Skip to main content
SpringerLink
Log in

Artificial Intelligence in Cybersecurity: The Use of AI Along the Cyber Kill Chain

  • Conference paper
  • First Online:
Computational Collective Intelligence (ICCCI 2019)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 11684))

Included in the following conference series:

Abstract

The current challenge with defense against cyberattacks is that the speed and quantity of threats often outpace human-centered cyber defense capabilities. That is why a new Artificial Intelligence driven approach may enhance the effectiveness of security controls. However, it can also be used by adversaries to create more sophisticated and adaptable attack mechanisms. Distinguishing three key AI capabilities (knowledge acquisition, human-like perception and decision making), the goal of this paper is to assert where within the cyber kill chain have AI capabilities already been applied, and which phase holds the greatest near-term potential given recent developments and publications. Based on literature review, authors see the strongest potential for deploying AI capabilities during the reconnaissance, intrusion, privilege escalation and data exfiltration steps of the cyber kill chain with other uses being deployed in the remaining steps.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. World Economic Forum (WEF) - The Global Risks Report 2019. http://www3.weforum.org/docs/WEF_Global_Risks_Report_2019.pdf. Accessed 27 Jan 2019

  2. United States Government Accountability Office (US-GAO) Information Security - Agencies Need to Improve Controls over Selected High-Impact Systems. https://www.gao.gov/assets/680/677293.pdf. Accessed 21 Jan 2019

  3. Venkatachary, S.K., Prasad, J., Samikannu, R.: Cybersecurity and cyber terrorism - in energy sector – a review. J. Cyber Secur. Technol. 2, 111–130 (2018)

    Article  Google Scholar 

  4. Jasper, S.: Russia and ransomware - stop the act, not the actor. The National Interest, November 2017

    Google Scholar 

  5. Verizon Data Breach Investigations Report 10th Edition. http://www.verizonenterprise.com/verizon-insights-lab/dbir/tool/. Accessed 22 Jan 2019

  6. Zetter, K.: Countdown to Zero Day. Stuxnet and the Launch of the World’s First Digital Weapon. Random House, New York (2014)

    Google Scholar 

  7. Libicki, M., Senty, D., Pollak, J.: Hackers wanted: an examination of the cybersecurity labor market. RAND National Security Research Division, Santa Monica, California, USA (2014)

    Book  Google Scholar 

  8. Baker, W., Jacobs, J.: Abstractions of security - mining a decade of RSA. In: RSA Conference, San Francisco (2018)

    Google Scholar 

  9. Forbes - What Is the Difference Between Artificial Intelligence and Machine Learning? https://www.forbes.com/sites/bernardmarr/2016/12/06/what-is-the-difference-between-artificial-intelligence-and-machine-learning/. Accessed 21 Mar 2019

  10. Brashear, J., Shacklady, J., Sinclair, A.: The New Normal - Exponential Growth Powered by AI. Accenture Strategy Press (2016)

    Google Scholar 

  11. IBM QRadar Advisor with Watson. https://www.ibm.com/downloads/cas/52GBXLK8. Accessed 06 Mar 2019

  12. Muppidi, S., Lodewijkx, K.: AI and cybersecurity – applications of artificial intelligence in security understanding and defending against adversarial AI. https://www.rsaconference.com/writable/presentations/file_upload/spo2-t07-ai_and_cybersecurity_-_applications_of_artificial_intelligence_in_security-understanding_and_defending_against_adversarial_ai.pdf. Accessed 18 Mar 2019

  13. Wirkuttis, N., Klein, H.: Artificial intelligence in cybersecurity. Cyber Intell. Secur. 1(1), 103–119 (2017)

    Google Scholar 

  14. Goosen, R., Rontojannis, A., Deutscher, S., Rogg, J., Bohmayr, W., Mkrtchian, D.: Artificial intelligence is a threat to cybersecurity. it’s also a solution. https://www.bcg.com/publications/2018/artificial-intelligence-threat-cybersecurity-solution.aspx. Accessed 21 May 2019

  15. IBM Adversarial Robustness Toolbox (ART v0.7.0). https://github.com/IBM/adversarial-robustness-toolbox. Accessed 05 Apr 2019

  16. Müller, V.C., Bostrom, N.: Future progress in artificial intelligence: a survey of expert opinion. In: Müller, V.C. (ed.) Fundamental Issues of Artificial Intelligence. SL, vol. 376, pp. 553–570. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-26485-1_33

    Chapter  Google Scholar 

  17. Dezeen – Christie’s sells AI-created artwork painted using algorithm for $432,000. https://www.dezeen.com/2018/10/29/christies-ai-artwork-obvious-portrait-edmond-de-belamy-design/. Accessed 20 May 2019

  18. Lockheed Martin – gaining the advantage – applying cyber kill chain methodology to network defense. https://lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/Gaining_the_Advantage_Cyber_Kill_Chain.pdf. Accessed 27 Feb 2019

  19. Hospelhorn, S.: Varonis - what is the cyber kill chain and how to use it effectively. https://www.varonis.com/blog/cyber-kill-chain/. Accessed 07 Mar 2019

  20. Mitnick, K.: Art of Invisibility - He World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data. Little, Brown and Company, Boston (2017)

    Google Scholar 

  21. Recorded Future - How Artificial Intelligence Is Shaping the Future of Open Source Intelligence. https://www.recordedfuture.com/open-source-intelligence-future/. Accessed 29 Mar 2019

  22. Kharkovyna, O.: Facial recognition and AI - latest developments and future directions. https://becominghuman.ai/facial-recognition-and-ai-latest-developments-and-future-directions-39d22201d88b. Accessed 14 Mar 2019

  23. Balla, P.B., Jadhao, K.T.: IoT based facial recognition security system. In: 2018 International Conference on Smart City and Emerging Technology (ICSCET), India (2018)

    Google Scholar 

  24. Seymour, J., Tully, P.: Weaponizing data science for social engineering – automated E2E spear phishing on Twitter. In: DEFCON Conference (2016)

    Google Scholar 

  25. Zelonis, J., Balaouras, S., Cyr, M., Dostie, P.: The forrester MITRE ATT&CK evaluation guide (2019)

    Google Scholar 

  26. Heinemeyer, M.: Thwarting an invisible threat - how AI sniffs out the Ursnif trojan. https://www.darktrace.com/en/blog/thwarting-an-invisible-threat-how-ai-sniffs-out-the-ursnif-trojan/. Accessed 26 Mar 2019

  27. Hitaj, B., Gasti, P., Ateniese, G., Perez-Cruz, F.: PassGAN - a deep learning approach for password guessing. In: NeurIPS 2018 Workshop on Security in Machine Learning (2018)

    Google Scholar 

  28. Sawa, Y., Bhakta, R., Harris, I.G., Hadnagy, C.: Detection of social engineering attacks through natural language processing of conversations. In: IEEE Tenth International Conference on Semantic Computing - ICSC (2016)

    Google Scholar 

  29. SentinelOne announces lateral movement detection engine. https://www.sentinelone.com/press/sentinelone-announces-lateral-movement-detection-engine-catch-unauthorized-network-movement-malicious-actors/. Accessed 04 Mar 2019

  30. Ambre, A., Shekokarb, N.: Insider threat detection using log analysis and event correlation. Procedia Comput. Sci. 45, 436–445 (2015)

    Article  Google Scholar 

  31. Breier, J., Branišová, J.: A dynamic rule creation based anomaly detection method for identifying security breaches in log records. Wireless Pers. Commun. 94, 497–511 (2017)

    Article  Google Scholar 

  32. Kuriakose, J., Vinod, P.: Unknown metamorphic malware detection - modelling with fewer relevant features and robust feature selection techniques. IAENG Int. J. Comput. Sci. 42, 139–151 (2015)

    Google Scholar 

  33. Stone, M.: Fight fire with fire: how AI plays a role in both stopping and committing DDoS attacks. https://securityintelligence.com/fight-fire-with-fire-how-ai-plays-a-role-in-both-stopping-and-committing-ddos-attacks/. Accessed 14 Mar 2019

  34. Baruah, S.: Botnet detection: analysis of various techniques. Int. J. Comput. Intell. IoT 2, 7 (2019)

    Google Scholar 

  35. Mc Carthy, S.M., Sinha, A., Tambe, M., Manadhata, P.: Data exfiltration detection and prevention: virtually distributed POMDPs for practically safer networks. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 39–61. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47413-7_3

    Chapter  MATH  Google Scholar 

  36. Isaacson, W.: Innovators - How a Group of Hackers, Geniuses, and Geeks Created the Digital Revolution. Simon & Schuster, New York (2015)

    Google Scholar 

Download references

Acknowledgments

The project is financed by the Ministry of Science and Higher Education in Poland under the programme “Regional Initiative of Excellence” 2019–2022 project number 015/RID/2018/19 total funding amount 10 721 040,00 PLN.

Author information

Authors and Affiliations

  1. Wroclaw University of Economics, Wroclaw, Poland

    Iwona Chomiak-Orsa, Artur Rot & Bartosz Blaicke

  2. McKinsey & Company, Berlin, Germany

    Bartosz Blaicke

Authors
  1. Iwona Chomiak-Orsa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Artur Rot
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bartosz Blaicke
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Artur Rot .

Editor information

Editors and Affiliations

  1. Wrocław University of Science and Technology, Wrocław, Poland

    Ngoc Thanh Nguyen

  2. University of Pau and Pays de l'Adour, Pau, France

    Richard Chbeir

  3. University of Pau and Pays de l'Adour, Pau, France

    Ernesto Exposito

  4. University of Pau and Pays de l'Adour, Pau, France

    Philippe Aniorté

  5. Wrocław University of Science and Technology, Wrocław, Poland

    Bogdan Trawiński

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chomiak-Orsa, I., Rot, A., Blaicke, B. (2019). Artificial Intelligence in Cybersecurity: The Use of AI Along the Cyber Kill Chain. In: Nguyen, N., Chbeir, R., Exposito, E., Aniorté, P., Trawiński, B. (eds) Computational Collective Intelligence. ICCCI 2019. Lecture Notes in Computer Science(), vol 11684. Springer, Cham. https://doi.org/10.1007/978-3-030-28374-2_35

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-28374-2_35

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-28373-5

  • Online ISBN: 978-3-030-28374-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation