Book Image

Hands-On Artificial Intelligence for Cybersecurity

By : Alessandro Parisi
Book Image

Hands-On Artificial Intelligence for Cybersecurity

By: Alessandro Parisi

Overview of this book

Today's organizations spend billions of dollars globally on cybersecurity. Artificial intelligence has emerged as a great solution for building smarter and safer security systems that allow you to predict and detect suspicious network activity, such as phishing or unauthorized intrusions. This cybersecurity book presents and demonstrates popular and successful AI approaches and models that you can adapt to detect potential attacks and protect your corporate systems. You'll learn about the role of machine learning and neural networks, as well as deep learning in cybersecurity, and you'll also learn how you can infuse AI capabilities into building smart defensive mechanisms. As you advance, you'll be able to apply these strategies across a variety of applications, including spam filters, network intrusion detection, botnet detection, and secure authentication. By the end of this book, you'll be ready to develop intelligent systems that can detect unusual and suspicious patterns and attacks, thereby developing strong network security defenses using AI.
Table of Contents (16 chapters)
Free Chapter
Section 1: AI Core Concepts and Tools of the Trade
Section 2: Detecting Cybersecurity Threats with AI
Section 3: Protecting Sensitive Information and Assets
Section 4: Evaluating and Testing Your AI Arsenal

Challenging ML anomaly detection

As we saw in Chapter 5, Network Anomaly Detection with AI, one of the areas in which ML has proved particularly useful is that of anomaly detection. However, even in the case of anomaly detection, the adoption of AI-based cybersecurity solutions must be carefully evaluated in light of the challenges that the complexity of these solutions inevitably introduces.

In particular, the possible negative impact, both on the business and on the security of the errors originating from the anomaly detection systems, induced by both false positives and false negatives, must be carefully evaluated.

As we know, there is usually a trade-off between false positives and false negatives; therefore, attempting to reduce the number of false negatives (the number of attacks that go undetected), almost inevitably leads to an increase in false positives (the detection...