AI-Enabled System for Efficient and Effective Cyber Incident Detection and Response in Cloud Environments
- URL: http://arxiv.org/abs/2404.05602v2
- Date: Wed, 10 Apr 2024 15:01:40 GMT
- Title: AI-Enabled System for Efficient and Effective Cyber Incident Detection and Response in Cloud Environments
- Authors: Mohammed Ashfaaq M. Farzaan, Mohamed Chahine Ghanem, Ayman El-Hajjar, Deepthi N. Ratnayake,
- Abstract summary: The escalating sophistication and volume of cyber threats in cloud environments necessitate a paradigm shift in strategies.
This research explores the application of AI and ML and proposes an AI-powered cyber incident response system for cloud environments.
The findings highlight the effectiveness of the Random Forest model, achieving an accuracy 90% for the Network Traffic and 96% for the Malware Analysis Dual Model application.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The escalating sophistication and volume of cyber threats in cloud environments necessitate a paradigm shift in strategies. Recognising the need for an automated and precise response to cyber threats, this research explores the application of AI and ML and proposes an AI-powered cyber incident response system for cloud environments. This system, encompassing Network Traffic Classification, Web Intrusion Detection, and post-incident Malware Analysis (built as a Flask application), achieves seamless integration across platforms like Google Cloud and Microsoft Azure. The findings from this research highlight the effectiveness of the Random Forest model, achieving an accuracy of 90% for the Network Traffic Classifier and 96% for the Malware Analysis Dual Model application. Our research highlights the strengths of AI-powered cyber security. The Random Forest model excels at classifying cyber threats, offering an efficient and robust solution. Deep learning models significantly improve accuracy, and their resource demands can be managed using cloud-based TPUs and GPUs. Cloud environments themselves provide a perfect platform for hosting these AI/ML systems, while container technology ensures both efficiency and scalability. These findings demonstrate the contribution of the AI-led system in guaranteeing a robust and scalable cyber incident response solution in the cloud.
Related papers
- Enhancing Critical Infrastructure Cybersecurity: Collaborative DNN Synthesis in the Cloud Continuum [0.0]
Researchers are exploring the integration of IoT and the cloud continuum, together with AI, to enhance the cost-effectiveness and efficiency of critical infrastructure (CI) systems.
This integration, however, increases susceptibility of CI systems to cyberattacks, potentially leading to disruptions like power outages, oil spills, or even a nuclear mishap.
We propose an innovative approach that utilizes trained edge cloud models to synthesize central cloud models.
arXiv Detail & Related papers (2024-05-23T00:36:45Z) - Feature Selection using the concept of Peafowl Mating in IDS [2.184775414778289]
Cloud computing provides services that are Infrastructure based, Platform based and Software based.
The popularity of this technology is due to its superb performance, high level of computing ability, low cost of services, scalability, availability and flexibility.
The obtainability and openness of data in cloud environment make it vulnerable to the world of cyber-attacks.
To detect the attacks Intrusion Detection System is used, that can identify the attacks and ensure information security.
arXiv Detail & Related papers (2024-02-03T06:04:49Z) - Physics-Informed Convolutional Autoencoder for Cyber Anomaly Detection
in Power Distribution Grids [0.0]
This paper proposes a physics-informed convolutional autoencoder (PIConvAE) to detect stealthy cyber-attacks in power distribution grids.
The proposed model integrates the physical principles into the loss function of the neural network by applying Kirchhoff's law.
arXiv Detail & Related papers (2023-12-08T00:05:13Z) - When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures.
We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN.
Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
arXiv Detail & Related papers (2023-06-09T14:33:26Z) - Scalable, Distributed AI Frameworks: Leveraging Cloud Computing for
Enhanced Deep Learning Performance and Efficiency [0.0]
In recent years, the integration of artificial intelligence (AI) and cloud computing has emerged as a promising avenue for addressing the growing computational demands of AI applications.
This paper presents a comprehensive study of scalable, distributed AI frameworks leveraging cloud computing for enhanced deep learning performance and efficiency.
arXiv Detail & Related papers (2023-04-26T15:38:00Z) - Proceedings of the Artificial Intelligence for Cyber Security (AICS)
Workshop at AAAI 2022 [55.573187938617636]
The workshop will focus on the application of AI to problems in cyber security.
Cyber systems generate large volumes of data, utilizing this effectively is beyond human capabilities.
arXiv Detail & Related papers (2022-02-28T18:27:41Z) - Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the
Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers.
We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions.
We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z) - Edge-Cloud Polarization and Collaboration: A Comprehensive Survey [61.05059817550049]
We conduct a systematic review for both cloud and edge AI.
We are the first to set up the collaborative learning mechanism for cloud and edge modeling.
We discuss potentials and practical experiences of some on-going advanced edge AI topics.
arXiv Detail & Related papers (2021-11-11T05:58:23Z) - Automating Privilege Escalation with Deep Reinforcement Learning [71.87228372303453]
In this work, we exemplify the potential threat of malicious actors using deep reinforcement learning to train automated agents.
We present an agent that uses a state-of-the-art reinforcement learning algorithm to perform local privilege escalation.
Our agent is usable for generating realistic attack sensor data for training and evaluating intrusion detection systems.
arXiv Detail & Related papers (2021-10-04T12:20:46Z) - The Feasibility and Inevitability of Stealth Attacks [63.14766152741211]
We study new adversarial perturbations that enable an attacker to gain control over decisions in generic Artificial Intelligence systems.
In contrast to adversarial data modification, the attack mechanism we consider here involves alterations to the AI system itself.
arXiv Detail & Related papers (2021-06-26T10:50:07Z) - Artificial Intelligence and Machine Learning in 5G Network Security:
Opportunities, advantages, and future research trends [5.431496585727341]
5G networks' primary selling point has been higher data rates and speed.
As 5G networks' primary selling point has been higher data rates and speed, it will be difficult to tackle wide range of threats.
This article presents AI and ML driven applications for 5G network security.
arXiv Detail & Related papers (2020-07-09T01:02:13Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.