AI-Driven Cybersecurity
This project aims to leverage advanced Machine Learning (ML) techniques to enhance cybersecurity by detecting and mitigating threats in real-time. The focus is also on developing adversarial ML defenses, which are crucial for securing AI systems against sophisticated attacks. The project’s scope covered the following key areas:
-
AI-Driven Threat Detection:
Develop and implement AI models to detect potential security threats by analyzing vast amounts of system data. The models identify anomalies in network traffic, user behavior, and application logs to spot indicators of compromise (IoCs).
- Utilize both supervised and unsupervised learning algorithms to improve threat detection accuracy.
- Integrate real-time data streams for prompt detection and response to evolving threats.
-
Adversarial Machine Learning (AML) Defense Strategies:
Focuses on defending ML models against adversarial attacks that attempt to manipulate AI algorithms by injecting malicious data inputs. Explore techniques to harden models and reduce their susceptibility to adversarial examples.
- Implement adversarial training by generating adversarial examples and retraining models to improve their robustness.
- Utilize techniques like input preprocessing and gradient masking to counter adversarial threats.
-
Cyber Threat Intelligence (CTI) with AI:
Incorporate ML to improve cyber threat intelligence (CTI), automating the identification and classification of attack patterns and cybercriminal tactics, techniques, and procedures (TTPs).
- Develop ML models that predict and prevent potential attacks based on historical data and current threat landscapes.
-
Vulnerability Prediction and Mitigation:
Use ML models to predict software vulnerabilities based on code analysis, historical vulnerability data, and other indicators. The models provides recommendations for patching or mitigating potential risks before they get exploited.
Skills Applied:
- ML for Threat Detection: Leverage ML algorithms, such as decision trees, neural networks, and clustering techniques, to detect anomalies and cybersecurity threats.
- Adversarial ML Defenses: Develop techniques to defend against adversarial attacks, including adversarial retraining and gradient masking.
- AI-Driven Threat Intelligence: Automate the classification and analysis of cyber threats using ML models.
- Vulnerability Prediction: Predict software vulnerabilities and recommend mitigations based on ML-driven insights.
This project highlights the potential of AI and ML in fortifying cybersecurity defenses, focusing on real-time threat detection, adversarial ML defenses, and proactive vulnerability mitigation strategies.
Related Topics:
A Good Path to Start with:
- Software Security Analysis in 2030 and Beyond
- Adversarial Attacks and Defenses in Deep Learning
- Strategic Defense Against Adversarial Attacks
- Defending Against Adversarial Attacks - Randomized Diversification
- Adversarial Attack and Defense in RL
- Defense Against Adversarial Attacks - Feature Scattering
- Defense Against Adversarial Attacks - Guided Denoiser
- Adversarial Attacks and Defenses
- A Practical Defense Against Attribute Inference Attacks
- Stateful Defense Against Adversarial Query Attacks
- Security is not my field, Im a stats guy
- Large-Scale Deep Learning Models Stealing
- Adversarial Preprocessing: Understanding and Preventing
- Model and Data Independent Membership Inference Attacks
- Evading Provenance-Based ML Detectors
- Dos and Donts of Machine Learning
- Scalable Defense for Neural Networks
- Why Do Adversarial Attacks Transfer?
- Sparsity Brings Vulnerabilities
Sanoop Mallissery, Ph.D.
Lecturer
School of Information Technology
My research interests include advancing dependable systems security, privacy preservation, and cybersecurity in Operational Technology (OT) and Industrial Control Systems (ICS).