Report

Understanding the Strategic and Technical Significance of Technology for Security Implications of AI and Machine Learning for Cybersecurity

August 28th 2019 - 11:27

This report was commissioned by and executed for the Hague Security Delta (https://www.thehaguesecuritydelta.com/)

 

Artificial Intelligence (AI) has made exponential progress in recent years, especially in terms of Artificial Narrow Intelligence (ANI) and machine learning. As the amount of data breaches and cybersecurity incidents grow, AI is increasingly being hailed for its new way to automatically spot any malware on a network, guide incident response, and detect intrusions before they even occur. The 2018 Ponemon Institute’s “Artificial Intelligence (AI) in Cyber-Security” study, for example, shows that AI is able to detect 63% of previously undetectable zero-day exploits.1 However, despite the potential benefits of AI being touted as a game-changer, estimates on its impact on cybersecurity still vary widely. Cybersecurity is a field where absolute security is impossible. Instead its objective is to reduce the attack surface to a minimum. The rosy view of what AI can deliver is not entirely wrong, but what next-generation techniques actually do is more muddled and incremental than marketers would want to admit. Fortunately, researchers developing new defense techniques at companies and in academia largely agree on both the potential benefits and challenges. This study explores how machine learning, in particular unsupervised learning, can play a role in cybersecurity.2 Chapter 2 introduces the body of AI and the different forms of machine learning. Chapter 3 looks at the possible application and weaknesses of machine learning to improve cybersecurity, while chapter 4 identifies the macro bottlenecks for the technology. Overall, the study uses recent literature on the subject in light of contextual examples, and presents some suggestions and recommendations for Dutch stakeholders seeking to understand how to best profit from the development from a socio-economic context.

Louk Faesen is Strategic Analyst at the Cyber Policy and Resilience Program of the Hague Centre for Strategic Studies. He mainly focuses on international peace and security in cyberspace, norms of responsible state and non-state behavior, and confidence-building measures (CBMs) in cyberspace. Louk functions as the Project Manager of the Global Commission on the Stability of Cyberspace (GCSC), a multi-stakeholder initiative launched at the 2017 Munich Security Conference by the Foreign minister of the Netherlands that brings together leading experts from all major cyber powers and regions to help develop norm and policy initiatives related to international peace and security in cyberspace.
Erik Frinking is Strategic Advisor Security and Cyber at HCSS. He holds a Master’s degree in Political Science from Leiden University. For almost twenty years, he has been involved in addressing high-level, complex policy issues for a wide variety of European countries and international organizations. Mr. Frinking worked for more than 13 years at the Leiden branch of the RAND Corporation, where he was director of the Education, Science & Technology, and Innovation program.