Technology peripherals
AI
Human and machine intelligence: Artificial intelligence in security operations
Human and machine intelligence: Artificial intelligence in security operations
Most commercial AI success is related to supervised machine learning ML. Examples include smart home assistants’ understanding of spoken language and self-driving cars’ object recognition, all leveraging the vast amounts of labeled data and computation required to train complex deep learning models. However, in the field of network security, although AI can be used to improve the efficiency and scale of security operations teams, it requires a high degree of human participation, otherwise it cannot solve most network security problems, at least for now.
#In addition, the digital noise generated by human behavior in the enterprise environment makes anomalies in the system common, making it impossible to determine whether they represent attacks. . Therefore, the effect of abnormal behavior detection based on artificial intelligence is not ideal. For example, a large enterprise that produces 1 billion remote sensing data per day uses machine learning to detect threats. Even if its accuracy is 99.9%, it means finding the real attack event among 1 million false positives. Overcoming this imbalance in detection data requires a lot of professional knowledge and a multi-pronged approach. detection strategy.
But obviously without AI, things can only get worse. There are still ways to harness the power of machine learning to improve operational efficiency. Here are three principles that security operations teams are advised to consider:
1. Human and machine intelligence
Artificial intelligence is a supplement to human intelligence, not a replacement. In the environment of complex systems, especially when confronting rapidly adapting and intelligent opponents, automation technology with active learning as its core will bring extremely high value. The main job of humans is to regularly check the machine learning system, add new examples, and continuously adjust and iterate.
2. Choose the right tools
#You don’t need to be an AI expert to make good decisions, but the premise is to make sure you choose the right tools The right tools.
- First, it’s important to understand the difference between anomalous behavior and malicious behavior, as they are often two different things and rely on very different detection techniques. The former is easily discovered through unsupervised anomaly detection and does not require labeled training data. But the latter requires supervised learning, often requiring many historical examples.
- Secondly, alerts with a high signal-to-noise ratio are critical for security operations teams to fully understand the possible impact of detection results, as these systems will not be 100% accurate.
- Finally, although almost all kinds of machine learning techniques are already used in the field of network security, it is still very important to accumulate a large number of threat intelligence signatures, because once running into these signatures, the attack is almost certain, saving a lot of correlation analysis work. At all times, signatures are a critical baseline for detecting known threats.
3. Security operations require automation
It’s ironic that many cybersecurity professionals who trust AI to drive their cars, Skeptical about the role of artificial intelligence in cybersecurity countermeasures. However, today, when massive amounts of data and alarms need to be processed, automated operations are one of the most effective ways to improve the efficiency of the security operations team, and it is basically the only solution in the future.
Automation frees creative minds from time-consuming operational tasks, especially useful when detecting advanced threats, correlating analysis, prioritizing, and automating low-risk control measures (such as quarantining suspicious files or requiring users to re-verify), these can significantly improve security operation efficiency and reduce network risks.
To sum up, artificial intelligence or machine learning cannot become the only cybersecurity strategy, at least in the foreseeable future. When looking for clues in the vast sea of data, combining machine intelligence with the human intelligence of security experts is the most practical and effective technical means.
The above is the detailed content of Human and machine intelligence: Artificial intelligence in security operations. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Bytedance Cutting launches SVIP super membership: 499 yuan for continuous annual subscription, providing a variety of AI functions
Jun 28, 2024 am 03:51 AM
This site reported on June 27 that Jianying is a video editing software developed by FaceMeng Technology, a subsidiary of ByteDance. It relies on the Douyin platform and basically produces short video content for users of the platform. It is compatible with iOS, Android, and Windows. , MacOS and other operating systems. Jianying officially announced the upgrade of its membership system and launched a new SVIP, which includes a variety of AI black technologies, such as intelligent translation, intelligent highlighting, intelligent packaging, digital human synthesis, etc. In terms of price, the monthly fee for clipping SVIP is 79 yuan, the annual fee is 599 yuan (note on this site: equivalent to 49.9 yuan per month), the continuous monthly subscription is 59 yuan per month, and the continuous annual subscription is 499 yuan per year (equivalent to 41.6 yuan per month) . In addition, the cut official also stated that in order to improve the user experience, those who have subscribed to the original VIP
Context-augmented AI coding assistant using Rag and Sem-Rag
Jun 10, 2024 am 11:08 AM
Improve developer productivity, efficiency, and accuracy by incorporating retrieval-enhanced generation and semantic memory into AI coding assistants. Translated from EnhancingAICodingAssistantswithContextUsingRAGandSEM-RAG, author JanakiramMSV. While basic AI programming assistants are naturally helpful, they often fail to provide the most relevant and correct code suggestions because they rely on a general understanding of the software language and the most common patterns of writing software. The code generated by these coding assistants is suitable for solving the problems they are responsible for solving, but often does not conform to the coding standards, conventions and styles of the individual teams. This often results in suggestions that need to be modified or refined in order for the code to be accepted into the application
Seven Cool GenAI & LLM Technical Interview Questions
Jun 07, 2024 am 10:06 AM
To learn more about AIGC, please visit: 51CTOAI.x Community https://www.51cto.com/aigc/Translator|Jingyan Reviewer|Chonglou is different from the traditional question bank that can be seen everywhere on the Internet. These questions It requires thinking outside the box. Large Language Models (LLMs) are increasingly important in the fields of data science, generative artificial intelligence (GenAI), and artificial intelligence. These complex algorithms enhance human skills and drive efficiency and innovation in many industries, becoming the key for companies to remain competitive. LLM has a wide range of applications. It can be used in fields such as natural language processing, text generation, speech recognition and recommendation systems. By learning from large amounts of data, LLM is able to generate text
Can fine-tuning really allow LLM to learn new things: introducing new knowledge may make the model produce more hallucinations
Jun 11, 2024 pm 03:57 PM
Large Language Models (LLMs) are trained on huge text databases, where they acquire large amounts of real-world knowledge. This knowledge is embedded into their parameters and can then be used when needed. The knowledge of these models is "reified" at the end of training. At the end of pre-training, the model actually stops learning. Align or fine-tune the model to learn how to leverage this knowledge and respond more naturally to user questions. But sometimes model knowledge is not enough, and although the model can access external content through RAG, it is considered beneficial to adapt the model to new domains through fine-tuning. This fine-tuning is performed using input from human annotators or other LLM creations, where the model encounters additional real-world knowledge and integrates it
Five schools of machine learning you don't know about
Jun 05, 2024 pm 08:51 PM
Machine learning is an important branch of artificial intelligence that gives computers the ability to learn from data and improve their capabilities without being explicitly programmed. Machine learning has a wide range of applications in various fields, from image recognition and natural language processing to recommendation systems and fraud detection, and it is changing the way we live. There are many different methods and theories in the field of machine learning, among which the five most influential methods are called the "Five Schools of Machine Learning". The five major schools are the symbolic school, the connectionist school, the evolutionary school, the Bayesian school and the analogy school. 1. Symbolism, also known as symbolism, emphasizes the use of symbols for logical reasoning and expression of knowledge. This school of thought believes that learning is a process of reverse deduction, through existing
To provide a new scientific and complex question answering benchmark and evaluation system for large models, UNSW, Argonne, University of Chicago and other institutions jointly launched the SciQAG framework
Jul 25, 2024 am 06:42 AM
Editor |ScienceAI Question Answering (QA) data set plays a vital role in promoting natural language processing (NLP) research. High-quality QA data sets can not only be used to fine-tune models, but also effectively evaluate the capabilities of large language models (LLM), especially the ability to understand and reason about scientific knowledge. Although there are currently many scientific QA data sets covering medicine, chemistry, biology and other fields, these data sets still have some shortcomings. First, the data form is relatively simple, most of which are multiple-choice questions. They are easy to evaluate, but limit the model's answer selection range and cannot fully test the model's ability to answer scientific questions. In contrast, open-ended Q&A
SOTA performance, Xiamen multi-modal protein-ligand affinity prediction AI method, combines molecular surface information for the first time
Jul 17, 2024 pm 06:37 PM
Editor | KX In the field of drug research and development, accurately and effectively predicting the binding affinity of proteins and ligands is crucial for drug screening and optimization. However, current studies do not take into account the important role of molecular surface information in protein-ligand interactions. Based on this, researchers from Xiamen University proposed a novel multi-modal feature extraction (MFE) framework, which for the first time combines information on protein surface, 3D structure and sequence, and uses a cross-attention mechanism to compare different modalities. feature alignment. Experimental results demonstrate that this method achieves state-of-the-art performance in predicting protein-ligand binding affinities. Furthermore, ablation studies demonstrate the effectiveness and necessity of protein surface information and multimodal feature alignment within this framework. Related research begins with "S
SK Hynix will display new AI-related products on August 6: 12-layer HBM3E, 321-high NAND, etc.
Aug 01, 2024 pm 09:40 PM
According to news from this site on August 1, SK Hynix released a blog post today (August 1), announcing that it will attend the Global Semiconductor Memory Summit FMS2024 to be held in Santa Clara, California, USA from August 6 to 8, showcasing many new technologies. generation product. Introduction to the Future Memory and Storage Summit (FutureMemoryandStorage), formerly the Flash Memory Summit (FlashMemorySummit) mainly for NAND suppliers, in the context of increasing attention to artificial intelligence technology, this year was renamed the Future Memory and Storage Summit (FutureMemoryandStorage) to invite DRAM and storage vendors and many more players. New product SK hynix launched last year
