Chief Information Security Officers (CISOs) and their staffs are at a permanent pressure to develop, maintain, and update respective companies and organizations security policies, standards, various regulations, and requirements. In a big company/enterprise not all team members are at the same level of qualification necessary to assess vulnerabilities and threats, to perform risk analyses, do deescalate intrusion incidents, reduce losses, and alike.

Artificial Intelligence Applications (AIA) could be priceless helpers for CISO teams to keep everybody up-to-date, advise on a standard most optimal course of actions under the specific circumstances. It should be actually a whole sub-industry in the software security business to elevate awareness of security breaches and the most efficient ways of resolving those incidents.

In recent years, AI/Machine Learning technologies are definitely the critical concerns in the field of cyber security. From both views of cyber adversaries and defenders, the trend of using machine learning techniques is reflected in the following aspects.

• Attackers are increasingly relying on ML to launch cyber attacks and identify vulnerabilities. We can see this from the recent papers, security researchers are fond of ML techniques. E.g., in the conference of CCS' 17, there are more than three papers regarding the security of ML, such as 'MagNet: a Two-Pronged Defense against Adversarial Examples' and 'Machine Learning Models that Remember Too Much'.
• Attackers/Defenders are combining mobile sensor data and ML techniques to launch/thwart attacks. For attacks, e.g., researchers proposed a new attack in 'SENSORID: Sensor Calibration Fingerprinting for Smartphones' (IEEE S&P' 19) and 'PatternListener: Cracking Android Pattern Lock Using Acoustic Signals' (CCS' 18); for protections, e.g., researchers leverage sensors and ML to authenticate users, we can see the relevant works in authentication and privacy session of Mobicom.
• A great number of DoS attacks may appear on IoT devices. The most representative work is 'Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone' (IEEE S&P' 19).

With the popularization of 5G communication, user data are going to be more and more diversified. By ML techniques, attackers may mine more privacy information from their data, so this is going to be a potential threat in the future.

Aren't AI/ML the trending techniques themselves? Moreover, cybersec is a large field, it's better to pick some subfield to find an interesting problem to work on. It's supposed to be easy, as security is basically about classifying stuff (malware/goodware, secure/non-secure, vulnerable/not-vulnerable) and AI/ML does it very well.

Cyber security researchers, professionals are using AI/Machine learning to

1. Inspecting the traffic to find the malware patterns at packet level over network.

2. Find the anomalies in behaviors of the applications and systems in various contexts like malicious 'websites', and 'web applications'.

Basically to automate the routine stuff and classification.

Thanks to All