IEEE Access (Jan 2024)
Data Fingerprinting and Visualization for AI-Enhanced Cyber-Defence Systems
Abstract
Artificial intelligence (AI)-assisted cyber-attacks have evolved to become increasingly successful in every aspect of the cyber-defence life cycle. For example, in the reconnaissance phase, AI-enhanced tools such as MalGAN can be deployed. The attacks launched by these types of tools automatically exploit vulnerabilities in cyber-defence systems. However, existing countermeasures cannot detect the attacks launched by most AI-enhanced tools. The solution presented in this paper is the first step towards using data fingerprinting and visualization to protect against AI-enhanced attacks. The AIECDS methodology for the development of AI-Enhanced Cyber-defense Systems was presented and discussed. This methodology includes tasks for data fingerprinting and visualization. The use of fingerprinted data and data visualization in cyber-defense systems has the potential to significantly reduce the complexity of the decision boundary and simplify the machine-learning models required to improve detection efficiency, even for malicious threats with minuscule sample datasets. This was validated by showing how the resulting fingerprints enable the visual discrimination of benign and malicious events as part of a use case for the discovery of cyber threats using fingerprint network sessions.
Keywords
