Artificial Intelligence for Cybersecurity: Offensive Tactics, Mitigation Techniques and Future Directions

Adi, Erwin; Baig, Zubair; Zeadally, Sherali

doi:10.5604/01.3001.0016.0800

Artykuł - szczegóły

Tytuł artykułu

Artificial Intelligence for Cybersecurity: Offensive Tactics, Mitigation Techniques and Future Directions

Autorzy

Adi Erwin , Baig Zubair , Zeadally Sherali

Treść / Zawartość

Pełne teksty:

Pobierz

Identyfikatory

DOI

10.5604/01.3001.0016.0800

Warianty tytułu

Języki publikacji

Abstrakty

Cybersecurity has benefitted from Artificial Intelligence (AI) technologies for attack detection. However, recent advances in AI techniques, in tandem with their misuse, have outpaced parallel advancements in cyberattack classification methods that have been achieved through academic and industry-led efforts. We describe the shift in the evolution of AI techniques, and we show how recent AI approaches are effective in helping an adversary attain his/her objectives appertaining to cyberattacks. We also discuss how the current architecture of computer communications enables the development of AI-based adversarial threats against heterogeneous computing platforms and infrastructures.

Słowa kluczowe

artificial intelligence AI cyber infrastructures data analysis supply chain

sztuczna inteligencja AI cybernetyczne infrastruktury analiza danych łańcuch dostaw

Wydawca

NASK – National Research Institute

Czasopismo

Applied Cybersecurity & Internet Governance

Rocznik

2022

Tom

Vol. 1, No. 1

Strony

1--23

Opis fizyczny

Bibliogr. 67 poz., rys., tab.

Twórcy

autor

Adi Erwin

eadi@deloitte.com.au

Deloitte Risk Advisory Pty Ltd, Australia

https://orcid.org/0000-0001-7120-1967

autor

Baig Zubair

Deakin University, Victoria, Australia

https://orcid.org/0000-0003-0557-1550

autor

Zeadally Sherali

College of Communication and Information, University of Kentucky, USA

https://orcid.org/0000-0002-5982-8190

Bibliografia

1. I. Novikov. (2018). How AI Can Be Applied To Cyberattacks [Online]. Available: https://www.forbes.com/sites/forbestechcouncil/2018/03/22/how-ai-can-be-applied-to-cyberattacks/#3211152d49e3. [Accessed:Sep. 28, 2022].
2. S. Zeadally, E. Adi, Z. Baig, I. A. Khan, “Harnessing artificial intelligence capabilities to improve cybersecurity,”IEEE Access, vol. 8, pp. 23817–23837, 2020, doi: 10.1109/ACCESS.2020.2968045.
3. J. Hobbs. (2018). AI Enters the Cyber Attack Realm [Online]. Available: https://www.afcea.org/content/aienters-cyber-attack-realm. [Accessed: Sep. 28, 2022].
4. E. Adi, A. Anwar, Z. Baig, S. Zeadally, “Machine Learning and Data Analytics for the IoT,” Neural Computing& Application, vol. 32, pp. 16205–16233, 2020, doi: 10.1007/s00521-020-04874-y.
5. S. Russell, P. Norvig, Artificial intelligence: a modern approach, no. 4 London: Pearson Education, 2020.
6. MITRE. MITRE ATT&CK [Online]. Available: https://attack.mitre.org/matrices/. [Accessed: Sep. 28, 2022].
7. Lockheed Martin, The Cyber Kill Chain [Online]. Available: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html. [Accessed: Sep. 28, 2022].
8. I. Corona, G. Giacinto, F. Roli, “Adversarial attacks against intrusion detection systems: Taxonomy, solutionsand open issues,” Information Sciences, vol. 239, pp. 201–225, 2013, doi: 10.1016/j.ins.2013.03.022.
9. M. Babar, M. Sohail Khan, “ScalEdge: A framework for scalable edge computing in internet of things–based smart systems,” International Journal of Distributed Sensor Networks, vol. 17, no. 7, pp. 1–11, 2021, doi: 10.1177/155014772110353.
10. J. Neeli, S. Patil, “Insight to security paradigm, research trend & statistics in internet of things (iot),” GlobalTransitions Proceedings, vol. 2, no. 1, pp. 84–90, 2021, doi: 10.1016/j.gltp.2021.01.012.
11. I. Rosenberg, A. Shabtai, Y. Elovici, L. Rokach, “Adversarial machine learning attacks and defensemethods in the cyber security domain,” ACM Computing Surveys (CSUR), vol. 54, no. 5, pp. 1–36, 2021, doi: 10.1145/3453158.
12. A. McCarthy, E. Ghadafi, P. Andriotis, P. Legg, “Functionality-preserving adversarial machine learning forrobust classification in cybersecurity and intrusion detection domains: A survey,” Journal of Cybersecurity andPrivacy, vol. 2, no. 1, pp. 154–190, 2022, doi: 10.3390/jcp2010010.
13. E. Alhajjar, P. Maxwell, N. Bastian, “Adversarial machine learning in network intrusion detection systems,”Expert Systems with Applications, vol. 186, pp. 1–25, 2021, doi: 10.48550/arXiv.2004.11898.
14. H. Navidan, P. F. Moshiri, M. Nabati, R. Shahbazian, S. A. Ghorashi, “Generative adversarial networks (gans) in networking: A comprehensive survey & evaluation,” Computer Networks, vol. 194, no. 3, pp. 1–26, 2021,doi: 10.1016/j.comne vol.2021.108149.
15. D. Li, Q. Li, Y. Ye, S. Xu, “Arms race in adversarial malware detection: A survey,” ACM Computing Surveys (CSUR), vol. 55, no. 1, pp. 1–35, 2021, doi: 10.1145/3484491.
16. M. Pawlicki, M. Choraś, R. Kozik, “Defending network intrusion detection systems against adversarialevasion attacks,” Future Generation Computer Systems, vol. 110, pp. 148–154, 2020, doi: 10.1016/j.future.2020.04.013.
17. Z. Guan, L. Bian, VOL. Shang, J. Liu, “When Machine Learning meets Security Issues: A survey,” 2018International Conference on Intelligence and Safety for Robotics, Shenyang, 2018, pp. 158–165 [Online]. Available: https://ieeexplore.ieee.org/document/8535799. [Accessed: Sep. 28, 2022].
18. G. Apruzzese, M. Colajanni, L. Ferretti, M. Marchetti. (2019). “Addressing Adversarial Attacks AgainstSecurity Systems Based on Machine Learning,” 11th International Conference on Cyber Conflict (CyCon), pp.1–18 [Online]. Available: https://ccdcoe.org/uploads/2019/06/Art_21_Addressing-Adversalial-Attacks.pdf. [Accessed: Sep. 28, 2022].
19. L. Huang, A. D. Joseph, B. Nelson, B. I. Rubinstein, J. D. Tygar, “Adversarial machine learning,” In Proceedingsof the 4th ACM workshop on Security and artificial intelligence, 2011, pp. 43–58.
20. V. Duddu, “A Survey of Adversarial Machine Learning in Cyber Warfare,” Defence Science Journal,vol. 68, no. 4, pp. 356–366, 2018, doi: 10.14429/dsj.68.12371.
21. A. Szychter, H. Ameur, A. Kung, D. Hervé. (2018). The Impact of Artificial Intelligence on Security: a DualPerspective [Online]. Available: https://www.cesar-conference.org/wp-content/uploads/2018/11/articles/C&ESAR_2018_J1-03_A-SZYCHTER_Dual_perspective_AI_in_Cybersecurity.pdf. [Accessed: Sep. 28, 2022].
22. Y. LeCun, Y. Bengio, G. Hinton, “Deep learning,” Nature, vol. 521, p. 436–444, 2015, doi: 10.1038/nature14539.
23. I. Goodfellow, Y. Bengio, A. Courville, Deep learning, MIT press, 2016.
24. M. M. Gamal, B. Hasan, A. F. Hegazy, “A security analysis framework powered by an expert system,” International Journal of Computer Science and Security (IJCSS), vol. 4, no. 6, pp. 505–527, 2011.
25. J. Kennedy, R. Eberhart. (1995). “Particle swarm optimization,” Proceedings of ICNN’95 - InternationalConference on Neural Networks, vol. 4, pp. 1942–1948 [Online]. Available: https://ieeexplore.ieee.org/document/488968. [Accessed: Sep. 28, 2022].
26. M. H. Nasir, S. A. Khan, M. M. Khan, M. Fatima, “Swarm intelligence inspired intrusion detection systems—a systematic literature review,” Computer Networks: The International Journal of Computer and Telecommunications Networking, vol. 205, pp. 108708, 2022, doi: 10.1016/j.comnet.2021.108708.
27. VOL. Bayes, LII. An essay towards solving a problem in the doctrine of chances. By the late Rev. Mr. Bayes,FRS communicated by Mr. Price, In a letter to John Canton, AMFR S, Philosophical transactions of the RoyalSociety of London, vol. 53, pp. 370–418, 1763, doi: 10.1098/rstl.1763.0053.
28. C. Cortes, V. Vapnik, “Support-vector networks,” Machine learning, vol. 20, no. 3, pp. 273–297, 1995, doi: 10.1007/BF00994018.
29. W. S. McCulloch, W. Pitts, “A logical calculus of the ideas immanent in nervous activity,” The bulletin of mathematical biophysics, vol. 5, vol. 4, pp. 115–133, 1943, doi: 10.1007/bf02478259.
30. I. H. Sarker, “Deep cybersecurity: a comprehensive overview from neural network and deep learning perspective,” SN Computer Science, vol. 2, no. 3, pp. 1–16, 2021, doi: 10.1007/s42979-021-00535-6.
31. Z. Fang, J. Wang, B. Li, S. Wu, Y. Zhou, et.al., “Evading Anti-Malware Engines with Deep Reinforcement Learning,” IEEE Access 7, 2019, pp. 48867–48879, 2019. doi: 10.1109/ACCESS.2019.2908033.24.
32. S. Sen, E. Aydogan, A. I. Aysan, “Coevolution of Mobile Malware and Anti-Malware,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 10, pp. 2563–2574, 2018, doi: 10.1109/TIFS.2018.2824250.
33. E. Zouave, M. Bruce, K. Colde, M. Jaitner, I. Rodhe, “Artificially intelligent cyberattacks”, Stockholm: Totalförsvarets forskningsinstitut FOI [Online] Available: https://whttps://www.statsvet.uu.se/digitalAssets/769/c_769530-l_3-k_rapport-foi-vt20.pdf [Accessed: Sep.28, 2022].
34. E. Adi, Z. Baig, P. Hingston, “Stealthy Denial of Service (DoS) attack modelling and detection for HTTP/2 services,” Journal of Network and Computer Applications, vol. 91, pp. 1–13, 2017, doi: 10.1016/j.jnca.2017.04.015.
35. A. M. Turing, “Computing machinery and intelligence,” in Parsing the turing test, doi: 10.1007/978-1-4020-6710-5_3.
36. MITRE. Supply Chain Compromise for Enterprise [Online]. Available: https://attack.mitre.org/techniques/T1195/. [Accessed: Sep. 28, 2022].
37. MITRE. Supply Chain Compromise for Mobile [Online]. Available: https://attack.mitre.org/techniques/T1474/. [Accessed: Sep. 28, 2022].
38. MITRE. Supply Chain Compromise for Industrial Control System [Online]. Available: https://collaborate.mitre.org/attackics/index.php/Technique/T0862. [Accessed: Sep. 28, 2022].
39. E. Fix, J. L. Hodges, “Discriminatory analysis-nonparametric discrimination: Consistency properties,”International Statistical Review/Revue Internationale de Statistique, vol. 57, no. 3, pp. 238–247, 1989, doi: 10.2307/1403797.
40. I. Khalil, S. Bagchi, “Stealthy attacks in wireless ad hoc networks: Detection and countermeasure,”, IEEE Transactions on Mobile Computing, vol. 10, no. 8, pp. 1096–1112, 2011, doi: 10.1109/TMC.2010.249.
41. D. I. Urbina, J. Giraldo, A. A. Cardenas, N. O. Tippenhauer, J. Valente, et al., “Limiting the impact of stealthy attacks on Industrial Control Systems,” Proceedings of the ACM Conference on Computer and Communications Security, 2016, pp. 1092–1105 [Online], Avaiable https://users.soe.ucsc.edu/~alacarde/papers/ccs16.pdf. [Accessed: Sep. 28, 2022].
42. B. Filkins, D.Wylie, A. Dely, “Sans 2019 state of ot/ics cybersecurity survey,” SANS Institute, 2019.
43. M. Sharif, S. Bhagavatula, L. Bauer, M. K. Reiter, “Accessorize to a crime: Real and stealthy attacks on state-of-the-art face recognition,” Proceedings of the ACM Conference on Computer and Communications Security, 2016, pp. 1528–1540 [Online]. Available: https://users.ece.cmu.edu/~lbauer/papers/2016/ccs2016- face-recognition.pdf. [Accessed: Sep. 28, 2022].
44. P. Dash, M. Karimibiuki, K. Pattabiraman, “Out of control: Stealthy Attacks against Robotic Vehicles Protected by Control-based Techniques,” ACM International Conference Proceeding Series, 2019. pp. 660–672.
45. J. Li, Y. Yang, J. S. Sun, K. Tomsovic, H. Qi, “Conaml: Constrained adversarial machine learning for cyberphysicalsystems,” Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security, 2021, pp. 52–66 [Online]. Available: https://par.nsf.gov/servlets/purl/10314482. [Accessed: Sep. 28, 2022].
46. I. Niazazari, H. Livani, “Attack on Grid Event Cause Analysis: An Adversarial Machine Learning Approach,” 2019, doi: 10.48550/arxiv.1911.08011.
47. E. Anthi, L. Williams, M. Rhode, P. Burnap, A. Wedgbury, “Adversarial attacks on machine learning cybersecurity defences in industrial control systems,” Journal of Information Security and Applications, vol. 58, no. 8, pp. 102717, 2021, doi: 10.1016/j.jisa.2020.102717.
48. M. Rajpal, W. Blum, R. Singh, “Not all bytes are equal: Neural byte sieve for fuzzing,” arXiv preprint arXiv:1711.04596, pp. 1–10, 2017.
49. J. Li, B. Zhao, C. Zhang, “Fuzzing: a survey,” Cybersecurity, vol. 1, pp. 1–13, 2018, doi: 10.1186/s42400-018-0002-y.
50. Y. Wang, P. Jia, L. Liu, C. Huang, Z. Liu, “A systematic review of fuzzing based on machine learning techniques,” PLoS ONE, vol. 15, no. 8, pp. 1–37, 2020, doi: 10.1371/journal.pone.0237749.
51. M. Jagielski, A. Oprea, B. Biggio, C. Liu, C. Nita-Rotaru, et al., “Manipulating machine learning: Poisoning attacks and countermeasures for regression learning,” 2018 IEEE Symposium on Security and Privacy (SP), pp. 19–35 [Online]. Available: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8418594. [Accessed: Sep. 28, 2022].
52. D. Yacchirema, J. S. de Puga, C. Palau, M. Esteve, “Fall detection system for elderly people using IoT and ensemble machine learning algorithm,” Personal and Ubiquitous Computing, vol. 23, no. 5-6, pp. 801–817, 2019, doi: 10.1007/s00779-018-01196-8.
53. T. Takahashi, Y. Kadobayashi, “Reference ontology for cybersecurity operational information,” The Computer Journal, vol. 58, no. 10, pp. 2297–2312, 2015, doi: 10.1093/comjnl/bxu101.
54. MITRE. Lateral Movement for Enterprise [Online]. Available: https://attack.mitre.org/tactics/TA0008/. [Accessed: Sep. 28, 2022].
55. MITRE. Lateral Movement for Mobile [Online]. Available: https://attack.mitre.org/tactics/TA0033/26. [Accessed: Sep. 28, 2022].
56. MITRE. Lateral Movement for Industrial Control Systems [Online]. Available: https://collaborate.mitre.org/attackics/index.php/Lateral_Movement. [Accessed: Sep. 28, 2022].
57. M. Choraś, M. Pawlicki, R. Kozik, “The feasibility of deep learning use for adversarial model extraction in the cybersecurity domain,” International Conference on Intelligent Data Engineering and Automated Learning, Springer, 2019, pp. 353–360.
58. X. Yuan, L. Ding, L. Zhang, X. Li, D. Wu, “Es attack: Model stealing against deep neural networks without data hurdles,” arXiv preprint arXiv:2009.09560, 2020.
59. G. Hinton, O. Vinyals, J. Dean, “Distilling the knowledge in a neural network,” arXiv preprint arXiv:1503.02531, vol. 2, no. 7, 2015.
60. S. Kariyappa, A. Prakash, M. K. Qureshi, “Maze: Data-free model stealing attack using zeroth-order gradient estimation,” Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2021, pp. 13814–13823.
61. S. Ghadimi, G. Lan, “Stochastic first- and zeroth-order methods for nonconvex stochastic programming,” SIAM Journal on Optimization, vol. 23, no. 4, pp. 2341–2368, 2013, doi: 10.1137/120880811.
62. H. Yu, K. Yang, T. Zhang, Y.-Y. Tsai, T.-Y. Ho, et al., “Cloudleak: Large-scale deep learning models stealing through adversarial examples,” NDSS, 2020. doi: 10.14722/ndss.2020.24178.
63. L. Zhang, G. Lin, B. Gao, Z. Qin, Y. Tai, J. Zhang, “Neural model stealing attack to smart mobile device on intelligent medical platform,” Wireless Communications and Mobile Computing, vol. 2020, doi: 10.1155/2020/8859489.
64. I. H. Witten, E. Frank, M. A. Hall, “Data Mining: Practical Machine Learning Tools and Techniques,” 4th Edition, Morgan Kaufmann Series in Data Management Systems, Morgan Kaufmann, Amsterdam, 2017 [Online]. Available: http://www.sciencedirect.com/science/book/9780123748560. [Accessed: Sep. 28, 2022].
65. J. R. Quinlan, “Induction of decision trees,” Machine learning, vol. 1, no. 1, pp. 81–106, 1986, doi: 10.1023/A:1022643204877.
66. S. Lee, K. Levanti, H. S. Kim, “Network monitoring: Present and future,” Computer Networks, vol. 65, pp. 84–98, 2014, doi: 10.1016/j.comnet.2014.03.007.
67. F. Tramèr, A. Kurakin, N. Papernot, I. Goodfellow, D. Boneh, et al., “Ensemble adversarial training: Attacksand defenses,” 6th International Conference on Learning Representations, 2018, pp. 1–20 [Online]. Available: https://floriantramer.com/docs/papers/iclr18ensemble.pdf. [Accessed: Sep. 28, 2022].

Uwagi

Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-463574d5-19ce-4dd1-a336-8fcc2eb76be0