A possible cyber defense system should provide at least three levels of cyber security.
The first level includes traditional static network defense mechanisms, such as identity authentication, password protection, access control, and network filtering. The second level includes active network defense mechanisms, such as information collection, security assessment, network status monitoring, and security. The third level corresponds to network defense management, the overall assessment of the network status, selection of appropriate or best defense mechanisms, and their adaptability.
Early warning, security detection and defense systems, including artificial intelligence technology, play an important role in ensuring these levels of network security.
Early Warning Systems (EWS) are used to prevent cyber attacks and respond as quickly as possible. However, with the development of new technologies, the level of cyber threats is constantly escalating. Different from the traditional pure data packet detection method, the new early warning system architecture needs to collect, analyze, and correlate data. At the same time, it also needs to detect, analyze and respond to threat models in near real time. This is what the public has already heard of. This demand includes the development of virtual sensors, complex data associations, new logical models for network behavior analysis, learning algorithms, and the development of concepts and new methods that can provide scalability, reliability and flexibility, especially in IPv6 network.
The purpose of using artificial intelligence in early warning and *** detection is to develop an advanced intelligent help system for early detection of *** from the Internet in local area networks and wide area networks. Within this framework, widely used Internet protocols, such as FTP, SMTP, and HTTP, and newer protocols, such as SOAP, should also be considered.
The main problem to be solved in the application of artificial intelligence in the field of cyber defense is that the existing technology has not reached the ideal level. Which artificial intelligence methods should be developed and adjusted to minimize human factors, which are considered to be cyber defenses. The weakest link.
Use artificial intelligence to network***
The abuse of artificial intelligence can threaten security in many ways:
Threats to digital security;
Threats to personal safety;
Threats to social/economic/political security.
Automation of social engineering*** : Natural language processing tools can imitate the victim's writing and singing. Therefore, the artificial intelligence system collects online information to create personalized malicious websites/emails/links that may be automatically clicked.
Automation of vulnerability discovery : The past code vulnerability model helps to speed up the discovery of new vulnerabilities.
Advanced****** : Artificial intelligence can be used in many aspects of******. For example, artificial intelligence provides automated tools that can improve target selection and limited sorting, avoid detection, and creatively respond to changes in target behavior. It can also imitate human-like behavior and direct the target system to a less secure state.
Automation of ransomware tasks : Artificial intelligence technology can automate various tasks, such as dialogue and payment processes with ransomware victims.
The use of artificial intelligence in applications : artificial intelligence is used to create data poisoning or backdoors.
Flock *** : Distributed autonomous robot system network allows monitoring large areas and performing fast and coordinated ***.
Security for drones and unmanned vehicles : Due to network security, it poses a major threat to the control of autonomous drones and unmanned vehicles based on artificial intelligence.
Fake news : When the latest developments in image processing technology are combined with natural language creation technology, the public is trying to mislead them by producing highly realistic videos of national leaders who seem to be giving speeches and speeches they have never actually done. comment.
Personalized disinformation and influencing activities : Social network analysis based on artificial intelligence can identify key factors to approach (malicious) proposals or target disinformation.