How Deep Learning Is Moving Cybersecurity From A Reactive Response To Proactive Prevention

David Schiffer is the CEO of RevBits and formerly of Safe Banking Systems (SBS). RevBits develops cybersecurity software for organizations.

Deep learning (DL) is an advanced subset of machine learning (ML), which is behind some of the most innovative and sophisticated technologies today. We can witness the rapid evolution of AI, ML and DL in almost every industry and experience benefits considered impossible just a few short years ago.

DL takes a leap forward in sophistication from machine learning. Unlike ML, which may require human intervention in the output layer if the results are faulty or not desirable, DL continually learns and increases in accuracy without human intervention. Multilayered DL models can achieve startling levels of accuracy and performance.

The Rise Of Deep Learning Models

Researchers have strived for years to create sophisticated AI algorithms capable of more advanced functions. The research effort to closely mimic a biological brain has led to more complex mathematical computations resulting in the creation of the artificial neural network (ANN). In simple terms, it is comprised of a system of nodes (or neurons) just like a human brain which can receive information and send information to each other in the network. In other words, it learns and adapts.

The journey towards this technology has been slow due to its requirements. The recipe for this achievement required three ingredients: massive amounts of data, significantly more advanced algorithms and greatly increased processing power. That power comes in the form of graphical processing units, or GPUs.

GPUs are computer chips that can significantly accelerate deep learning computational processes and are core components of AI infrastructure. They can simultaneously execute multiple computations and considerably speed up ML learning processes, handling mountains of data with ease. Powerful GPUs combined with cloud computing can effectively lower the amount of time needed for training a deep model network from many weeks to hours.

The Drawbacks Of GPU Power

GPU power consumption for such high-performance computing is staggering and expensive. The power needed to train a single final version of some GPU models can be more wattage than 80 homes might utilize in a year.

Further, the energy required for large data storage centers around the world has serious environmental impact implications due to energy and water consumption as well as greenhouse gas emissions. The answer to this dilemma, in part, is for DL to increase the high quality of data over the high quantity. As AI evolution continues, sustainability initiatives must become a shared global platform.

The More Layers, The Deeper The Dive

In humans, the deeper we delve into layers of research data and experiential examples about a subject, the more we create a functional and comprehensive knowledge base. Artificial neural networks are constructed from three types of layers. The first input layer supplies the initial data pool for the network. The last layer is the output layer which produces all outcomes for the given data input. In between these two are the all-important hidden layers. These intermediate layers are where all computational processes are performed.

At least three layers qualify for deep learning, but the more layers, the deeper the learning to inform the output layer. DL layers have varied functions that act upon data as it travels through each stratum in a specific order. With each additional layer, more details and features can be progressively pulled from the data sets. It ultimately leads to network output that forecasts or states potential outcomes, predictions and conclusions.

The Importance Of Deep Learning For Accuracy And Prevention

AI automation and deep learning models are crucial elements in the battle against cybercrime and provide significant capabilities against the escalation of ransomware. DL models can recognize and predict suspicious behavior and understand what a potential attack looks like in order to prevent any payload execution or data encryption.

Artificial neural networks generate smarter intrusion detection and prevention systems with far greater accuracy and significantly lower false alerts than machine learning. ANNs don’t need to rely upon attack signatures or remember a list of known common attack sequences. Their continuous learning and updating can recognize any system activity that shows the presence of malicious behaviors or malware.

External attacks have been a major focus for cybersecurity teams, but internal malicious activity is on the rise. The Ponemon 2022 Cost of Insider Threats: Global Report indicates incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million.

Security teams are increasingly leveraging user and entity behavior analytics (UEBA) to thwart insider threats. DL models can analyze and learn normal employee behavioral patterns over time and detect when there are aberrations. For example, they can detect any after-hours system access or data exfiltration and send alerts.

Proactive Versus Reactive Cybersecurity

There’s a big difference between cyber detection and response versus protection and elimination. The reactive approach defends after threats have entered the network to exploit systems and exfiltrate data. The goal of proactive prevention and threat elimination, through recognizing and removing vulnerabilities and malicious activity before exploitation, can be attainable through deep learning.

While cybersecurity solutions with automation and multilayered deep learning are significantly heightening security defense postures, the technology can be leveraged by both sides of the cybercrime battle.

Escalating AI innovations requires protective legislation.

In cybersecurity’s quest to defend against sophisticated cyber foes, AI solutions like DL are evolving faster than regulatory bodies can contain and control their capabilities. What benefits enterprise defenders can also be utilized and manipulated by malicious attackers.

The ramifications of future unbridled AI technology on a global scale could be devastating. It could be an escalated good versus evil battleground if our technology runs wild without legislation to maintain order, human rights and international security.

Ultimately, the goal of cybersecurity is to move beyond reactive detection and response to proactive protection and threat elimination. Automation and multilayered deep learning are crucial steps in that direction. The challenge lies in maintaining sensible controls and staying one step ahead of our cyber foes.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?