MIT’s Computer Science and Artificial Intelligence Laboratory reckons the cybersec future could be part-machine, part-human. What does the industry think?
A newly published paper from MIT suggests that the prototype AI2 system it has developed combines machine learning with human analysis to end up with an 85 per cent successful cyber-attack prediction rate. The MIT researchers maintain that analyst-driven security systems miss too many attacks as they rely upon humans to create rules that have to be matched. On the other hand, machine-learning solutions rely upon anomaly-detection which is prone to triggering false positives and so lead to mistrust. The hybrid AI approach of mixing human intuition with machine-learning is, we are told, a much better way forward.
AI2 was tested on 3.6 billion pieces of log-line data, generated by millions of users over a three month period. By combing through this data and detecting meaningful patterns that suggest suspicious activity, all through an unsupervised machine-learning process, humans only need to be involved when presented with the suspicious data. That human analyst feedback is then fed into the models for the next set of data to be looked at, and so on. By continuously generating new models in this way, the researchers reckon it can refine the process in a matter of hours; improving detection rates significantly and rapidly. So is Hybrid-AI, a virtual analyst if you will, the future of cyber-security?