Data Ethics and Research Methods

Data Ethics and Research Methods

Proactive Hunting of Cyber Threats with Secure AI-powered advance endpoint detection and response

Module Code: MMI226823

Student Name and ID:

Referencing: Harvard

Words: 2021

Lecturer:

Chapter 1: Introduction

(i) Background

Artificial intelligence is the simulation of human behavior in a machine (Bresniker et al., 2019). They are programmed in a way that makes machines think like humans and also mimic human behaviors. There are many applications of AI. One such application area is in analyzing the cyber risk and theta area. In today’s world, the most system runs digitally and over the internet. As a result, these sites, are highly susceptible to cyber-attacks and threats. With Secure AI’s advanced endpoint detection and response technique, these threats can be hunted down for making the systems secure and effective for the users (Tmobile, 2022).

(ii) Research Questions

The following research questions will be addressed through the study.

RQ 1: Why is secure AI the best method for hunting cyber threats?

RQ2: How applicable is secure AI’s endpoint detection and response technique when it comes to hunting cyber threats?

(iii) Description of the research problem and research-issue

In companies and organizations, even with tight lockdowns and security means it is inevitable that a threat gets past the first line of defense. Whenever this incident occurs. The organization would be needing specific tools which can proactively patrol their environment while identifying and eliminating any threat associated with the system. This security can be appropriated using Artificial Intelligence or Secure AI. The secure AI can proactively hunt and also respond to several threats and malicious behavior across a systems endpoint like in PC. laptop, servers. This is done by examining data behavior and certain abnormalities.

(iv) Goal of the study

The goal of the literature review section would be to have a critical and comprehensive analysis of the state of the art of the selected research topic by examining the work and perception of other writers. The goal of the spiral evaluation would be to identify some common or basic approach and solution to the given topic on a testbed setup with the help of some relevant software toolkit and framework.

Chapter 2: Literature Review

2.1 Taxonomy

The taxonomy of the study is presented in the table shown below.

Characteristics

Categories

Focus

Research outcome: Determine how Secure AI can hunt cyber theta through endpoint detection and response measures.

Research methods: Systematic literature review method

Theories related to a cyber security threat and secure AI are to be assessed.

The application of secure AI endpoint detection for cyber threat mitigation to be used

Goal

To address the proposed research question.

Identifying the research central issue

Perspective

Neutral representation

Espousal for a position.

Coverage

Exhaustive

Representative

Organization

Organizations who want to prevent cyber threats with secure AI.

Audience

Students who wish to participate in AI focused cyber security detection.

Scholars and researchers.

Table 1: Taxonomy of Research

(Source: Adopted from Glock, 2022)

2.2 Overview of an existing approach, elaboration of major approaches and perspectives

According to the industry report named “4 robust-solution-to-fight cyber criminals”, in the year 2019, cybercrime cost businesses around 2 trillion USD IN revenue loss (Tmobile (c), 2022). The report also states that by the end of 2022, worldwide spending on cybersecurity will reach around 133.7 billion USD. This indicated or reflected upon the fact that organizations need to be serious and concentrate more on addressing the cyber threat to the earliest stage as otherwise the organization is bound to expense loss of assets and money from the cyber-attacks.

Truong et al., (2020), highlighted that there has been an everlasting demand for robust security upon the evolving technology. Since the need for security measures is increasing, conventional solutions would not be capable enough to provide security to advanced threats like various DoS attacks, malicious attacks, bugs, and malware. For addressing these issues, efficient and flexible “security methods” are very important. In this context, it is important to note that the first line of security defense like the firewall, user authentication, and data encryption are not quite appropriate or enough for covering the whole system’s “security need” and covering certain challenges while considering the everlasting-intrusion methods. Tmobile (2022), reported that even if organizations possess lockdown and security measures, it is quite inevitable that the theta can get past the first line of cyber security defense. This report also highlights that in this circumstance secure AI is the ideal solution for eliminating these advanced threats.

Tmobile (2022) highlighted that secure AI follows a data collection approach for their operation and addressing of cyber risks. By appropriately collecting data and analyzing the data behaviour using AI cybersecurity, organizations or users can easily identify the malicious operation and can take immediate measures. Secure AI offers a smarter net for emerging threats. This secure AI is a comprehensive and intelligent solution against hacking in devices such as PC, mobile, and laptops, They deliver certain prevention measures and endpoint detection and response which include managed “threat hunting” and threat intelligence.

When it comes to the working approach of secure AI, they integrate the three core elements of security inside a single agent. Soni (2019) mentioned that this approach allows them to protect their organization from advanced threats at various stages of the cyber-attacks like the detection, prevention and different remediation capability. The organization needs to adopt a “zero trust” mentality approach for protecting itself from potentially catastrophic cyber-attacks. This approach would help the organization in guarding against potential threats and issues (Chehri et al., 2021). It reflects upon taking a proactive approach to how an organization can monitor their people, system or their services while using its network. In organizations, there are several ways through which hackers can have access to the network.

The avenue in the organization’s system needed specific cyber security solutions for ensuring that their data is protected. Once a user or organization reviews the cyber security needs of the organization, they need to evaluate certain options that provide this kind of protection. For instance (Tmobile (b), 2022) reflected that perimeter protection protects the company system, network and data from external threats. If organizations use private network access, then they will get secure access to some specific company apps and the data that is needed without having to open the whole network. Sometimes the organization also seeks mobile device protection. As per Cheatham et al., (2019), mobile device protection allows the organization, workers and employees in protecting their devices regardless of the network access to the internet. The organization also need to consider certain monitoring and remediation measures for proactively searching for PC, tablets, servers and thread that can quickly detect the issues and also provide remediation.

The question arises as to why one should select secure AI for cyber threat detection over other measures. In this context, some of the characteristics, functions and approaches of secure AI need to be examined to understand why a user should select secure AI for their cyber security masters. Grachev et al., (2021) highlighted that the secure AI by itself does not just match the endpoint data against the known indicator of the compromise or IOC. They have the capability in spotting threat activities in the system that otherwise gets overlooked while using traditional models or approaches of cyber security measures. With secure AI, one can see “never-before-seen” that, file-less malware and even lateral movements which are hard to spot in systems. The secure AI generally prevents alert fatigue in the system by making use of AI for fulfilling related items of an attack so that they can visualize the whole attack story by incorporating the “end-to-end” context for a malicious threat.

2.3 Critical Discussion

The secure AI can proactively hunt for the response to threats and also highlights malicious behavior across system endpoints. The Secure AI is designed in a way for countering alert fatigue when the user system gets desensitized to theta alerts which don’t amount to anything. According to Wirkuttis and Klein (2017), the secure AI solution would generally determine if the theta posed on the system is real or false before alerting the main user. The secure AI also recommends responses based on the threat level. As per Tmobile (2022), Secure AI works on the principle of analyzing historical data behavior. They have the capability in learning and also date towards the detection and response to newer and unfamiliar threats. As seen in the earlier section, organizations wishing to incorporate secure AI need to have a zero-trust mentality. This is because in organizations, the threat can occur and exit from anywhere (Samtani et al., 2020). It can even occur from an organization’s internal employee accessing a vulnerable app via a cloud. It can even come from a mobile user or employee logging in from some sort of unsecured Wifi connection. The secure network can lead to phishing, and it can crash the whole system of the organization. Every device along with the connection may pose a risk for the user and organization (Tao et al., 2021). Hence it is vital to check and analyze the true threat and take appropriate measures. In this context, the secure AI if deployed successfully can analyze and identify these true threats and can recommend appropriate measures that seem suitable for the circumstances.

As per Brundage et al., (2018); Tmobile (2022), secure AI can act as the initial line of defense for the organization’s data. As newer security threats and various network vulnerabilities have emerged, it became hard for the organization and used to keep up. With the help of secure AI, the organization can introduce certain security measures and technologies and also expertise to their network. This results in protecting the system from newer kinds of cyber threats. Secure AI offers more visibility and transparency across the device and system data. Though secure AI defined “cyber protection capabilities” over a single endpoint sensor can be discovered and managed. The secure AI also offers a contextual threat analysis for reducing the false positives and only addresses the true threat thereby eliminating time and resource wastages. The secure AI also considers the whole picture when it comes to theta detention in the system when compared to traditional methods (Samtani et al., 2020). In the traditional or another method, in many cases, the true theta is not android from the false theta and as a result that leads to a waste of time and resources. The secure AI approach does more to identify the true theta and recommend actions on these true threats. They mostly focus on identifying the theta from the systems endpoints which are a key source of hacking attempts by hackers.

Chapter 5: Conclusion and Outlook

In companies and organizations, indeed with tight lockdowns and security implies it is truly inescapable that risk gets past the primary line of defense. At whatever point this occurrence happens. The organization would be requiring particular instruments or tools which can proactively watch their environment while recognizing and killing any danger related to the framework. This specific sort of security can be appropriated while utilizing Secure AI. From this research, it is determined that secure AI end-point decision measures are highly applicable when it comes to identifying cyber threats and issues. The reason the secure AI approach is more popular than the traditional approach is that this approach looks at the whole picture and identifies the true theta instead of the false threat. Doing so saves the organization and user a lot of time and resources. Much research was undertaken to identify the importance of secure AI. The reason why organizations need to focus on cybersecurity is beau’s it will otherwise lead to a huge revenue loss for the organization The hackers and phishers apply various updated and enhanced measures for hacking into the organization’s system. With the traditional approach, it may have been very difficult to identify and analyze all these threats. From the research, it was discovered that secure AI can proactively hunt and respond to these newer threats across the endpoints of the system. The endpoints are the area where hackers generally inject a virus or phishing link to enter the system. Secure AI tries to repair these areas effectively to prevent hacking attempts.

References

Bresniker, K., Gavrilovska, A., Holt, J., Milojicic, D. and Tran, T., 2019. Grand challenge: applying artificial intelligence and machine learning to cybersecurity. Computer, 52(12), pp.45-52. https://www.academia.edu/download/67931950/08909930.pdf

Brundage, M., Avin, S., Clark, J., Toner, H., Eckersley, P., Garfinkel, B., Dafoe, A., Scharre, P., Zeitzoff, T., Filar, B. and Anderson, H., 2018. The malicious use of artificial intelligence: Forecasting, prevention, and mitigation. arXiv preprint arXiv:1802.07228. https://arxiv.org/abs/1802.07228

Cheatham, B., Javanmardian, K. and Samandari, H., 2019. Confronting the risks of artificial intelligence. McKinsey Quarterly, 2, p.38. https://www.cognitivescale.com/wp-content/uploads/2019/06/Confronting_AI_risks_-_McKinsey.pdf

Chehri, A., Fofana, I. and Yang, X., 2021. Security risk modeling in smart grid critical infrastructures in the era of big data and artificial intelligence. Sustainability, 13(6), p.3196. https://www.mdpi.com/2071-1050/13/6/3196/pdf

Glock, C., 2022. Systematic literature reviews in purchasing and supply management research: A tertiary study – Scientific Figure on ResearchGate. Available from: https://www.researchgate.net/figure/Taxonomy-of-Literature-Reviews_tbl1_264439617 [accessed 17 Oct, 2022]

Groshev, M., Guimarães, C., Martín-Pérez, J. and de la Oliva, A., 2021. Toward intelligent cyber-physical systems: Digital twin meets artificial intelligence. IEEE Communications Magazine, 59(8), pp.14-20. https://e-archivo.uc3m.es/bitstream/handle/10016/33912/Towards_CM_2021_ps.pdf?sequence=1

Samtani, S., Kantarcioglu, M. and Chen, H., 2020. Trailblazing the artificial intelligence for cybersecurity discipline: a multi-disciplinary research roadmap. ACM Transactions on Management Information Systems (TMIS), 11(4), pp.1-19. https://dl.acm.org/doi/pdf/10.1145/3430360

Soni, V.D., 2019. Role of Artificial Intelligence in Combating Cyber Threats in Banking. International Engineering Journal For Research & Development, 4(1), pp.7-7. https://www.academia.edu/download/63947012/1020200717-18417-d6nki8.pdf

Tao, F., Akhtar, M.S. and Jiayuan, Z., 2021. The future of artificial intelligence in cybersecurity: a comprehensive survey. EAI Endorsed Transactions on Creative Technologies, 8(28), pp.e3-e3. https://publications.eai.eu/index.php/ct/article/download/1418/1227

Tmobile (b), T., 2022. 4 simple ways to fight cybercriminals. [online] Tmobile. Available at: <https://www.t-mobile.com/business/solutions/security/secure-ai> [Accessed 17 October 2022].

Tmobile (c), T., 2022. 4 robust ways to fight cybercriminals. [online] Tmobile. Available at: <https://www.t-mobile.com/business/solutions/security/secure-ai> [Accessed 17 October 2022].

Tmobile, T., 2022. Secure AI | AI Security with Endpoint Detection & Response | T-Mobile for Business. [online] T-mobile.com. Available at: <https://www.t-mobile.com/business/solutions/security/secure-ai> [Accessed 17 October 2022].

Truong, T.C., Zelinka, I., Plucar, J., Čandík, M. and Šulc, V., 2020. Artificial intelligence and cybersecurity: Past, presence, and future. In Artificial intelligence and evolutionary computations in engineering systems (pp. 351-363). Springer, Singapore. Available at https://www.researchgate.net/profile/Srinivasan-Rajendran/publication/342638144_Book_Series_springerfeb_2020/links/5efde532458515505084b739/Book-Series-springerfeb-2020.pdf#page=359

Wirkuttis, N. and Klein, H., 2017. Artificial intelligence in cybersecurity. Cyber, Intelligence, and Security, 1(1), pp.103-119. https://www.academia.edu/download/52464497/Artificial_Intelligence_in_Cybersecurity.pdf