Makerere University

Enter a keyword or two into the search box above and click search..

Cyber Security and Machine Learning

You are here

By Kyomuhendo Esther Diana

Today, many people may have heard about Machine Learning, but they do not know what exactly it is, how it is working for a business or which type of business-related problems it can solve.

First of all, do we know what Machine Learning is?

Machine learning is an area of computer science and a particular application of data science that includes developing and deploying algorithms to provide a computer, a software program, or a process with the ability to learn without being explicitly programmed. We have seen AI and Machine learning — this both are rapidly prominence in recent years. Many well-known enterprises such as Google, Amazon, and Microsoft Azure are quickly launching Cloud Machine learning platforms.

Machine learning is one of the main pillars of cybersecurity. This branch of AI is used in most solutions that guarantee data and information security. It’s a technology that allows people to stay safe, helping them block threats, such as malware and phishing and to identify vulnerabilities.

Some of the benefits and examples of machine learning include;

  • Easily identifies trends and patterns Machine Learning can review large volumes of data and discover specific trends and patterns that would not be apparent to humans. For instance, for an e-commerce website like Amazon, it serves to understand the browsing behaviors and purchase histories of its users to help cater to the right products, deals, and reminders relevant to them. It uses the results to reveal relevant advertisements to them.

  • No human intervention needed (automation) With ML, you don’t need to babysit your project every step of the way. Since it means giving machines the ability to learn, it lets them make predictions and also improve the algorithms on their own. A common example of this is anti-virus softwares; they learn to filter new threats as they are recognized. ML is also good at recognizing spam.

  • Continuous Improvement As ML algorithms gain experience, they keep improving in accuracy and efficiency.

  • Handling multi-dimensional and multi-variety data Machine Learning algorithms are good at handling data that are multidimensional and multi-variety, and they can do this in dynamic or uncertain environments.

  • Wide Applications You could be an e-tailer or a healthcare provider and make ML work for you. Where it does apply, it holds the capability to help deliver a much more personal experience to customers while also targeting the right customers.

But like every coin has two faces, each with its own properties, its time to uncover the faces of ML. My goal is to show you that even though cybersecurity solutions are evolving, malware, phishing and other threats are evolving as well. Through using artificial intelligence and machine learning, cyber threats and their creators have found new ways to spy, sabotage, spoof, destroy and commit frauds.

These below are the ways AI makes it easy for cybercriminals;

  • Machine learning potentiates the attacks that use social engineering. It leverages criminal actions by allowing them to collect information about companies, employees and partners more easily and quickly.

  • ML is often used in cases of Spam, phishing and spear phishing to train artificial intelligence with the goal of creating situations similar to real ones. Example: cybercriminals may use algorithms to understand the pattern of automated emails sent to develop fake messages that look like real ones.

  • At some point, many cyber attacks use some form of malware, such as ransomware, trojan or spyware Most malware infections occur by email and use attachments and malicious links. AI and ML have been used by hackers for the development of increasingly clever malware. There is malware capable of adapting to protection systems. This is what we call evasion techniques used by malware. In the end, we can say that it’s a struggle between bad machine learning versus good machine learning.

  • Vulnerability discovery: Vulnerabilities are errors and bugs that allow applications to be hacked. AI and ML help to identify these errors and bugs more quickly and easily. In the past, for example, an error could be identified within weeks. Today the same error could be identified in minutes, depending on the case. The problem comes when these errors are used for dark purposes.

  • Machine learning algorithms can be used by cybercriminals in cases of violation of captchas and passwords. In the case of captchas, ML allows the criminals to train their bot (or robot) to overcome some protection barriers. Likewise, ML helps crooks in cases of brute-force attacks for the discovery of passwords and credentials.

  • Several parts and phases of an attack can be automated with the help of machine learning. Imagine that a hacker created a phishing email. He needs to send the email in small quantities to certain groups each time. Algorithms can help him with this. DDoS attacks, which use botnets or zombie machines, often involve the use of algorithms to coordinate attacks and make them more lethal.

In conclusion, I don’t write this article to discourage anyone or cause fear. It's only important for people to know that Machine Learning and Artificial intelligence are so used by criminals. Despite that, these two stand out as the main solutions to most cyber threats and attacks. They help to predict, identify and block malicious emails or any other attacks. The goal is to always be ahead of the criminals. That’s how the game is played.