Research on AI using Cyber Security and Forensics

projob2412 61 views 69 slides Jul 16, 2024
Slide 1
Slide 1 of 69
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36
Slide 37
37
Slide 38
38
Slide 39
39
Slide 40
40
Slide 41
41
Slide 42
42
Slide 43
43
Slide 44
44
Slide 45
45
Slide 46
46
Slide 47
47
Slide 48
48
Slide 49
49
Slide 50
50
Slide 51
51
Slide 52
52
Slide 53
53
Slide 54
54
Slide 55
55
Slide 56
56
Slide 57
57
Slide 58
58
Slide 59
59
Slide 60
60
Slide 61
61
Slide 62
62
Slide 63
63
Slide 64
64
Slide 65
65
Slide 66
66
Slide 67
67
Slide 68
68
Slide 69
69

About This Presentation

about security

Size: 1.07 MB
Language: en
Added: Jul 16, 2024
Slides: 69 pages

Slide Content

AI in Computer Security and Forensics

Dr. Janaki Sivakumar Associate Professor Programme Leader BSc (Hons) Computer Security and Forensics BSc (Hons) Computer Science(with AI Pathway)

Dr. Janaki Sivakumar Education Background Ph.D. in Computer Science ( Specialization in AI Image Processing) Associate Fellow in Higher Education Academy(AFHEA ),UK Master of Philosophy in Computer Science Master of Computer Applications (specialization in software engineering )

Dr. Janaki Sivakumar Research Interest Computer Forensics Data Science Cryptography AI Utilized Teaching and Learning Business Intelligence

Dr. Janaki Sivakumar Email: [email protected]

RoadMap Research Artificial Intelligence Security & Forensics

Research Your Thoughts

If you steal from one author, it’s plagiarism; if you steal from many, it’s research.” Wilson Mizner

Research

The Landscape of Cybersecurity Cybersecurity involves protecting devices, networks, data, services, and applications connected with the internet against malicious cyber attacks that cybercriminals employ to steal data and money and cause harm. In simple words, cybersecurity involves the practice of protecting networks, devices, and information against unauthorized access. 10

The Landscape of Cybersecurity Today every organization and individual relying on IT resources need robust security protection to safeguard their data and systems from growing threats like viruses, malware, DDoS attacks, ransomware, etc. 11

The Landscape of Cybersecurity The intent of cyberattacks against networks can be anything, such as: Stealing money Threats Competing with a business and hurting its network Stealing business information and damaging the reputation of a company. AI in CyberSecurity 12

The Landscape of Cybersecurity Now, you need a much more evolved, advanced, and efficient cybersecurity approach than before. This is why several research works and innovations for cyber security development are on the rise. 13

The Landscape of Cybersecurity There is rise of cyber threats, complex attack vectors, need for advanced solutions. There is information overload, fatigue, inability to detect zero-day threats. Power to analyze vast data, identify patterns, learn and adapt is not contained by most individuals and organization AI in CyberSecurity 14

Artificial Intelligence Make Effective Presentations Using Awesome Backgrounds Engage your Audience Capture Audience Attention

AI Applications in Cybersecurity Improved Threat Detection and Prevention AI-powered systems can analyze vast amounts of data from various sources, such as network traffic, logs, and user behavior, to identify anomalies and potential threats that may go unnoticed by traditional cybersecurity measures.

AI Applications in Cybersecurity Improved Threat Detection AI-powered systems can analyze vast amounts of data from various sources, such as network traffic, logs, and user behavior, to identify anomalies and potential threats that may go unnoticed by traditional cybersecurity measures.

Benefits of AI in Cybersecurity Faster Response Times AI-powered systems can automatically respond to threats by isolating infected devices or blocking malicious traffic, reducing response times significantly compared to traditional cybersecurity measures that require manual intervention.

Benefits of AI in Cybersecurity Scalability AI- powered systems can handle large volumes of data and scale up or down as needed, making them more flexible. Traditional cyber security becomes overwhelmed by large volumes of data or requires significant resources to scale up or down.

AI Applications in Cybersecurity Improved Threat Detection and Prevention Anomaly Detection: Identifying suspicious activity based on behavioral patterns. Malware and Phishing Detection: Analyzing network traffic and content for malicious signatures. Vulnerability Management: Automating vulnerability scanning and prioritizing critical patches.

AI Applications in Cybersecurity Incident Response and Investigation : Streamlining Alert Analysis: Reducing false positives and prioritizing real threats. Automating Incident Response: Orchestrating containment, cleanup, and recovery procedures. Threat Hunting: Proactively searching for hidden threats and advanced persistent threats.

AI Applications in Cybersecurity User and Endpoint Security: Behavioral Analytics: Detecting unauthorized access and anomalous user activity. Data Loss Prevention (DLP): Monitoring and controlling sensitive data movement. Endpoint Security Automation: Automating endpoint threat detection and response.

AI Tools Darktrace CrowdStrike Vectra Hybrid cybersecurity with AI and ML Spark Cognition SentinelOne ThreatCloud AI Acronis Cyber Protect Deep Instinct LogRhythm NDR Cybereason AI in CyberSecurity 23

Research into and study of materials and sources to establish facts and reach new conclusions Domain-specific contexts is a Systematic investigation Scientific Method Knowledge Results

Research Methods Research methods refer to the strategies, tools, and techniques used to gather and analyze data in a structured way to answer a research question or investigate a hypothesis (Hammond & Wellington, 2020).

Qualitative research in cybersecurity focuses on understanding human behaviors, experiences, and cultural phenomena related to security practices, threats, and responses. This type of research helps uncover the reasons behind certain behaviors and attitudes toward cybersecurity Qualitative Research

Quantitative research in cybersecurity focuses on measuring and analyzing numerical data to identify patterns, correlations, and causal relationships. This type of research helps to quantify risks, evaluate the effectiveness of security measures, and make data-driven decisions. Quantitative Research

Abstract A brief summary of a research paper, usually about 150-250 words, that highlights the main objectives, methods, results, and conclusions of the study. It helps readers quickly determine the paper's relevance.

Ethics Principles and guidelines that govern the conduct of research to ensure integrity, quality, and respect for participants. It includes obtaining informed consent, ensuring confidentiality, and avoiding plagiarism.

Importance of CyberSecurity Research The ever-evolving landscape of digital threats helps to protect individuals, organizations, and nations from cyber attacks.

Financial Impacts Direct Financial Losses Cost of Recovery Business Interruption Fines and Penalties

Operational Impacts Disruption of Services Loss of Data Damage to Infrastructure

Loss of Trust: Breaches can erode trust among customers, partners, and investors, damaging an organization's reputation and brand value. Negative Publicity: Media coverage of cyber incidents can lead to negative publicity and long-term damage to a company's public image. Customer Attrition: Customers may choose to take their business elsewhere if they perceive an organization as unable to protect their data adequately. Reputational Impacts

Data Integrity: Cyber attacks can compromise data integrity, leading to incorrect or corrupted information being used in decision-making processes. System Downtime: Attacks can cause significant downtime, affecting the targeted organization and interconnected systems and services. Erosion of Technological Confidence: Frequent cyber attacks can erode confidence in digital technologies and hinder the adoption of innovations. Technological Impacts

Distributed Denial of Service (DDoS) Attacks: Overwhelming a network with traffic to disrupt services. Man-in-the-Middle (MitM) Attacks: Intercepting and altering communications between two parties. Eavesdropping Attacks: Listening in on unencrypted communications. Network Attacks

Distributed Denial of Service (DDoS) Attacks: Where: Public-facing websites, online services, gaming servers. How: Attackers use a botnet (network of compromised devices) to flood a target with traffic, overwhelming the server or network and rendering it unusable. Network Attacks

Man-in-the-Middle (MitM) Attacks Where: Public Wi-Fi networks, unsecured communication channels. How: Attackers intercept communications between two parties, eavesdropping or injecting malicious data. This can happen through rogue access points or DNS spoofing. Network Attacks

Eavesdropping Attacks Where: Unencrypted communication channels, public Wi-Fi How: Attackers passively listen to network traffic to capture sensitive information such as login credentials or confidential data. Network Attacks

Malware: Infecting devices with viruses, worms, ransomware, spyware, or trojans. Phishing: Trick users into providing sensitive information or installing malware through deceptive emails or websites. Drive-by Downloads: Automatically downloading malicious software when visiting compromised websites. Endpoint Attacks

Malware: Where: Personal computers, mobile devices, enterprise networks. How: Malware can be delivered via email attachments, malicious websites, or software downloads. Once installed, it can steal data, monitor activity, or damage the system. Endpoint Attacks

Phishing Where: Email inboxes, social media, fake websites. How: Attackers send deceptive messages that appear legitimate, tricking users into clicking on malicious links or providing sensitive information. Endpoint Attacks

Drive-by Downloads Where: Compromised websites, malicious advertisements. How: Simply visiting a compromised website can trigger an automatic download of malicious software onto the user's device. Endpoint Attacks

SQL Injection: Inserting malicious SQL code into a query to manipulate the database. Cross-Site Scripting (XSS): Injecting malicious scripts into web pages viewed by other users. Cross-Site Request Forgery (CSRF): Forcing a user to execute unwanted actions on a web application where they are authenticated. Application Attacks

SQL Injection Where: Websites and web applications with poor input validation. How: Attackers insert malicious SQL queries into input fields, manipulating the database to reveal or alter data. Application Attacks

Cross-Site Scripting (XSS): Where: Web applications that reflect user input back to the browser without validation. How: Attackers inject malicious scripts into web pages viewed by other users. These scripts can steal cookies, session tokens, or other sensitive information. Application Attacks

Cross-Site Request Forgery (CSRF): Where: Web applications that do not verify the origin of requests. How: Attackers trick authenticated users into making unintended requests, potentially altering data or performing actions on their behalf. Application Attacks

Brute Force Attacks: Attempting to gain access by systematically trying all possible passwords. Zero-Day Exploits: Exploiting unknown vulnerabilities before they are patched. Credential Stuffing: Using stolen credentials to gain unauthorized access. Server Attacks

Brute Force Attacks Where: Login pages, remote access services (e.g., SSH, RDP). How: Attackers use automated tools to try many combinations of usernames and passwords until they find the correct one. Server Attacks

Zero-Day Exploits Where: Software and systems with unknown vulnerabilities. How: Attackers exploit vulnerabilities that have not yet been patched by the vendor, gaining unauthorized access or control. Server Attacks

Credential Stuffing Where: Websites and online services. How: Attackers use lists of stolen usernames and passwords from previous breaches, trying them on different services in hopes of finding matches. Server Attacks

Data Breaches: Unauthorized access to sensitive data. Ransomware: Encrypting data and demanding payment for the decryption key. Insider Threats: Employees or insiders leaking or exploiting confidential data. Data Attacks

Data Breaches: Where: Databases, cloud storage, file servers. How: Attackers gain unauthorized access to systems to steal sensitive data, often through vulnerabilities or social engineering. Data Attacks

Ransomware: Where: Enterprise networks, personal computers. How: Ransomware is typically delivered via phishing emails or exploit kits. It encrypts the victim's data, demanding payment for the decryption key. Data Attacks

Insider Threats: Where: Within organizations. How: Employees or contractors with legitimate access misuse their privileges to steal or compromise data. Data Attacks

Botnets: Compromising IoT devices to create a network of bots for launching attacks. Firmware Exploits: Exploiting vulnerabilities in IoT device firmware. Physical Attacks: Gaining physical access to devices to tamper with them. IoT (Internet of Things) Attacks

Pretexting: Creating a fabricated scenario to steal information. Baiting: Using false promises to lure victims into providing information or access. Quid Pro Quo: Offering a service or benefit in exchange for information. Social Engineering Attacks

Qualitative Research Artificial Intelligence (AI) and Machine Learning (ML) algorithms can significantly enhance qualitative analysis in research by automating and improving the accuracy of data processing and interpretation

Natural Language Processing (NLP) Algorithms Sentiment Analysis Social Media Monitoring: Tools like Brandwatch and Hootsuite use sentiment analysis to monitor and analyze public sentiment about brands, products, or services on platforms like Twitter, Facebook, and Instagram. Customer Feedback: Companies like Amazon and Yelp use sentiment analysis to understand customer reviews and improve their products and services.

Natural Language Processing (NLP) Algorithms Sentiment Analysis Threat Intelligence: Analyzes social media and forum posts to gauge sentiment and detect potential threats or emerging cyber threats. Incident Response: Evaluate the sentiment in communication logs to understand user reactions and potential insider threats.

Natural Language Processing (NLP) Algorithms Topic Modeling Content Recommendation: News aggregators like Google News use topic modeling to categorize and recommend articles based on user interests. Academic Research: Tools like Leximancer and NVivo use topic modeling to help researchers identify themes and trends in large sets of qualitative data.

Natural Language Processing (NLP) Algorithms Topic Modeling Security Reports: Analyzes security reports and threat bulletins to identify common themes and emerging threats. Dark Web Monitoring: Extracts topics from discussions on dark web forums to detect planned cyber attacks.

Natural Language Processing (NLP) Algorithms Named Entity Recognition (NER): Information Extraction: Search engines like Google use NER to identify and extract key entities from web pages to enhance search results and snippets. Document Management: Legal and financial firms use NER to automatically identify and categorize entities in large document repositories.

Natural Language Processing (NLP) Algorithms Named Entity Recognition (NER) Threat Identification: Automatically identifies entities like IP addresses, domain names, and malware names in threat reports and logs. Incident Analysis: Helps in identifying key entities involved in security incidents from logs and communications.

Text Classification Algorithms Named Entity Recognition (NER) Threat Identification: Automatically identifies entities like IP addresses, domain names, and malware names in threat reports and logs. Incident Analysis: Helps in identifying key entities involved in security incidents from logs and communications.

AI

AI in Cyber security
Tags
Categories
Technology Science Education
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 61
  • Slides 69
  • Age 502 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
19 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views
View More in This Category