AI and machine learning: A mixed blessing for cybersecurity

While the usage of Artificial Intelligence and Machine Learning Software (AI/MLS) in defensive cybersecurity has received considerable attention, there remains a noticeable research gap on their offensive use. This paper reviews the defensive usage of AI/MLS in cybersecurity and then presents a survey of its offensive use. Inspired by the System-Fault-Risk (SFR) framework, we categorize AI/MLS-powered cyberattacks by their actions into seven categories. We cover a wide spectrum of attack vectors, discuss their practical implications and provide some recommendations for future research.

[1]  Zhenlong Yuan,et al.  DroidDetector: Android Malware Characterization and Detection Using Deep Learning , 2016 .

[2]  Jinyin Chen,et al.  DAD-MCNN: DDoS Attack Detection via Multi-channel CNN , 2019, ICMLC '19.

[3]  H. Anderson,et al.  Evading Machine Learning Malware Detection , 2017 .

[4]  Oleg Starostenko,et al.  Breaking reCAPTCHAs with Unpredictable Collapse: Heuristic Character Segmentation and Recognition , 2012, MCPR.

[5]  Shreyas Sen,et al.  Practical Approaches Toward Deep-Learning-Based Cross-Device Power Side-Channel Attack , 2019, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[6]  Yunsick Sung,et al.  Long short-term memory-based Malware classification method for information security , 2019, Comput. Electr. Eng..

[7]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[8]  Ning Yu,et al.  A Low-Cost Approach to Crack Python CAPTCHAs Using AI-Based Chosen-Plaintext Attack , 2019 .

[9]  Kheng Cher Yeo,et al.  Critical review of machine learning approaches to apply big data analytics in DDoS forensics , 2018, 2018 International Conference on Computer Communication and Informatics (ICCCI).

[10]  Yoojae Won,et al.  Analysis of operating system identification via fingerprinting and machine learning , 2019, Comput. Electr. Eng..

[11]  Damon McCoy,et al.  Fuzzing E-mail Filters with Generative Grammars and N-Gram Analysis , 2015, WOOT.

[12]  Jinchang Ren,et al.  TKRD: Trusted kernel rootkit detection for cybersecurity of VMs based on machine learning and memory forensic analysis. , 2019, Mathematical biosciences and engineering : MBE.

[13]  Nan Ding,et al.  Real-time anomaly detection based on long short-Term memory and Gaussian Mixture Model , 2019, Comput. Electr. Eng..

[14]  Romain Poussier,et al.  Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version , 2018, Journal of Cryptographic Engineering.

[15]  Fernando Pérez-Cruz,et al.  PassGAN: A Deep Learning Approach for Password Guessing , 2017, ACNS.

[16]  Adam Doupé,et al.  Deep Android Malware Detection , 2017, CODASPY.

[17]  Chuck Easttom,et al.  A Methodological Approach to Weaponizing Machine Learning , 2019, AIAM.

[18]  Wei Wang,et al.  Web Phishing Detection Using a Deep Learning Framework , 2018, Wirel. Commun. Mob. Comput..

[19]  Xuan Dau Hoang,et al.  Botnet Detection Based On Machine Learning Techniques Using DNS Query Data , 2018, Future Internet.

[20]  Hongxin Hu,et al.  Rallying Adversarial Techniques against Deep Learning for Network Security , 2019, 2021 IEEE Symposium Series on Computational Intelligence (SSCI).

[21]  Alejandro Correa Bahnsen,et al.  DeepPhish : Simulating Malicious AI , 2018 .

[22]  Ming Zhu,et al.  End-to-end encrypted traffic classification with one-dimensional convolution neural networks , 2017, 2017 IEEE International Conference on Intelligence and Security Informatics (ISI).

[23]  Ying Tan,et al.  Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN , 2017, DMBD.

[24]  Stefan Axelsson,et al.  The Normalised Compression Distance as a file fragment classifier , 2010, Digit. Investig..

[25]  Yalin E. Sagduyu,et al.  Deep Learning for Launching and Mitigating Wireless Jamming Attacks , 2018, IEEE Transactions on Cognitive Communications and Networking.

[26]  Nong Ye,et al.  A System-Fault-Risk Framework for cyber attack classification , 2006, Inf. Knowl. Syst. Manag..

[27]  Shreyas Sen,et al.  X-DeepSCA: Cross-Device Deep Learning Side Channel Attack* , 2019, 2019 56th ACM/IEEE Design Automation Conference (DAC).

[28]  Pierre Lison,et al.  Automatic Detection of Malware-Generated Domains with Recurrent Neural Models , 2017, ArXiv.

[29]  S. Biswas Intrusion Detection Using Machine Learning: A Comparison Study , 2018 .

[30]  Yi Shi,et al.  IoT Network Security from the Perspective of Adversarial Deep Learning , 2019, 2019 16th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON).

[31]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[32]  F. Mitchell,et al.  The use of Artificial Intelligence in digital forensics: An introduction , 2014 .

[33]  Walter Fuertes,et al.  Classification of Phishing Attack Solutions by Employing Deep Learning Techniques: A Systematic Literature Review , 2019, MICRADS.

[34]  Hyrum S. Anderson,et al.  The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation , 2018, ArXiv.

[35]  Joos Vandewalle,et al.  Machine learning in side-channel analysis: a first study , 2011, Journal of Cryptographic Engineering.

[36]  A. Keromytis,et al.  I'm Not a Human: Breaking the Google reCAPTCHA , 2016 .

[37]  Howon Kim,et al.  Applying Recurrent Neural Network to Intrusion Detection with Hessian Free Optimization , 2015, WISA.

[38]  Drue Coles,et al.  Predicting the types of file fragments , 2008, Digit. Investig..

[39]  Minghe Sun,et al.  Sceadan: Using Concatenated N-Gram Vectors for Improved File and Data Type Classification , 2013, IEEE Transactions on Information Forensics and Security.

[40]  Antonio Pescapè,et al.  Mobile Encrypted Traffic Classification Using Deep Learning , 2018, 2018 Network Traffic Measurement and Analysis Conference (TMA).

[41]  Rong Li,et al.  File Fragment Classification Using Grayscale Image Conversion and Deep Learning in Digital Forensics , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[42]  Hyrum S. Anderson,et al.  Predicting Domain Generation Algorithms with Long Short-Term Memory Networks , 2016, ArXiv.

[43]  Battista Biggio,et al.  Digital Investigation of PDF Files: Unveiling Traces of Embedded Malware , 2017, IEEE Security & Privacy.

[44]  Andrei Petrovski,et al.  Botnet Detection in the Internet of Things using Deep Learning Approaches , 2018, 2018 International Joint Conference on Neural Networks (IJCNN).

[45]  T. Gireesh Kumar,et al.  Advance Persistent Threat Detection Using Long Short Term Memory (LSTM) Neural Networks , 2019 .

[46]  Yang Gao,et al.  Apply Stacked Auto-Encoder to Spam Detection , 2015, ICSI.

[47]  Zeynep Turgut,et al.  Phishing Analysis of Websites Using Classification Techniques , 2019 .

[48]  Shashank Gupta,et al.  A Prototype Method to Discover Malwares in Android-based Smartphones through System Calls , 2019 .

[49]  Yoshua Bengio,et al.  Generative Adversarial Nets , 2014, NIPS.

[50]  Ammar Almomani,et al.  Machine Learning for Phishing Detection and Mitigation , 2019 .

[51]  Aristidis Likas,et al.  Deep Belief Networks for Spam Filtering , 2007 .

[52]  Ferhat Özgür Çatak,et al.  Distributed denial of service attack detection using autoencoder and deep neural networks , 2019, J. Intell. Fuzzy Syst..

[53]  Nickson M. Karie,et al.  Diverging deep learning cognitive computing techniques into cyber forensics , 2019, Forensic Science International.

[54]  Mahdi Jafari Siavoshani,et al.  Deep packet: a novel approach for encrypted traffic classification using deep learning , 2017, Soft Computing.

[55]  Masayuki Murata,et al.  Malicious URL sequence detection using event de-noising convolutional neural network , 2017, 2017 IEEE International Conference on Communications (ICC).

[56]  Ali Dehghantanha,et al.  Machine learning aided Android malware classification , 2017, Comput. Electr. Eng..

[57]  Kemal Davaslioglu,et al.  Adversarial Deep Learning for Cognitive Radio Security: Jamming Attack and Defense Strategies , 2018, 2018 IEEE International Conference on Communications Workshops (ICC Workshops).

[58]  Brendan Dolan-Gavitt,et al.  BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain , 2017, ArXiv.

[59]  Hui Ma,et al.  Deep Learning Based Attack On Social Authentication System , 2019, 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC).

[60]  Hai Anh Tran,et al.  A LSTM based framework for handling multiclass imbalance in DGA botnet detection , 2018, Neurocomputing.

[61]  Brian Hutchinson,et al.  Deep Learning for Unsupervised Insider Threat Detection in Structured Cybersecurity Data Streams , 2017, AAAI Workshops.

[62]  Meikang Qiu,et al.  AI Enhanced Automatic Response System for Resisting Network Threats , 2019, SmartCom.

[63]  Hyrum S. Anderson,et al.  DeepDGA: Adversarially-Tuned Domain Generation and Detection , 2016, AISec@CCS.

[64]  Xin Liu,et al.  Deep Learning for Encrypted Traffic Classification: An Overview , 2018, IEEE Communications Magazine.

[65]  P. J. García-Nieto,et al.  Review: machine learning techniques applied to cybersecurity , 2019, International Journal of Machine Learning and Cybernetics.