Artificial Intelligence and Data Mining Approaches in Security Frameworks. Группа авторов
on both sides [2, 3].
1.3 Artificial Intelligence in Cyber Security
AI in cyber security supports companies or organizations, allowing them to safeguard their defense mechanisms; furthermore, it helps them to interpret cybercrimes effectively. Enterprises are using this ideal opportunity to achieve efficiency in automation by going digital as they take leverage of faster execution speeds. Achieving digital connectedness in their entire value chains helps them to meet the increasing competition in the market. On similar lines, cybercriminals find opportunity with increasing digitization. Cybercrime unions are actively focusing on digital ecosystems including cloud infrastructure, Internet of Things (IoT) devices and software as a service (SaaS) offerings. Therefore, Enterprises are confronted with the challenge of pushing for greater gains in business advantage while balancing the risk of cyber exposure [4, 5].
1.3.1 Multi-Layered Security System Design
Organizations are concentrating more on cyber security in the present scenario. This is because advanced cyber security attacks have forced them to spend a lot of money to prevent future data breaches. It begins with designing a multi-layered security framework that will secure the network infrastructure.
Figure 1.1 Network infrastructure [4].
Figure 1.1 denotes the network infrastructure which contain Firewall, anti-virus software and a disaster recovery plan. All these component make a network infrastructure more efficient. AI has affected security by helping experts to recognize abnormalities in the system by analyzing client activities and contemplating the examples. Security experts would now be able to contemplate and organize information utilizing AI and detect vulnerabilities to forestall harmful attacks [6].
1.3.2 Traditional Security Approach and AI
AI will help enhance the traditional security approach in the following ways:
Advanced AI-powered security instruments will be utilized to screen and react to security events.
Modern firewalls will have built-in machine learning technology to detect and remove an unusual pattern in the system traffic, if considered hostile.
Analyzing vulnerabilities using the natural language processing feature in AI, security experts can also identify the root of a digital assault.
Predictive analysis of detecting malicious threats and scanning of the data in advance is required.
Since our reliance on big data has increased, we have created a parallel need of keeping it safe. Thus, the need of the hour is to safeguard the integrity of networks, stored data and programs from unauthorized access and attacks [7−9].
1.4 Related Work
1.4.1 Literature Review
Today the Internet is used by millions of ordinary people, making them easy targets for cyber criminals. With “softwarisation and digitization” and rapid adoption of IoT, cyber security is now at the core of business strategy. Data is a broad categorization, ranging from credit-card information, bank, financial records and personal information. The contemporary solution to this far-reaching issue lies in basic awareness, building defensive cyber-capabilities or protection and care, by education.
Onashoga, S. Adebukola, Ajayi, O. Bamidele and A. Taofik (2013) in their paper discuss simulated multi-agent-based architecture for intrusion detection system to overcome the shortcoming of the current mobile agent–based intrusion detection system. The data are distributed on both the host and the network. Closed pattern mining (CPM) algorithm is introduced for profiling the users’ activities in network database. This not only helps in reducing the time of sorting the data but also helps the analysts to know about the patterns of human behavior in real time.
Alex Roney Mathew et al. (2010) in their paper discuss the different types of cybercrime, namely: social-engineering phishing, email spoofing and pharming. They also discuss ways to protect people from such crimes with an emphasis on biometrics. Cybercrimes have lately become so prevalent in that only a very small amount of the population in the world has been untouched by them [1].
Selvakani, Maheshwari V. and Karavanisundari (2010) in their paper stress the fact that information technology can be used for destructive as well as constructive work, depending on whose hands it ends up in. The study deals with the importance of cyber laws to protect the interests of the cyber victims. The authors believe that a computer can be secured even by a person with simple knowledge but that the ascertainment and preservation of the evidence is a tough task. There is a need for techno-legal harmonized law; a good combination is required. AI should help in designing a strong law which can be used effectively to trace cybercrimes.
L.S. Wijesinghe, L.N.B. De Silva, G.T.A. Abhayaratne, P. Krithika, S.M.D.R. Priyashan, and Dhishan Dhammearatchi (2016) in their research paper mainly focus on how to combat cybercrimes, and also throw some light on how intelligent and effective the tool “agent” can be used in the detection and prevention of cyber-attacks. Cyber-attacks tend to have a huge impact on the IT industry when it comes to data theft, the data has become more vulnerable and prone to such threats and attacks due to the malicious activities going on for the agendas best known to the attackers.
Ramamoorthy R. (2010) in his paper discusses the various perspectives of cyber security. Because of ontinuously evolving new threats against enterprises, IT has made cyber security a “must look-into” issue. The systems administration team should devise ways to improve their cyber security with an automated, on-demand, real-time application security testing solution that makes comprehensive cyber security for applications simpler and more cost effective. Cyber security knows no borders. The author touches upon controlling server sprawl to increase operational efficiency and ease disaster recovery, virtualization clearly delivers end results.
Yasmin N., and Bajaj N. (2012) in their research paper present S-box Modification in DES. DES is Data Encryption Standards and S-box “substitution box” – a standard encryption device. Security is the main concern for organizations participating in information exchange. One of the essential aspects for secure communications is that of cryptography. As cybercrimes are causing serious financial losses, an existing system needs constant modifications to ensure that security levels are not compromised. It shows a higher degree of resistance against attack on relationship Li+1 = Ri. But a significant amount of mathematical knowledge and understanding the complete crypto system is required.
1.4.2 Corollary
Cyber-attacks are expanding quickly, notwithstanding increased security measures. The attacks may be a malware, phishing attack, password theft, Trojan attacks, and so on. In order to avoid these cybercrimes robust cyber-security measures are needed. Emerging technologies like cognitive science, cloud computing, robotics, internet banking, and e-commerce urgently need to put in adequate safeguard measures in the domain of cyber security. With increasing use of Big Data, governing the decision-making by use of machine learning models, cyber security needs to be at the helm [10, 11].
1.5 Proposed Work
The model proposes to add a layer of security to the multi-layered security approach. The proposed system architecture describe in Figure 1.2.
1 Suppose, while we are trying to log into our bank account using our credentials,