The document discusses the role of artificial intelligence (AI) in enhancing cybersecurity, highlighting its benefits such as improved speed, efficiency, and proactive threat management. It outlines various AI use cases, including threat detection, fraud prevention, and automated incident response, while also addressing concerns like bias and potential misuse. Future recommendations emphasize the need for training, data security, collaboration, and proactive threat mitigation to leverage AI effectively in cybersecurity.

1. Bahaa Farouk
Chief Transformation Officer, Suez Canal Bank
Leveraging AI to Enhance Cybersecurity
1

2. Acknowledgement
2
In advance, appreciating the judge board of speakers/topics selection especially Professor Dr. Bahaa Hassan,
Chairman and Founder Arab Security Conference it is an honor to participate and deliver such professional
experience session in its 8th
edition, 2024.
Further, it is an honor to be here for the third time in row among cybersecurity experts across the globe.

3. Agenda
3
• AI in Cybersecurity, in nutshell
• Benefits of Applying AI in Cybersecurity
• AI Uses Cases in Cybersecurity
• Detailed Use Cases
• Deep Learning in Threat Detection
• ML in SDLC Secure Code Scanning
• Future Readiness, Recommendations
• References
• ddd

4. 4
Scan to participate in
opening survey.

5. Survey Analysis, 22nd
Sep. 2024
5

6. 6
The Impact of Artificial Intelligent in Improving Cybersecurity
AI in Cybersecurity, in nutshell?

7. AI in Cybersecurity, in nutshell
7
• Cyber threats evolve in complexity and frequency,
• Traditional cybersecurity measures struggle to keep pace,
• Artificial Intelligent offers a paradigm shift enabling proactive threat detection
and adaptive response strategies.
Debate!
There are some concerns of replying on AI in Cybersecurity.

8. AI in Cybersecurity, in nutshell
8
Debate!
Three major concerns:
• Bias in decision-
making
• Lack of Explanatory
& Transparency
• Potential of
Misuse/Abuse
Source: Deloitte Research
https://www2.deloitte.com/us/en/insights/focus/cognitive-technologies/ai-investment-by-country.html

9. 9
The Impact of Artificial Intelligent in Improving Cybersecurity
Benefits?

10. Benefits of Adapting AI in Cybersecurity
10
Speed and
Efficiency
• Processes large
amounts of data
faster than
humans
Scalability
• Easily scales to
protect growing
networks
Enhanced
Accuracy
• Reduces human
error and
improves
detection rates
Proactive
Threat
Management
• Predictive
analytics to
prevent attacks
Reduced False
Positive
• Improves the
precision of
threat detection
Ongoing
Learning
• Frees up human
resources for
strategic tasks

11. 11
The Impact of Artificial Intelligent in Improving Cybersecurity
AI Use Cases in Cybersecurity

12. AI Use Cases In Cybersecurity
12
Use
Cases
Threat
Detection
Fraud
Prevention
Automated
Incident
Response
Phishing
Detection
Behavioral
Analytics
• Artificial intelligence has brought lots
of positive effects on cybersecurity.
• AI can detect and stop threats in
real-time without interfering with the
business processes, and
• AI can track data that escapes
human eyes including chats, emails,
video and other modes of
communications.

13. AI Use Cases In Cybersecurity
Threat Detection
13
Use
Cases
Threat
Detection
Fraud
Prevention
Automated
Incident
Response
Phishing
Detection
Behavioral
Analytics
• Machine learning models analyze
network traffic patterns to identify
anomalies that may indicate cyber
threats.
• Supervised learning techniques
utilize labeled datasets to recognize
known threats, and
• Unsupervised learning detects novel
threats by identifying deviations from
normal behavior.

14. AI Use Cases In Cybersecurity
Fraud Prevention
14
• By analyzing transaction patterns,
these models can flag anomalies
indicative of fraud,
• Reducing false positives and,
enhancing accuracy.
• Common fraud types that can be
detected:
• Card Fraud,
• Fake Account Creation,
• Account Takeover ATO, and
• Credential Stuffing
Use
Cases
Threat
Detection
Fraud
Prevention
Automated
Incident
Response
Phishing
Detection
Behavioral
Analytics

15. AI Use Cases In Cybersecurity
15
Use
Cases
Threat
Detection
Fraud
Prevention
Automated
Incident
Response
Phishing
Detection
Behavioral
Analytics
• Automate incident response.
• Hence, reducing damage and speed
up recovery.
• Automate processes like
quarantining compromised
devices/files or reverting
modifications done by an attacker.

16. AI Use Cases In Cybersecurity
16
Use
Cases
Threat
Detection
Fraud
Prevention
Automated
Incident
Response
Phishing
Detection
Behavioral
Analytics
• Natural Language Processing (NLP)
techniques are used to analyze email
content and detect phishing attempts.
• ML models learn from vast datasets
of phishing emails to identify subtle
cues that humans might miss.

17. AI Use Cases In Cybersecurity
17
Use
Cases
Threat
Detection
Fraud
Prevention
Automated
Incident
Response
Phishing
Detection
Behavioral
Analytics
• AI-powered behavioral analysis can
help reduce the risk of security
breaches and strengthen an
organization’s overall security
posture.
• Indicators of Attack (IOA) are
proactive, compared to Indicators of
Compromise (IOC).
• Behavioral Analytics has several types:
• User & Entity Behavioral Analytics UBEA,
• Network Behavioral Analytics NBA
• Insider Threat Behavioral Analytics ITBA

18. 18
The Impact of Artificial Intelligent in Improving
Cybersecurity
Detailed Use Cases: Deep Learning in Threat Detection

19. Deep Learning in Threat Detection
19
• A revolution in network technology has been ushered in by Software Defined
Networking (SDN), which makes it possible to control the network from a central location
and provides an overview of the network’s security
• Deep learning (DL) and machine learning (ML) have been implemented in SDN-based
Network Intrusion Detection System (NIDS) to overcome the security issues within a
network.
• Deep learning, a subset of ML, excels in processing Unstructured data, such as images
and text.
• Both Convolutional Neural Networks (CNNs) and Recurrent Neural Networks (RNNs)
are particularly effective in identifying complex patterns within cybersecurity datasets.

20. Deep Learning in Threat Detection
20
• Data Plane
⊖ All network devices are immersed
of collector agents
• Control Plane
⊖ Records of network flow are
collected by the data collector
• Application Plane
⊖ The constructed and implemented
model of ML is used as an
application of SDN
Source: Academic Paper 2022
https://www.mdpi.com/1424-8220/22/20/7896

21. 21
The Impact of Artificial Intelligent in Improving
Cybersecurity
Detailed Use Cases: ML in SDLC Secure Code Scanning

22. ML in SDLC Secure Code Scanning
22
• Integrating ML into the SDLC enhances secure code scanning by identifying
vulnerabilities early in the development process.
• ML models assess code quality and flag potential security issues, enabling
developers to address them promptly.
• ML models can suggest fixes to identified issues.

23. ML in SDLC Secure Code Scanning
23
No only detecting the source code vulnerability, but also GenAI would suggest a fix!
Source SAST Tool Documentation
https://github.blog/ai-and-ml/llms/how-ai-enhances-static-application-security-testing-sast/

24. 24
The Impact of Artificial Intelligent in Improving
Cybersecurity
Future Readiness?

25. Adapting AI in Cybersecurity
Concerns
25
Debate!
Three major concerns:
• Bias in decision-
making
• Lack of Explanatory
& Transparency
• Potential of
Misuse/Abuse
Source: Deloitte Research
https://www2.deloitte.com/us/en/insights/focus/cognitive-technologies/ai-investment-by-country.html

26. Future Readiness?
26
1. Invest in Training: Equip security teams with the necessary skills to develop
and maintain ML models.
2. Prioritize Data Security: Ensure data used for training is secure and
representative of actual threat landscapes.
3. Foster Collaboration: Encourage collaboration between data scientists and
security experts to enhance model development.
4. Adopt a Proactive Approach: Use ML to anticipate and mitigate potential
threats before they manifest.
5. Continuously Evaluate Models: Regularly review and update ML models to
maintain their effectiveness against evolving threats.

27. References
27
Academic Research Papers/Books
• Ahmed N, Ngadi Ab, Sharif JM, Hussain S, Uddin M, Rathore MS, Iqbal J, Abdelhaq M, Alsaqour R, Ullah SS, et al. Network Threat Detection Using Machine/Deep Learning in
SDN-Based Platforms: A Comprehensive Analysis of State-of-the-Art Solutions, Discussion, Challenges, and Future Research Direction. Sensors. 2022; 22(20):7896
• Alghamdi A and Barsoum (2024). A Comprehensive IDs to Detect Botnet Attacks Using Machine Learning Techniques2024 IEEE 3rd International Conference on Computing
and Machine Intelligence (ICMI)10.1109/ICMI60790.2024.10585846(1-6)
• Buczak, A. L., & Guven, E. (2015). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys & Tutorials.
• Chio, C., & Freeman, D.. Machine Learning and Security: Protecting Systems with Data and Algorithms. O'Reilly Media.
• Lippmann, R. P., et al. Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. DARPA Information Survivability Conference and
Exposition.
• Saxe, J., & Berlin, K.. Deep neural network-based malware detection using two-dimensional binary program features. 10th International Conference on Malicious and
Unwanted Software.
• Shah, S. A., & Issac, B.. Performance comparison of intrusion detection systems and application of machine learning to Snort system. Future Generation Computer Systems.
Others
• https://www2.deloitte.com/us/en/insights/focus/cognitive-technologies/ai-investment-by-country.html
• https://github.blog/ai-and-ml/llms/how-ai-enhances-static-application-security-testing-sast/
• ddd

28. 28