How IBM Is Using Artificial Intelligence to Provide Cybersecurity

Cybercrime is an epidemic. Consider these statistics from Checkmarx: Cybercrime is expected to cost businesses over $2 trillion annually by 2019, four times as much as 2015. In the U.S., a breach costs a company an estimated $15.4 million on average. Some hacks can be resolved in days, while others can take weeks or months.

These are more than mere statistics. Real-world examples abound. In December, Yahoo! revealed the largest known security breach to date, which compromised over 1 billion accounts, only months after it reported a separate breach involving 500 million users. These intrusions could take years to resolve and cost millions of dollars. 

Cybercrime is an epidemic; IBM's Watson has your back. Image source: Pixabay.

IBM (IBM 0.18%) is rolling out a new weapon in cyberdefense: its Jeopardy!-winning cognitive supercomputer Watson. So how will a game show contestant help prevent hacking? Glad you asked, but first, a little background.

One of the technologies behind Watson is an artificial intelligence (AI) discipline known as deep learning. A software model of the brain is used to recreate our ability to learn. By using a massive number of examples, combined with sophisticated algorithms, the system learns to discover similarities among the examples and find differences. This results in the program mastering pattern recognition when reviewing large data sets.

Teaching Watson about cybercrime

IBM Watson is expanding its security protocol. Image source: Pixabay.

IBM announced earlier this year that it was partnering with eight universities in a year-long research project to provide Watson with the requisite data necessary to expand its security protocol. These universities were chosen on the strength of their cybersecurity programs. According to an IBM press release in May, the system was "learning the nuances of security research findings and discovering patterns and evidence of cyberattacks and threats that could otherwise be missed." Students and faculty input security data while Watson learned the peculiarities specific to cybersecurity. It planned to process up to 15,000 documents per month, building its database of threat intelligence reports, cybercrime strategies, and threat databases. 

And the work is paying off. IBM recently announced that 40 organizations are now part of the Watson Cyber Security beta program. This group hails from a wide array of industries including banking, healthcare, insurance, finance, travel, energy, automotive, and education.  IBM hopes that by increasing participation in the beta program, Watson will, over time, evolve into the next generation of cyberdefense.

"By applying intelligent technologies like machine learning and natural language processing, Watson can help security analysts make better decisions from structured data, as well as the massive amount of unstructured data that has been dark to an organization's defenses until now," IBM wrote in its press release.

Better detectives

Mixing AI and cyber-security holds a lot of promise. MIT announced earlier this year that an AI system had achieved an 85% success rate at detecting threats. This system, called AI Squared, differed from previous attempts at using AI for cyberdefense.  Rather than simply referring all anomalies to its human counterparts, this experiment provided feedback from the analyst to the system, allowing it to learn from the input provided by its human counterparts.  This improved the system's assessments over time, increasing the accuracy of future predictions.

This reduced the number of both false positives and false negatives, according to MIT. This is a quantum leap forward versus earlier outlier detection, which merely looks for anomalies that are then forwarded to a human technician for further assessment.  This video from MIT Computer Science and Artificial Intelligence Laboratory illustrates the process:

Learning on their own

Google neural networks created their own encryption! Image source: Pixabay

IBM isn't the only player in this emerging field. While many big tech companies use varying degrees of artificial intelligence to help provide security for their cloud-computing operations, some are taking it to another level. In a research paper, Alphabet (GOOG 1.43%) (GOOGL 1.42%) division Google revealed that two neural networks had learned to build their own form of encryption, while a third was unable to crack that code. This is significant because they weren't taught about encryption or given any examples of encrypted and decrypted messages. Two neural networks were instructed to send communications to each other, and keep that information secret from the third. This is likely an early development toward a dynamic system that learns to protect itself. In its conclusion, the paper states: "Finally, neural networks may be useful not only for cryptographic protections but also for attacks."

With its massive data centers and cloud infrastructure, this development could further enhance Google's business and advance its already impressive AI credentials.

The Foolish final word

IBM has been leveraging Watson in a variety of ways. In adding cybersecurity to its resume, IBM hopes to capitalize on the inability of companies to keep pace with the growing threat posed by cybercrime. Sandy Bird, chief technology officer of IBM Security was quoted as saying in a press release:

Customers are in the early stages of implementing cognitive security technologies. Our research suggests this adoption will increase threefold over the next three years, as tools like Watson for Cyber Security mature and become pervasive in security operations centers. Currently, only seven percent of security professionals claim to be using cognitive solutions.

If Watson can capture just a portion of that threefold increase, its training has not been in vain.