Essay: AI's Role In Shifting Offense-defense Balance In Cyberspace.

Application of artificial intelligence in software and network security

Question:

Discuss about the Design and Implementation of Simulation.

This report is about role of artificial intelligence (AI) in shifting the balance of offense and defense in cyberspace with debate on the fact that whether cyberspace at present is offensive or defensive in nature (Ramchurn et al., 2012). The following report consist of two examples of application of artificial intelligence which is applied to software or network security. A proper analysis has been carried out on estimating the impact of AI which will affect the balance of offense and defense in cybersapce. Two of popular technologies that is artificial intelligence and machine learning has been discussed in details. At the present the popular issue which is being faced by various organization is the theft of information (Obrst, Chase and Markeloff., 2012). Autonomous malware is established by making use of methods or techniques of machine learning. Various experts round the globe are working on the idea of reducing the effect of one AI system over another AI system.

Hacking which is possibly achieved by this system creates a path or way for altering the direction of original system and has the power and capability to easily access data containing vital or important information. Offensive cyber security will play an important role in changing or altering various methods of protection of threat (Goztepe, 2012). As there is rapid increase in the connectivity of devices with the various technologies like cloud, development of application and many other technologies have established a platform for different attackers and has forced the defenders in checking more parameters. When AI is implemented to various security problems then it can help in prevention of various cyber-attacks and helps in protection of privacy. Offense defense theory better known as theory of dilemma is a positive theory which is based on various international politics (Scherer., 2015). This theory depends on six factors namely mobility, protection, communication, firepower, detection and logistics.

Artificial intelligence and machine learning technologies are used now days used widely all over the globe. Many of this advanced technology have benefited the society. Due to the advancement in machine learning computing power, collection of data and capacity of storage also increases. In respect to cyber security the new methods and weakness can be easily analyzed to overcome the problem of further attacks in near future. Over a time, information security has been considered to be a war between man and machine (Demertzis and Iliadis, 2015). Development of Artificial intelligence is now moving the fight towards a new concept that is machine vs machine. Now a day the most important issue is the theft of information. Autonomous malware is made by using some methods of machine learning and it is capable of collecting and broadcasting of data of that system. It has also power to remain undetected for several years. This type of system threat is also known as adaptive malware. It is considered to be insecure or dangerous as it can be train to behave like a solider which has track location, focus on target and wait for the best moment to attack. It is considered to be dangerous when it is platform independent (Pathan, 2014). The most severe threat of handling over security of Artificial system is the amount of damage which can easy take place at the time of data breach. The present experts mainly focus on minimizing the impact which an AI system can bring to other AI system. Hacking which is made possible through this system provides the malware an opportunity to change the path of original system and can even access data. Computers are designed in such way that it can perform various task like analyzation of network traffic. Cyber security specialist can emphasize on designing of algorithm and making an analysis of emergency threats. Cyber threats are becoming complex day by day. Gathering of data which breaches, malware and phishing is now not enough. Rather than this new method will focus on identification of pattern with abnormal activity. Some firms can have AI power tools for speeding up of different process (Pistono, and Yampolskiy, 2016). Keeping oneself ahead of different hackers will help the organization in taking necessary steps during an emergency. Artificial intelligence can be designed in such a way it can act like white blood cells with antibodies which can neutralize threats which are out of pattern instead of shutting down the whole system. This methodology can be beneficial in curing of adaptive malwares which is discussed above. In this way the system can easily learn from past experience and can become stronger to this attack which is similar to an organism which has been exposed to diseases and it and overcoming of it. Cybersecurity when powered by artificial intelligence can be considered to be a natural way in protection of important data. There is an ongoing race between attackers and secure system builders. At present both the parities are building their data and upgrading their system. This is considered to be an ongoing process which consist of multiple layers and is not a onetime action.

Impact of AI on the balance of offense and defense in cyberspace

Offensive cyber security will play a key role in shifting various strategy of threat and protection. Shift is taking place at this very moment because as the market is growing there is increase in threat which will ultimately affect all the users. Evolution of security has many problems like twist and turns. In many cases it is seen that technology playing a key role while on the contrary behaviors, weakness and motivation of people generally represent opportunity for advancement and positioning (Dandurand, and Serrano, 2013). This concept is equally applicable to attackers as well as defenders.  Defenders generally focuses in maintaining confidentiality, integrity in an appropriate way which is generally considered to be cost effective way. Over long period of time the game was considered to be simple. Attackers generally work in such a way that it can damage network, system, software and people so that it can achieve goals. Defenders work in such a way that they easily exploit the attackers and helps in keeping the environment safe and secure. They generally focus to look into the electronic ecosystem under their guidance to build proper defense system by using proper methods (Chen, Abercrombie and Sheldon., 2015). With the continuous upgradation and use of technology which is becoming a platform for attackers to harm the user. As the connectivity of devices are increasing at rapid rate with the help of cloud connectivity, application development and other technology has created platform for various attackers and it has forced the defenders to analyze more parameters (Peel and Clauset, 2015).  The attackers in many cases use certain tools and software for maintaining their position in the market. They collaborate with each other to develop harmful software’s. Security organization round the globe never develop offensive technologies as it would create bad image. They generally focus on working with defensive techniques (Syed et al., 2016). Hackers are those people which are involved in attacking of networks, assets and system of an organization. They are generally considered to be untrustworthy by various security community and hackers. Offensive security is making a revolution in the game and changing the social and economic models.  This will ultimately result in dangerous and creation of more complex environment for the entire world. Offensive security generally focuses on fact of taking the fight to the enemy and making a control over the field where the battle is going to take place. Such things can operate in a various number of ways like blocking the access, making a compromise with the system and manipulation. Various business organization round the globe have put down the idea of investing in organization which has goal of developing malwares as they think that bringing harm to others is not considered to be good for any ongoing business (Yampolskiy, and Spellchecker., 2016). On contrary many investors have invested a lot of money in this market which has ultimately impact their reputation in the industry. In the year of 2011, various government bodies of the globe realized that everything is connected to the internet which is inclusive nuclear sites, stock markets, telecommunication, and many other things. Various American bodies have declared cyberspace as the fifth platform for war after land, sea, air and space. They have also made an announcement about the idea of including open investment, adaptation which has been included in structure of defense. Defense bodies of many organization have been recruiting various hackers and finding proper talent which can be used in case of emergencies. Investment in the cybersecurity is found to be good if its only for correct or right consumers. In the end it is concluded that various business, individual and computers depends on systems for their everyday work and they will be largely affected by directly and indirectly methods in case of security breaches.

Use of AI and machine learning in preventing cyber-attacks

When artificial intelligence is applied to security then it can help in prevention of cyber-attacks and protection of privacy.

Cyber-attacks:  Various software which power our systems is generally subjected to error in code as well as problem in security which can be exploited by various human hackers. There is requirement of systems which tackle errors as well as defend various incoming attacks. AEG stands for automatic exploit generation is considered to be the first end to end system which is designed for automatic exploit generation (Yampolskiy, and Spellchecker., 2016). It is developed for off the shelf as well as ERP software whose use has been increased in various smart devices and appliances. AEG is very useful in analyzing Bugs which are errors in software’s that can easily result in unexpected result for security breaches. If any issue of security breach is found then bot will automatically produce a control over it. Algorithm of automated signature generation will have input of collection of exploits and will provide output as intrusion detection system (IDS) which help in recognition of proper exploits. Previously signature depended solution does not help us a lot in detection of cybersecurity attacks. There a wide variety of cyber-attacks and signature based system are considered as an issue at present. Cyber security defense will be used by machine which will help in detection and interaction without the involvement of human beings. Various well-known bodies like CSAIL (MIT computer science and artificial intelligence laboratory) and PatternEx which is a well-known machine learning startup have jointly developed a platform known as AI2 and by the help of this system they can easily predict cyber-attacks much better than existing system by the help of continuous new upgradation from various human experts. This technology works continuously by providing a chain of feedback between AI systems and various human analyst. This technology is known as Active contextual modelling and is easy to learn.   

Protection of privacy: Apple during one of its conference clearly stated about the idea of using various privacy methods for maintaining privacy of customers. On the contrary it aims in keeping an eye on the value of various data to provide better customer experience. Various methods of privacy have been already discussed but this new method is considered to be best. Various methods of privacy protection provide new ways for securing data on the network. This type of technology can be used for finding patterns or tracking of terrorist in a given population (Yampolskiy, and Spellchecker., 2016). The problem of data mining and privacy are considered to be bit complex because technologies like data mining and machine learning creates a threat on different personal and privacy laws. Good policies are taken to be key in long term development of various machine learning software’s. In many cases it is seen that data is accidentally or intentionally mined by various analyst across different industries.

Protecting privacy with AI

Offense and theory is also known as security dilemma theory is a positive and confident theory of international politics. This theory generally emphasizes that when defense has advantage over offense then major wars can be easily avoided. In the past years the theory has played a vital role in maintaining international scholarship and putting a check on various foreign policies. Offensive defense logic can also be used to narrate the cause behind world war 1 (Nagarajan et al., 2012). It also explains the reason behind effective control which can easily minimize the risk races of arms and war across globe. In the beginning offense defense theory requires ratio of cost of force required by attacker to the cost involved by defender force. This explanation of the theory can be useful for offense defense theory because its balance aims in providing essential connection across state of power and various military bodies (Jakobson., 2013). It generally emphasizes for choosing best techniques for attack and defense. This theory in general requires various assumption as it emphasizes on effects of issues and opportunity stated by various bodies from international environments. As a result, decision does affect balance of offense and defense, on the contrary poor or bad choices about military things or forces will affect different military bodies. The shortfall presents the lack of military skills which will not change the balance of offense and defense (Okimoto et al., 2013). Offense and defense theory sets up a term known as broad approach for analyzing the balance of offense and defense. Many analysts round the globe have stated that military technology and geography are only two factors which balances the theory.

The cost ratio of offense to defense is inclusive of various definition of offense and defense balance. Among these things offense has some advantage like it is easier to destroy or damage others army and capture the territory and defending its own one, defender has encouraged the attacker to make investment in various offensive forces. It is preferred to be analyze offense and defense balance as the ratio of cost of force which the attackers need to take the territory to the cost involved in the defender forces (MacDonald and Kuehn., 2012). The balance of offense and defense plays a vital role in combining various power and skills in analyzing a state of military techniques and ability for determining the potential capability of military which will be helpful for maintaining security as well as achieving non-secure aims and goals (Medvedev, 2015). The balance can be helpful in achieving disparities in various of resources of state. In case of large advantage of defense, a state which is smaller than this can be helpful in achieving proper defense. Imbalance in power can sometimes lead to effect the balance of offense and defense. Now if the defense has large advantage then a wealthier attack can be effective to a defender by a small portion to have proper offensive ability (Yi-yan, 2012). Any definition or explanation of offense and defense irrespective of dependence on cost ratio generally needs a number of specification and assumption without which balance cannot be defined and properly explained.

AEG: Automatic exploit generation for off the shelf and ERP software

Cost ratio of attacker to defender is not properly defined until and unless the cost of fighting which has attacker has incurred. This is due to the fact that cost of forces need to capture territory depends cost involved in fighting which the attacker has to bear or incur (Saltzman, 2013).  This mainly relates to the point or idea that capable and costly forces will result in low cost fighting which is less than capable forces (Shaheen, 2014). A proper way or method is the put conservative methods for planning methods which is used by various defenders. Changes or adjustment in any of the factors like technology, geography, size of force and nationalism will have a significant effect of balance of offense and defense. Factor which is largely affecting the balance of offense and defense is technology (Lieber, 2014). Six major areas of technology, mobility, protection, communication, firepower, detection and logistic. Implication of geography has least effect on the factors which effect the balance of offense and defense. Balance of offense and defense may vary on the size of forced which is being used. Nationalism effects the balance of offense and defense in two ways at first it encourages people to fight for their territory and secondly it can act as a defender during the time of war. Cumulativity of resources is a term which is used explaining after effects of war on different on various international balances of power of resources.

Conclusion

From the above discussion it can be easily that the report artificial intelligence is about shifting the balance of offense and defense in cybersecurity. An analysis has been made about the amount of change which the AI will bring. Two technologies namely artificial intelligence and learning technologies are being used popularly all around the globe (Lieber, 2014). Cyber security specialist is focusing on collection of designing of algorithm with proper analysis of various existing threats.  Artificial intelligence is designed in such a way that it can act like white blood cells which can minimize the impact of threat without the need of shutting down the whole system. When cybersecurity is given backup by artificial intelligence it can be considered as a natural way of protecting data (Nilsson, 2012). At present offensive cybersecurity will play a vital role in making a shift in various process of protection and danger. Defenders all about focusing in the maintenance of confidentiality in an appropriate way which is taken to be a cost effective method. When artificial intelligence is applied to security then it can help in protection of cyber-attacks and privacy protection (Lieber, 2014). Different software which provide power to our system can easily have error in code with issue in security which can be damaged by human hackers. Apple during one of its conference narrated the idea of using different methods maintenance of privacy of various customers. Offense defense theory which is also known as security dilemma theory has been explained in details. This theory is positive and confident theory of which contains various international politics. This theory generally depends on five factors namely technology, mobility, protection, communication, firepower, detection and logistic.

Algorithm of automated signature generation

References

Chen, Q., Abercrombie, R.K. and Sheldon, F.T., 2015. Risk assessment for industrial control systems quantifying availability using mean failure cost (MFC). Journal of Artificial Intelligence and Soft Computing Research, 5(3), pp.205-220.

Dandurand, L. and Serrano, O.S., 2013, June. Towards improved cyber security information sharing. In Cyber Conflict (CyCon), 2013 5th International Conference on (pp. 1-16). IEEE.

Demertzis, K. and Iliadis, L., 2015. A Bio-Inspired Hybrid Artificial Intelligence Framework for Cyber Security. In Computation, Cryptography, and Network Security (pp. 161-193). Springer International Publishing.

Goztepe, K., 2012. Designing fuzzy rule based expert system for cyber security. International Journal of Information Security Science, 1(1), pp.13-19.

Jakobson, G., 2013, June. Mission-centricity in cyber security: Architecting cyber attack resilient missions. In Cyber Conflict (CyCon), 2013 5th International Conference on (pp. 1-18). IEEE.

Lieber, K., 2014. The Offense-Defense Balance and Cyber Warfare. Cyber Analogies, pp.96-107.

MacDonald, I.A. and Kuehn, M.J., 2012. Offense and defense: microbial membrane vesicles play both ways. Research in microbiology, 163(9), pp.607-618.

Medvedev, S.A., 2015. Offense-defense theory analysis of Russian cyber capability (Doctoral dissertation, Monterey, California: Naval Postgraduate School).

Nagarajan, A., Allbeck, J.M., Sood, A. and Janssen, T.L., 2012, May. Exploring game design for cybersecurity training. In Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), 2012 IEEE International Conference on (pp. 256-262). IEEE.

Nilsson, M., 2012. Offense–Defense Balance, War Duration, and the Security Dilemma. Journal of Conflict Resolution, 56(3), pp.467-489.

Obrst, L., Chase, P. and Markeloff, R., 2012, October. Developing an Ontology of the Cyber Security Domain. In STIDS (pp. 49-56).

Okimoto, T., Ikegai, N., Inoue, K., Okada, H., Ribeiro, T. and Maruyama, H., 2013, June. Cyber security problem based on multi-objective distributed constraint optimization technique. In Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP Conference on (pp. 1-7). IEEE.

Pathan, A.S.K. ed., 2014. The state of the art in intrusion prevention and detection. CRC press.

Peel, L. and Clauset, A., 2015, January. Detecting Change Points in the Large-Scale Structure of Evolving Networks. In AAAI (pp. 2914-2920).

Pistono, F. and Yampolskiy, R.V., 2016. Unethical research: How to create a malevolent artificial intelligence. arXiv preprint arXiv:1605.02817.

Ramchurn, S.D., Vytelingum, P., Rogers, A. and Jennings, N.R., 2012. Putting the'smarts' into the smart grid: a grand challenge for artificial intelligence. Communications of the ACM, 55(4), pp.86-97.

Saltzman, I., 2013. Cyber posturing and the offense-defense balance. Contemporary Security Policy, 34(1), pp.40-63.

Scherer, M.U., 2015. Regulating artificial intelligence systems: Risks, challenges, competencies, and strategies.

Shaheen, S., 2014. Offense–defense balance in cyber warfare. In Cyberspace and International Relations (pp. 77-93). Springer Berlin Heidelberg.

Syed, Z., Padia, A., Finin, T., Mathews, M.L. and Joshi, A., 2016, February. UCO: A Unified Cybersecurity Ontology. In AAAI Workshop: Artificial Intelligence for Cyber Security.

Yampolskiy, R.V. and Spellchecker, M.S., 2016. Artificial Intelligence Safety and Cybersecurity: a Timeline of AI Failures. arXiv preprint arXiv:1610.07997.

Yi-yan, K.O.N.G., 2012. Design and Implementation of Simulation Experiment Platform for Network Offense & Defense [J]. Communications Technology, 11, p.013.