As digital transformation continues to advance, organisations are becoming increasingly aware of the benefits that modern technologies offer. However, with greater technology adoption comes a higher risk of cyber security threats and attacks. Therefore, there is a need for more advanced measures to protect against constantly evolving threats. One potential solution is the use of Artificial Intelligence (AI). The aim of this research paper was to conduct a systematic literature review (SLR) to assess the impact of AI-based technologies on organisational cyber security and determine their effectiveness compared to traditional cyber security approaches. The PRISMA flow diagram was used to guide the review process. Peer-reviewed articles from 2018 to 2023 were included from EBSCO Host, Google Scholar, Science Direct, ProQuest & SCOPUS and 73 remaining articles were synthesised. The results revealed that AI can impact cybersecurity throughout it's entire life cycle, yielding benefits like automation, threat intelligence, and improved cyber defense. Nevertheless, it also brings challenges like adversarial attacks and the need for high-quality data, which could lead to the inefficiency of AI. These results affirm the positive influence of AI on cybersecurity, enhancing effectiveness and resilience. These findings provide a solid foundation for further research in the field of organisational cybersecurity. These results can help organisations make informed decisions on AI implementations by offering an impartial view of its impacts. 

The impact of artificial intelligence on organisational cyber security: An outcome of a systematic literature review

Zero-day malware is a type of malware that exploits system vulnerabilities before it is detected and sealed. This type of malware is a significant threat to enterprise cybersecurity and has tremendous impact on organizations’ performance, as it can spread widely before organizations can clamp down on the threat. Unfortunately, exploit developers can attack system’s vulnerabilities at a pace that is faster than defensive patches. In this research, classification of zero-day attack was carried out. Exploratory Data Analysis (EDA) on malware zero data was conducted. Then feature selection was carried out using Principal Component Analysis (PCA) for the selection of the most important features in the dataset after which a Random Forest (RF) Algorithm was adopted for the classification of zero-day attack.  The impact of such attacks was also analyzed, and results were evaluated using confusion matrix and an accuracy of 95% in the classification of zero-day attack with a class error of 3.8% was obtained. A survey of the perception of the potential impacts of these attacks on organization was also carried out. These results indicate efficiency of machine learning algorithm in the classification of attacks as zero-day malware attacks or not. The research also offered pragmatic insights into the perception by organizations of its potential negative impacts and their eagerness to embrace and prioritize proffered cyber security solution(s) to avoid such attacks in order to avert undesirable consequences.

pdf/securing-against-zero-day-attacks-a-machine-learning-16m2g0t1dd.pdf

Securing Against Zero-Day Attacks: A Machine Learning Approach for Classification and Organizations’ Perception of its Impact

The proliferation of zero-day threats (ZDTs) to companies’ networks has been immensely costly and requires novel methods to scan traffic for malicious behavior at massive scale. The diverse nature of normal behavior along with the huge landscape of attack types makes deep learning methods an attractive option for their ability to capture highly-nonlinear behavior patterns. In this paper, the authors demonstrate an improvement upon a previously introduced methodology, which used a dual-autoencoder approach to identify ZDTs in network flow telemetry. In addition to the previously-introduced asset-level graph features, which help abstractly represent the role of a host in its network, this new model uses metric learning to train the second autoencoder on labeled attack data. This not only produces stronger performance, but it has the added advantage of improving the interpretability of the model by allowing for multiclass classification in the latent space. This can potentially save human threat hunters time when they investigate predicted ZDTs by showing them which known attack classes were nearby in the latent space. The models presented here are also trained and evaluated with two more datasets, and continue to show promising results even when generalizing to new network topologies.

Zero Day Threat Detection Using Metric Learning Autoencoders

In today's interconnected digital landscape, the proliferation of malware poses a significant threat to the security and stability of computer networks and systems worldwide. As the complexity of malicious tactics, techniques, and procedures (TTPs) continuously grows to evade detection, so does the need for advanced methods capable of capturing and characterizing malware behavior. The current state of the art in malware classification and detection uses task specific objectives; however, this method fails to generalize to other downstream tasks involving the same malware class. In this paper, the authors introduce a novel method that combines convolutional neural networks, standard graph embedding techniques, and a metric learning objective to extract meaningful information from network flow data and create strong embeddings characterizing malware behavior. These embeddings enable the development of highly accurate, efficient, and generalizable machine learning models for tasks such as malware strain classification, zero day threat detection, and closest attack type attribution as demonstrated in this paper. A shift from task specific objectives to strong embeddings will not only allow rapid iteration of cyber-threat detection models, but also allow different modalities to be introduced in the development of these models.

pdf/foundational-models-for-malware-embeddings-using-spatio-2ejmgoge.pdf

Foundational Models for Malware Embeddings Using Spatio-Temporal Parallel Convolutional Networks

Systems, technologies, protocols, and infrastructures all face interoperability challenges. It is among the most crucial parameters to give real-world effectiveness. Organizations that achieve interoperability will be able to identify, prevent, and provide appropriate protection on an international scale, which can be relied upon. This paper aims to explain how future technologies such as 6G mobile communication, Internet of Everything (IoE), Artificial Intelligence (AI), and Smart Contract embedded WPA3 protocol-based WiFi-8 can work together to prevent known attack vectors and provide protection against zero-day attacks, thus offering intelligent solutions for smart cities. The phrase zero-day refers to an attack that occurs on the day zero of the vulnerability's disclosure to the public or vendor. Existing systems require an extra layer of security. In the security world, interoperability enables disparate security solutions and systems to collaborate seamlessly. AI improves cybersecurity by enabling improved capabilities for detecting, responding, and preventing zero-day attacks. When interoperability and Explainable Artificial Intelligence (XAI) are integrated into cybersecurity, they form a strong protection against zero-day assaults. Additionally, we evaluate a couple of parameters based on the accuracy and time required for efficiently analyzing attack patterns and anomalies. 

pdf/interoperability-and-explicable-ai-based-zero-day-attacks-1j6e70nfjw2f.pdf

Interoperability and Explicable AI-based Zero-Day Attacks Detection
  Process in Smart Community

Lateral Movement refers to methods by which threat actors gain initial access to a network and then progressively move through said network col-lecting key data about assets until they reach the ultimate target of their attack. Lateral Movement intrusions have become more intricate with the increasing complexity and interconnected nature of enterprise networks, and require equally sophisticated detection mechanisms to proactively detect such threats in near real-time at enterprise scale. In this paper, the authors propose a novel, lightweight method for Lateral Movement detection using user behavioral analysis and machine learning. Speciﬁcally, this paper introduces a novel methodology for cyber domain-speciﬁc feature engineering that identiﬁes Lateral Movement behavior on a per-user basis. Furthermore, the engineered features have also been used to develop two supervised machine learning models for Lateral Movement identiﬁcation that have demonstrably outperformed models previously seen in literature while maintaining robust performance on datasets with high class imbalance. The models and methodology introduced in this paper have also been designed in collaboration with security operators to be relevant and interpretable in order to maximize impact and minimize time to value as a cyber threat detection toolkit. The underlying goal of the paper is to provide a computationally eﬃcient, domain-speciﬁc approach to near real-time Lateral Movement detection that is interpretable and robust to enterprise-scale data volumes and class imbalance.

Lateral Movement Detection Using User Behavioral Analysis

Zero Day Threats (ZDT) are novel methods used by malicious actors to attack and exploit information technology (IT) networks or infrastructure. In the past few years, the number of these threats has been increasing at an alarming rate and have been costing organizations millions of dollars to remediate. The increasing expansion of network attack surfaces and the exponentially growing number of assets on these networks necessitate the need for a robust AI-based Zero Day Threat detection model that can quickly analyze petabyte-scale data for potentially malicious and novel activity. In this paper, the authors introduce a deep learning based approach to Zero Day Threat detection that can generalize, scale, and effectively identify threats in near real-time. The methodology utilizes network flow telemetry augmented with asset-level graph features, which are passed through a dual-autoencoder structure for anomaly and novelty detection respectively. The models have been trained and tested on four large scale datasets that are representative of real-world organizational networks and they produce strong results with high precision and recall values. The models provide a novel methodology to detect complex threats with low false positive rates that allow security operators to avoid alert fatigue while drastically reducing their mean time to response with near-real-time detection. Furthermore, the authors also provide a novel, labelled, cyber attack dataset generated from adversarial activity that can be used for validation or training of other models. With this paper, the authors’ overarching goal is to provide a novel architecture and training methodology for cyber anomaly detectors that can generalize to multiple IT networks with minimal to no retraining while still maintaining strong performance.

Zero Day Threat Detection Using Graph and Flow Based Security Telemetry

Handle everyday research tasks with reliable, citation-backed results

Your personal Research Agent to handle research tasks with citation-backed results

Popular Tasks used by Researchers

How can I help with your research?

Meet SciSpace

Get more enhanced response by uploading the PDFs you want me to reference.

No relevant PDFs in your library

SciSpace is the AI research assistant for academics. Run systematic literature reviews on 280M+ papers, and write papers with cited sources. Trusted by 1M+ students, PhDs & researchers.

SciSpace | AI for Research

Analyze PDFs

Code & Manuscripts

Funding & Grants

Literature & Patents

Medical & Clinical Data

Systematic Review

Visualize & Present

Web & Data

Build a Google Scholar-like website for your research.

Build a website

Create charts and images for your research

Create a Chart

Write a paper for submission to a journal

Draft a manuscript

Patent Search

Design eye-catching scientific posters in minutes.

Scientific Poster Generation

Systematic Literature Review

One task is running at the moment. Your messages will be shown right after.

Drag and drop or click here to browse

Loved by <highlight>1 million+</highlight> researchers

Extract a list of specific topics and their sources from unstructured text

Topics

Compare and analyze relevant papers that matches with your search

Papers

Get insights from PDFs and bookmarked papers from your library

My library

Recent searches

Try searching for:

Catch AI-generated content in scholarly and non-scholarly content

{ai} Detector

Ai Writer

Get PDF Summaries, highlighted text explanations 

Chat with PDF

Effortlessly create in-text citations and bibliographies in APA and 2,500 other formats

Citation generator

Get explanations, summaries, and answers on academic papers

Ease up your research workflow with {scispace}'s cohort of exciting AI tools

Elevate your academic writing skills and convey your ideas the way you want

Paraphraser

Explore our range of reading and writing tools

Your file is being prepared and should be ready in a few minutes. If it's a large file, it might take a bit longer. You can close this window, and we'll email you the file when it's done.

You have reached a maximum limit of <strong>{limit}</strong> columns in the table. Remove at least <strong>1</strong> column to add or create another one.

M. Weeks

Author Tools

Chat about Author

Papers

Zero Day Threat Detection Using Metric Learning Autoencoders

Lateral Movement Detection Using User Behavioral Analysis

Zero Day Threat Detection Using Graph and Flow Based Security Telemetry