Abstract:
Artificial intelligence (AI)-assisted cyber-attacks have evolved to become increasingly
successful in every aspect of the cyber-defence life cycle. For example, in the reconnaissance phase, AI-enhanced tools such as MalGAN can be deployed. The attacks launched by these types of tools automatically
exploit vulnerabilities in cyber-defence systems. However, existing countermeasures cannot detect the attacks
launched by most AI-enhanced tools. The solution presented in this paper is the first step towards using data
fingerprinting and visualization to protect against AI-enhanced attacks. The AIECDS methodology for the
development of AI-Enhanced Cyber-defense Systems was presented and discussed. This methodology
includes tasks for data fingerprinting and visualization. The use of fingerprinted data and data visualization
in cyber-defense systems has the potential to significantly reduce the complexity of the decision boundary
and simplify the machine learning models required to improve detection efficiency, even for malicious threats
with minuscule sample datasets. This work was validated by showing how the resulting fingerprints enable
the visual discrimination of benign and malicious events as part of a use case for the discovery of cyber threats
using fingerprint network sessions.
