article also investigates AI's contribution to vulnerability assessment, highlighting its capacity for continuous monitoring and real-time analysis of diverse data sources, including network traffic, system logs, and threat intelligence feeds. By simulating various attack scenarios and prioritizing security vulnerabilities, AI-driven tools enable organizations to adopt a more proactive and dynamic approach to cybersecurity. While acknowledging the challenges and ethical considerations associated with AI implementation in this domain, this article underscores the significant potential of AI in fortifying cyber defenses and safeguarding digital assets in an ever-evolving threat landscape.

Downloads

Download data is not yet available.

References

A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, "Survey of intrusion detection systems: techniques, datasets, and challenges," Cybersecurity, vol. 2, no. 1, 2019. [Online]. Available: https://cybersecurity.springeropen.com/articles/10.1186/s42400-019-0038-7 DOI: https://doi.org/10.1186/s42400-019-0038-7

M. A. Al-Garadi, A. Mohamed, A. K. Al-Ali, X. Du, I. Ali, and M. Guizani, "A Survey of Machine and Deep Learning Methods for Internet of Things (IoT) Security," IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1646-1685, 2020. [Online]. Available: https://arxiv.org/abs/1807.11023 DOI: https://doi.org/10.1109/COMST.2020.2988293

A. Shostack, "Threat Modeling: Designing for Security," John Wiley & Sons, 2014. [Online]. Available: https://www.wiley.com/en-us/Threat+Modeling%3A+Designing+for+Security-p-9781118809990

R. Sommer and V. Paxson, "Outside the Closed World: On Using Machine Learning for Network Intrusion Detection," 2010 IEEE Symposium on Security and Privacy, pp. 305-316, 2010. [Online]. Available: https://ieeexplore.ieee.org/document/5504793 DOI: https://doi.org/10.1109/SP.2010.25

D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, and K. Rieck, "DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket," in Proceedings of the Network and Distributed System Security Symposium (NDSS), 2014. [Online]. Available: https://www.ndss-symposium.org/ndss2014/programme/drebin-effective-and-explainable-detection-android-malware-your-pocket/ DOI: https://doi.org/10.14722/ndss.2014.23247

A. L. Buczak and E. Guven, "A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection," IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153-1176, 2016. [Online]. Available: https://ieeexplore.ieee.org/document/7307098 DOI: https://doi.org/10.1109/COMST.2015.2494502

F. Pendlebury, F. Pierazzi, R. Jordaney, J. Kinder, and L. Cavallaro, "TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time," 28th USENIX Security Symposium, pp. 729-746, 2019. [Online]. Available: https://www.usenix.org/conference/usenixsecurity19/presentation/pendlebury

Y. Shen, E. Mariconti, P. A. Vervier, and G. Stringhini, "Tiresias: Predicting Security Events Through Deep Learning," Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 592-605, 2018. [Online]. Available: https://dl.acm.org/doi/10.1145/3243734.3243811 DOI: https://doi.org/10.1145/3243734.3243811

G. Apruzzese, M. Colajanni, L. Ferretti, A. Guido, and M. Marchetti, "On the effectiveness of machine and deep learning for cyber security," 2018 10th International Conference on Cyber Conflict (CyCon), pp. 371-390, 2018. [Online]. Available: https://ieeexplore.ieee.org/document/8405026 DOI: https://doi.org/10.23919/CYCON.2018.8405026

A. Tsamados, N. Aggarwal, J. Cowls, J. Morley, H. Roberts, M. Taddeo, and L. Floridi, "The ethics of algorithms: key problems and solutions," AI & Society, vol. 37, pp. 215-230, 2022. [Online]. Available: https://link.springer.com/article/10.1007/s00146-021-01154-8 DOI: https://doi.org/10.1007/s00146-021-01154-8

A. Kurakin, I. Goodfellow, S. Bengio, Y. Dong, F. Liao, M. Liang, T. Pang, J. Zhu, X. Hu, C. Xie, et al., "Adversarial attacks and defenses competition," in The NIPS'17 Competition: Building Intelligent Systems, Springer, pp. 195-231, 2018. [Online]. Available: https://arxiv.org/abs/1804.00097 DOI: https://doi.org/10.1007/978-3-319-94042-7_11

M. Naumov, J. Cohen, M. Sourelos, S. Zeng, R. Garifullin, and I. Fросков, "Deep Learning Training in Facebook Data Centers: Design of Scale-up and Scale-out Systems," arXiv preprint arXiv:2003.09518, 2020. [Online]. Available: https://arxiv.org/abs/2003.09518

Downloads

Published

01-11-2024

Issue

Section

Research Articles

Similar Articles

1-10 of 334

You may also start an advanced similarity search for this article.