Cyber security comprises the protection of computer systems from theft or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide. This field has gained increased prominence in the wake of a growing reliance on computing devices and wireless networks. Artificial Intelligence, with the help of its key technologies, is well poised to enhance the security of contemporary IT systems.

• Natural Language Processing: Spam mail is an easy way to carry out a phishing attack by luring innocent people into sharing sensitive personal information. Using NLP techniques such as Part of Speech tagging and Word Stemming, it is possible to detect suspicious contents in phishing mails, such as absence of recipient’s name, promise for free money, reply inducing sentences, and so on. Google, for instance, uses its open-source machine learning framework TensorFlow for spam filtering.
• Machine Learning: Fake and abusive accounts on social media are being called out using ML approaches. Facebook, for instance, uses an ML framework called Deep Entity Classification (DEC) to detect fraudulent accounts that conduct malicious activities for economic, political, and personal gain.
• Computer vision: Computer vision has enabled biometric authentication such as face, fingerprint and iris recognition, hence creating an additional safeguard for cyber protection. Additionally, computer vision methods can be applied in network security (such as for phishing, malware and traffic anomaly detection), primarily through the use of image-based ML methods such as Convolutional Neural Networks (CNNs) on data related to network security.
• Neural Networks: Neural networks have been quite successful at spotting malicious domains created using Domain Generation Algorithms (DGAs). The randomness of the domain names and meaningless groups of letters makes them fairly easy to use as training models for a neural network, which can easily start blacklisting after seeing enough of these DGAs.
• Cognitive computing: Threat detection and threat intelligence are enhanced manifold using the cognitive abilities to automatically ingest, weigh, discriminate and evaluate immense quantities of data. Cognitive computing enables cyber security systems to detect subtle anomalies and attack patterns, scan for vulnerabilities, propose corrective action, and also prepare proactively for an adversarial attack.

Image by Darwin Laganzon from Pixabay