MIT Artificial Intelligence System Detects 85 Percent Of Cyber Attacks

While the number of cyber attacks continues to increase it is becoming even more difficult to detect and mitigate them in order to avoid serious consequences. A group of researchers at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) is working on an ambitious project, the development of a technology that is able to early detect cyber attacks. The experts in collaboration with peers from the startup PatternEx have designed an Artificial Intelligence system that is able to detect 85 percent of attacks by using data from more than 3.6 Billion lines of log files each day.

The researchers have developed a system that combines an Artificial Intelligence engine with human inputs. , which researchers call Analyst Intuition (AI), which is why it has been given the name of AI2. The AI2 system first performs an automatic scan of the content with machine-learning techniques and then reports the results to human analysts which have to discriminate events linked to cyber attacks. According to the experts at the MIT the approach implemented by the AI2 system is 3 times better than modern automated cyber attack detection systems.

“The team showed that AI2 can detect 85 percent of attacks, which is roughly three times better than previous benchmarks, while also reducing the number of false positives by a factor of 5. The system was tested on 3.6 billion pieces of data known as “log lines,” which were generated by millions of users over a period of three months.” states a description of the AI2 published by the MIT.

The greater the number of analyzes carried out by the system, the more accurate the subsequent estimates thanks to the feedback mechanism.

“You can think about the system as a virtual analyst,” says CSAIL research scientist Kalyan Veeramachaneni, who developed AI2 with Ignacio Arnaldo, a chief data scientist at PatternEx and a former CSAIL postdoc. “It continuously generates new models that it can refine in as little as a few hours, meaning it can improve its detection rates significantly and rapidly.”