This document discusses the application of artificial intelligence techniques in cybersecurity. It begins by outlining the motivations for applying AI to cybersecurity, such as the growing amounts of data and connections between devices. It then provides an overview of cybersecurity challenges and common AI techniques like machine learning. The document concludes by presenting several examples of how AI is already being used to enhance cybersecurity, such as through anomaly detection, natural language processing for unstructured threat analysis, and AI-powered security analytics tools.

1. Técnicas de Inteligencia Artificial
Aplicadas en Ciberseguridad
Juan Carlos Olivares Rojas
November 2020
SCO

2. Introduction
CybersecurityAI + = AI Safety & Security

3. Outline
Motivation
Cybersecurity
AI
AI + Cybersecurity Examples

4. Motivation
Everything
becomes
software-based
Everything
generates
data
Everything
needs to be
secured
Everything
can be
automated
Everything
becomes
connected
Networking Programmability Security
Source: Cisco

5. Motivation
Source: Domo

6. Motivation
Source: Cisco
Cybercrime damage
estimated to hit $6
TRILLION BY 2021.
95% of cybersecurity
breaches are due to human
error.
25 billion connected things
will be in use by 2021.

7. Motivation
Source: Invertia
Hackers stole half a billion
personal records in 2018.
4.07 million cybersecurity
jobs are unfilled.

8. Network Security Professionals
Source: Cisco

9. Motivation
Source: Cisco

10. Outline
Motivation
Cybersecurity
AI
AI + Cybersecurity Examples

11. Cybersecurity

12. Zero Trust
Source: Among Us

13. Threats

14. Threats
Initial Code Red Worm Infection
Code Red Worm Infection 19 Hours
Later

15. Cyber Threats
Source: Cisco

16. Data Privacy

17. Cybersecurity in Healthcare
Source: Cisco

18. Cybersecurity Tools

19. Cybersecurity Tools
Contai
nment
Inoculation Quarantine
Treatment

20. Cybersecurity Tools

21. Cybersecurity Tools

22. Cybersecurity Tools

23. Cybersecurity Tools
Source: Cisco

24. Cybersecurity Tools
Source: Cisco

25. Cybersecurity Tools
Source: Cisco

26. Outline
Motivation
Cybersecurity
AI
AI + Cybersecurity Examples

27. AI Booming
1. Computing power
What makes AI credible this time around . . .
2. ML, deep learning
algorithms
3. Big data
4. Age of the customer/
digital demand
5. Huge investments
Source: “Artificial Intelligence Can Finally Unleash Your Business Applications' Creativity” Forrester report

28. AI is in Charge
Stock Market: 75+% of all trade orders
generated by Automated Trading Systems
Aviation: Uninterruptible Autopilot System
Military: Nuclear
Weapons
Energy: Nuclear
Power Plants
Utilities: Water
Plants/Electrical Grid
Communications: Satellites

29. AI Applications
Health
Personalized medicine, image analytics
Manufacturing
Predictive and prescriptive maintenance
Consumer tech
Chatbots
Financial services
Fraud detection, ID verification
Government
Cyber-security, smart cities and utilities
Energy
Seismic and reservoir modeling
Service providers
Media delivery
Retail
Video surveillance, shopping patterns

30. AI Financial Applications
Fraud Detection
• Real-Time
Transactions
• Credit Card
• Merchant
• Collusion
• Impersonation
• Social Engineering
Fraud
Risk Modeling &
Credit Worthiness
Check
• Loan Defaults
• Delayed Payments
• Liquidity
• Market & Currencies
• Purchases and
Payments
• Time Series
CLV
Prediction and
Recommendation
• Historical Purchase
View
• Pattern Recognition
• Retention Strategy
• Upsell
• Cross-Sell
• Nurturing
Customer
Segmentation
• Behavioral Analysis
• Understanding
Customer Quadrant
• Effective Messaging &
Improved Engagement
• Targeted Customer
Support
• Enhanced Retention
Other
• Image Recognition
• NLP
• Security
• Video Analysis

31. AI Development
AI
More
computing
power
More data
New
algorithms
What has changed?A new paradigm

32. AI Development Attacks

33. Cybersecurity Attacks in IA

34. AI Ecosystem
IT
Data
Data Platforms
Data Science and ML
/ DL Tools
Solutions
Genome Research Video SurveillanceCustomer 360
Example Industry Use Cases
Fraud Detection
HDFS/NFS
User Access Security Time to Deploy Multi-Tenant
Data DuplicationData Store Cloud
Infrastructure

35. AI

36. Big Data

37. Data Analytics

38. Machine Learning

39. Regression

40. Time Series

41. Clustering

42. Decission Threes

43. SVM

44. Outline
Motivation
Cybersecurity
AI
AI + Cybersecurity Examples

45. Evolution of security technology - three waves
CLOUD,
AI and ORCHESTRATION,
COLLABORATION
INTELLIGENCE
and INTEGRATION
LAYERED
DEFENSES

46. Cybersecurity using AI

47. AI on Attack Tools
Source: Cisco

48. AI and Cybersecurity
Security Analytics
• Data correlation
• Pattern identification
• Anomaly detection
• Prioritization
• Data visualization
• Workflow
AI: Cognitive
Security
• Unstructured analysis
• Natural language
• Question and answer
• Machine learning
• Bias elimination
• Tradeoff analytics
Human Expertise
• Common sense
• Morals
• Compassion
• Abstraction
• Dilemmas
• Generalization

49. Cybersecurity Tools
Source: Cisco

50. Cybersecurity Tools

51. Cybersecurity Standards

52. Cisco Security Intelligence Operations

53. Cybersecurity Tools
Source: Cisco

54. AI Cybersecurity Solutions
WildFire
DesktopsLaptopsPhone/Tablet Servers Cloud
Source: WildFire

55. Artificial Neural Networks
Chen, Y., Abraham, A., & Yang, B. (2007). Hybrid flexible neural-tree-based
intrusion detection systems. International Journal of Intelligent Systems, 22,
337–352.

56. Stein, G., Chen, B., Wu, A. S., & Hua, K. A. (2005). Decision tree classifier for network intrusion detection with GA-based feature selection. In
Paper presented at the proceedings of the 43rd annual Southeast regional conference. Kennesaw, Georgia.
Randomly
Generated
Population
Feature
Selection
Decision Tree
Constructor
Decision Tree
Evaluator
Fitness
Computation
Final Decision
Tree
Classifier
Training Data
Validation
Data
Testing
Data
Generate Next Generation
GA/Decision Tree Hybrid
Genetic Algorithms

57. Teache
r
Correct
(No Training)
Winner
(Decision)
w1 w2 w3 wn
Φ1 Φ2 Φ3 Φn
Y(1) Y(2) Y(3) Y(n)
X(1) X(2) X(3) X(4)
Incorrect
(Training Needed)
Chavan, Sampada, et al. "Adaptive neuro-fuzzy intrusion
detection systems. "Information Technology: Coding and
Computing, 2004. Proceedings. ITCC 2004. International
Conference on. Vol. 1. IEEE, 2004.
Neuro-fuzzing

58. Support Vector
Machine
Decision Trees
Intrusion
Detection
Data
Hybrid Decision Tree SVM Approach
Peddabachigari, Sandhya, et al. "Modeling intrusion detection system
using hybrid intelligent systems." Journal of network and computer
applications 30.1 (2007): 114-132.
Hybrid

59. Shon, T., & Moon, J. (2007). A hybrid machine learning approach to network anomaly detection. Information Sciences, 177, 3799–3821.
Hybrid ML NAD

60. Multiple Classifier System for Intrusion Detection
Intrusion Detection as a Pattern Recognition Problem
Giacinto, Giorgio, Fabio Roli, and Luca Didaci. "Fusion of multiple classifiers for intrusion detection in computer networks." Pattern recognition letters 24.12
(2003): 1795-1803.
Pattern Recognition

61. Neural Networks
(Backpropagation)
Neural Networks (Scale
Conjugate Gradient)
Neural Network (One Step
Secant)
Support Vector Machine
Multivariate Regression
Splines
Ensemble
Data
preprocessor
Mukkamala, Srinivas, Andrew H. Sung, and Ajith Abraham. "Intrusion detection using an ensemble of intelligent
paradigms." Journal of network and computer applications 28.2 (2005): 167-182.
Ensemble

62. SMS Cybersecurity

63. Questions?
Thanks you so much!
juan.or@morelia.tecnm.mx,
jcolivares@computer.org,
jcolivares@ieee.org