TOP ARTIFICIAL INTELLIGENCE TRENDS IN CYBER SECURITY

TOP ARTIFICIAL INTELLIGENCE TRENDS IN CYBER SECURITY

Artificial intelligent is defined as the study of intelligent agent and devices that perceives the environment around and takes some actions for its chance of success at some goals and it also plays an important role in all fields AI robots are one of the major invention in recent years it takes the actions, control and activities of human environment and replicates the same and AI can encompass anything from google search algorithm

In Today’s Artificial Intelligence made to perform a narrow task it’s meant to drive a car by its own but when compared to narrow AI Many researches plan to create a general (AGI or strong AI) because the narrow AI can perform each and every task of the human and it may also lead to some dangerous activities it plays a major drawback on creating a narrow AI

ADVANTAGES OF ARTIFICIAL INTELLIGENCE:

Artificial Intelligence is used in a complicate mixture of computer science, Mathematics and other complex sciences major advantage of artificial intelligence as follows

• Error Reduction
• Difficult Exploration
• Daily Application
• Digital Assistance
• Repetitive jobs
• Medical Application
• No Break

ERROR REDUCTION:

It is mainly used to detect and minimize the errors and also executes the result at higher accuracy and AI helps us to study about the concept involved in the exploration of space and AI created robots are used to transfer information across the space and robots transfers the information’s to the space are highly secured and they cannot be modified or copied by a normal human

DIFFICULT EXPLORATION:

It involves the science of robots, process of mining and other fuel exploration purposes and it acts not only in the complex behavior but also in the exploration of space due to its programming ability it can performs the process more than human’s behavior

In Mining AI places an important role to detect the exact place for digging to find out the non-artificial products like the coal, gold, silver and research made by the Goldcorp team up with the IBM Watson to develop an advanced feature by AI to find out the Non Artificial product locations

Reference Link: https://www.techemergence.com/ai-in-mining-mineral-exploration-autonomous-drills/

DAILY APPLICATION:

Computed Methods for Automated testing, Learning, reasoning and our other daily activities lies under AI. Cortana and Siri are used as a Virtual Search engine to help us out, tracking software like Map and cab booking are worked under GPS. Smartphone are on the perfect example for artificial intelligence, security chips placed in the ATM card follows AI to secure themselves from fraud

DIGITAL ASSISTANCE:

Highly advanced Organization used ‘avatar’ to minimize the work of humans and interacts with the clients and performs the task based on their requirements and many peoples started to use the robots in hotel for serving purpose and google lens is an another advanced method to connect with internet without the authentication process

REPETITIVE JOBS:

Repetitive jobs are monotonous in nature and it can be used in the purpose of machine intelligence and the machine thinks faster than humans in our life Machine Intelligence can assigned to perform some dangerous tasks because we can set some parameters for robots to perform their action it process the working methods in a secured manner and executes a better results than humans, Play Station is one of the best example when we are playing the one component is user and the another component is the AI and it capture the movement of the user and displays the same actions on the screen

MEDICAL APPLICATION:

In Medical field Doctor’s assess the patient and their health risk by the method of artificial intelligence and it guides the patient to be aware from medicine side effects, it finds a huge application in detecting and finding the neurological disorders and it capture the actions performed by the brain and nowadays in medical application it’s been developed to the digital body scanning (to scan over your whole body) in an automated manner.

Reference Link: https://www.youtube.com/watch?v=DCtAxUB1bvI

NO BREAK:

Machines unlike humans do not requires frequents break and refreshments they are performed for long hours and can continuously perform without getting bored or distracted or even tired

DISADVANTAGES OF ARTIFICIAL INTELLIGENCE

• High Cost
• No Replicating humans
• No improvement with experience
• Unemployment

HIGH COST:

Creation of the Artificial Intelligence machines or robots charges high cost when compared to the other automated machines and the repair and maintenance require high cost and AI also needs some upgrades to develop its level day by day and when the AI machine gets breakdown or any maintenance report leads to high cost to recover the codes (or) to repair the machine so it considered to be the major drawback of Artificial Intelligence

NO REPLICATING HUMANS:

Machine do not have emotions it leads to the drawback of AI because at certain situations they do not know to take the correct decisions at a specific time. The either perform incorrectly or breakdown in such situations

NO IMPROVEMENT WITH EXPERIENCE:

Unlike humans artificial intelligence cannot be calculates its experience based on its time they are different from humans and AI stores lots of data but it fails to access at time when it is needed and it does not any care or emotional feeling like human and it’s one of the drawback of AI from humans, they fail to distinguish between the hardworking individual and inefficient individual

UNEMPLOYMENT:

Replace of humans with machines lead to the large scale of unemployment and Unemployment is one of the most socially undesirable phenomenon and Humans are becoming lazy nowadays and they started to use machine to complete their work and this lead to the unemployment of many peoples and if humans starts thinking in a destructive way it leads to the create havoc with this machine, when artificial intelligence takes plays in a destructive way it leads to any kind of massive destructions in the world

ROLE OF AI IN CYBER SECURITY:

Machine Learning and artificial Intelligence plays an important role across industries and applications that has been used for computing power, data collections and analyzing against vulnerabilities etc.

By using AI we can perform any kinds of exploits and it detects the vulnerabilities in an easier and automated way in many cyber security organization’s employees were started to Learn AI and Machine Learning to develop their standards to next level in Artificial Intelligence

 TOP TRENDS IN CYBER SECURITY:

GDPR (GENERAL DATA PROTECTION REGULATION):

It’s mainly prepared for the European Union’s, of how to store your personal Data in a secured manner and it also mainly created for the EU Citizens because they are not complete with it and many Organization are expected to start GDPR for May.

AI AND MACHINE LEARNING ON CYBER DEFENSE:

AI and Machine learning plays an important role in cyber defense and machine learning modules detects the exact moves of the cyber security criminals and it helps the InfoSec professional’s in a greater way

HANDLING DATA BREACHES:

It’s impossible to eradicate data breaches completely and many organization’s started to control data breaches with some condition’s through monitoring IOT Devices to get control from DDOS attacks or misdirecting potential victim’s and failing to patch a known vulnerabilities and we can hope that the data’s could be  entirely controlled in the upcoming years

DEVELOPING A COMMON LANGUAGE:

There is a positive growth of development in cybersecurity realm and not least the creation and adoption of thing’s like NIST Cybersecurity framework and more cybersecurity experts and organization’s planning to develop a common language in the field of cybersecurity to make the process easier.

APPLICATION TESTING:

Application testing leads to the large amount of the data breaches because the security testing in application’s are not properly maintained and to control these everyone should put a  fresh efforts into patching and app testing in the coming year, and by this we would see a dramatic drop in data breaches.

ARTIFICIAL INTELLIGENCE TOOLS:

• Google Now
• Intelligent Personal Assistants
• Crystal knows
• Textio
• Enlitic
• Digital Genius
• TAMR
• Intraspexion
• Recorded Future
• Conversica

COMPANIES TRIES TO IMPROVE AI IN CYBER SECURITY:

AI FOCUS ON MALWARE:

AI Mainly focus on malware rather than exploits it checks for every suspicious file within the folder or checks by CPU instructions and or by API imports and AI can detect the malware by certain limitations in Memory or by I/O Operations and AI focus starts from the exploitation if any malware is sent to the computer it starts from the exploitation and later it can be passed through malicious shellcode can be passed through browser or by Microsoft office (or) Adobe Reader and finally in Malware AI Detection AI detects the malware by checking its memory level and by I/O operations Once they are not up to its level they are considered to be the malicious one.

After Malware detection AI can also be bypassed using AI Evasion techniques and by this process it redirects its way by detecting against AV and bypasses the malware detection on AI and here by using this techniques the AI fails to detects the malware and they are been explained as follows.

But Still Now AI Fails to detect the Zero Day Attacks and they are many methods are been developed on AI to detect advanced threats and Zero Day but it fails but the development on detecting Advanced level threats are going on in Progress

SUB INDUSTRY ARTIFICIAL INTELLIGENCE:

Artificial Intelligence statistics across every industries is been described in the above figure

BOOKS ON ARTIFICIAL INTELLIGENCE:

Reference Link: http://bigdata-madesimple.com/20-free-books-to-get-started-with-artificial-intelligence/

CONCLUSION:

As cyberattacks become more sophisticated, cybersecurity teams are tasked with adapting their technology to find new anomaliesOrganizations face millions of threats each day making is impossible for a security researcher to analyze and categorize them. This task can be done by using Machine Learning in an efficient way.

However, a more efficient cybersecurity process can help reduce costs and help streamline the process. Artificial intelligence and machine learning can rapidly and efficiently detect threats, resolve them, and prevent them in the shortest amount of time possible with the greatest potential for resolution.

AUTHOR

RamKumar

Security Engineer

BriskInfosec Technology and Consulting PVT LTD

Follow me @ https://www.linkedin.com/in/ram-kumar-3439b511a/

Top 20 practical software security testing tips for Pentesters (Security Testers)

1) Learn to analyze your test results thoroughly. Do not ignore the test result. The final test result may be ‘pass’ or ‘fail’ but troubleshooting the root cause of ‘fail’ will lead you to the solution of the problem. Testers will be respected if they not only log the bugs but also provide solutions.

2) Learn to maximize the test coverage every time you test any application. Though 100 percent test coverage might not be possible still you can always try to reach near it.

3) To ensure maximum test coverage break your application under test (AUT) into smaller functional modules. Write test cases on such individual unit modules. Also if possible break these modules into smaller parts.

E.g: Lets assume you have divided your website application in modules and ‘accepting user information’ is one of the modules. You can break this ‘User information’ screen into smaller parts for writing test cases: Parts like UI testing, security testing, functional testing of the ‘User information’ form etc. Apply all form field type and size tests, negative and validation tests on input fields and write all such test cases for maximum coverage.

4) While writing test cases, write test cases for intended functionality first i.e. for valid conditions according to requirements. Then write test cases for invalid conditions. This will cover expected as well unexpected behavior of application under test.

5) Think positive. Start testing the application by intend of finding bugs/errors. Don’t think beforehand that there will not be any bugs in the application. If you test the application by intention of finding bugs you will definitely succeed to find those subtle bugs also.

6) Write your test cases in requirement analysis and design phase itself. This way you can ensure all the requirements are testable.

7) Make your test cases available to developers prior to coding.Don’t keep your test cases with you waiting to get final application release for testing, thinking that you can log more bugs. Let developers analyze your test cases thoroughly to develop quality application. This will also save the re-work time.

8 ) If possible identify and group your test cases for regression testing. This will ensure quick and effective manual regression testing.

9) Applications requiring critical response time should be thoroughly tested for performance. Performance testing is the critical part of many applications. In manual testing this is mostly ignored part by testers due to lack of required performance testing large data volume. Find out ways to test your application for performance. If not possible to create test data manually then write some basic scripts to create test data for performance test or ask developers to write one for you.

10) Programmers should not test their own code. As discussed in our previous post, basic unit testing of developed application should be enough for developers to release the application for testers. But you (testers) should not force developers to release the product for testing. Let them take their own time. Everyone from lead to manger know when the module/update is released for testing and they can estimate the testing time accordingly. This is a typical situation in agile project environment.

11) Go beyond requirement testing. Test application for what it is not supposed to do.

12) While doing regression testing use previous bug graph (Bug graph – number of bugs found against time for different modules). This module-wise bug graph can be useful to predict the most probable bug part of the application.

13) Note down the new terms, concepts you learn while testing. Keep a text file open while testing an application. Note down the testing progress, observations in it. Use these notepad observations while preparing final test release report. This good habit will help you to provide the complete unambiguous test report and release details.

14) Many times testers or developers make changes in code base for application under test. This is required step in development or testing environment to avoid execution of live transaction processing like in banking projects. Note down all such code changes done for testing purpose and at the time of final release make sure you have removed all these changes from final client side deployment file resources.

15) Keep developers away from test environment. This is required step to detect any configuration changes missing in release or deployment document. Some times developers do some system or application configuration changes but forget to mention those in deployment steps. If developers don’t have access to testing environment they will not do any such changes accidentally on test environment and these missing things can be captured at the right place.

16) It’s a good practice to involve testers right from software requirement and design phase. These way testers can get knowledge of application dependability resulting in detailed test coverage. If you are not being asked to be part of this development cycle then make request to your lead or manager to involve your testing team in all decision making processes or meetings.

17) Testing teams should share best testing practices, experience with other teams in their organization.

18) Increase your conversation with developers to know more about the product. Whenever possible make face-to-face communication for resolving disputes quickly and to avoid any misunderstandings. But also when you understand the requirement or resolve any dispute – make sure to communicate the same over written communication ways like emails. Do not keep any thing verbal.

19) Don’t run out of time to do high priority testing tasks.Prioritize your testing work from high to low priority and plan your work accordingly. Analyze all associated risks to prioritize your work.

20) Write clear, descriptive, unambiguous bug report. Do not only provide the bug symptoms but also provide the effect of the bug and all possible solutions.

Don’t forget testing is a creative and challenging task. Finally it depends on your skill and experience, how you handle this challenge.

India: Talent hotspot for global cybercrime industry

MUMBAI: India is fast emerging as a talent hotspot for the global cybercrime industry amid slow hiring in the traditional software industry, the lure of easy money, and lack of law enforcement, according to computer security experts.
Work such as hacking into computer networks and creation of malware is being outsourced to cyber-mercenaries in India through underground marketplaces. It is possible to rent botnets - computers controlled by a hacker - to launch disabling attacks to bring down websites for as little as $2 ( Rs 125) per hour.

"Increasingly, India is becoming not just the victim but the host country with regard to cyber attacks," Jagdish Mahapatra, managing director for India and SAARC at anti-virus maker McAfee, told ET. The process has become so organised that some of these hacking services come with Live Chat customer support, according to McAfee.

In 2012, McAfee Labs identified at least 850 separate bits of ready-to-download malware hosted on computers in India. In the first quarter of 2013, the number had jumped to 1,100. India is ranked eighth in the world in terms of number of attacks originating here, a report by Akamai Technologies in May said.

"Blackhats can make a lot of money, so I'm not surprised that we're beginning to see cybercrime markets emerge in India," said Oxblood Ruffin, a Canadian hacktivist based in Bangalore. In Internet security language, a blackhat refers to someone who exploits vulnerabilities in computers with malicious intent or personal gain. In March, Norwegian telecommunications services provider Telenor reported an intrusion into its computer networks. Cybersecurity company Norman Shark traced that attack to India and documented it in a whitepaper titled 'Unveiling an Indian Cyber-attack Infrastructure'.

India has the 'skills'
"You have underground hacker forums where people post their hacking requirement and you can bid for them and have the money transferred to a PayPal account via a service called Perfect Money," Sarvaiya said. While ethical hackers could earn 30,000 a mon-th legally, cybercrime fetches more than $2,000 (Rs 1,30,000) a month.

Perfect Money functions as an e-currency. The currency units can be transferred between customers, whose identities can be hidden. The units can be redeemed for cash - in dollars or euros - or gold by third-party exchange services.

The hacker forums cannot be accessed via standard web browsers - what is required is a special browser called a Tor Browser that allows access to the 'hidden web' where these blackhat hackers operate.

The forums look like a social networking site designed by death-metal fans. Attempts by ET to contact hackers on these forums were not successful.

Some of the traits that made India the hub for sourcing technology services are also contributing to the rise of this new dubious trade. "You need software skills; the country has that capability. Then you need motivation, which is the money, and the knowledge that the Indian legal system is likely to not be able to prosecute you. These are cross-border computer crimes, our laws have not reached that point," said Dinesh Pillai, CEO of Mahindra Special Services Group.

There is no estimate of the number of Indian hackers for hire. And security industry professionals said while they knew the number of attacks from India was rising, they could not pinpoint individual attacks that could be attributed to Indian hackers.

"It used to be the eastern European countries that had the skilled manpower to provide hackers for hire, but now we can see that moving to emerging economies like India and Sri Lanka where job opportunities have shrunk," said Diwakar Dayal, who leads security sales for Cisco in South Asia.

Hackers are also emboldened by the belief that they are unlikely to get into trouble with the law. While there are sections in the IT Act that govern hacking, cross-border crimes are hard to police even in the real world.

"We have the requisite laws to try and punish such cross-border cybercrimes, even if they are committed by foreign nationals. But it becomes practically difficult due to the need for information sharing and reciprocity (in case of extradition) between countries," said Dipak Parmar, founder of Cyber-IPR.

Experts said a number of steps need to be taken if the rise in this type of crime has to be stemmed.

"The government's cybersecurity policy is a step in the right direction, but internet service providers also play a role. Network security across the board has to be strengthened in the country," Cisco's Dayal said.

“Oh no, the suspect ran CCleaner to get rid of the evidence!”

I recently received a few questions about the effects of running Internet history sanitation tools such as CCleaner, when examining a computer looking for internet related artifacts. CCleaner is a product from a company identified as Piriform (www.piriform.com), and a version is freely available online and commonly used to ‘sanitize’ user activity. From the online documentation, CCleaner is said to protect privacy by cleaning out Internet browsing history and temporary internet files.
I have personally run into CCleaner on several cases when examining digital evidence and found it to have a varying degree of effectiveness, depending on exactly the types of artifacts you are trying to find/recover after its use. CCleaner has the ability to clean and remove information from several different locations, including the registry, the recycle bin and even wipe the disk. For this article, I am focusing on its effectiveness against the ability to recover Internet related history after CCleaner has been run.
Using a well-used test machine (Windows 7) with several different types of Internet related artifacts, I ran Internet Evidence Finder (IEF) using the default options to get a baseline of the artifacts that existed before running CCleaner. The test machine had artifacts from Chrome, Firefox and Internet Explorer 10, as well as numerous other application such as P2P, webmail, etc. Here is a snapshot of the just the web related artifacts found before running CCleaner.

I then installed CCleaner on the test machine, just as a suspect would, accepting the default installation options. From the CCleaner interface, the following options were enabled by default.

I then ran CCleaner and received confirmation that it cleaned several locations related to Internet hisotry.

After running CCleaner, I then rebooted the test machine and reran Internet Evidence Finder (IEF) using the same default options and was still able to find almost all the artifacts that had been identified before running CCleaner. In fact, some of the artifacts in some categories went up, likely caused by artifacts existing in memory before the reboot and then when the computer was shut down and rebooted, those artifacts were flushed to disk (pagefile).


As many are aware, Internet artifacts are commonly found in memory (which I did not examine in this example), and ultimately end up on disk in the form of the pagefile or hibernation file. Many tools such as CCleaner, have minimal effect on these files and therefore many of the commonly sought after artifacts can still be found.
This example should be a clear example and illustration of how important the collection of RAM can be regardless of the type of investigation. It is also a good demonstration showing the importance of searching for Internet-related artifacts even when you may find evidence of ‘sanitation’ tools being used by the suspect. There are several other freely available ‘sanitation’ tools available, each with different varying results. The point of this post is to illustrate that the potential benefits of running a search for Internet related artifacts is well worth the effort, even when you fear they may have been ‘sanitized’.