Bogdan Botezatu, senior e-threat analyst, Bitdefender
Bogdan Botezatu, senior e-threat analyst, Bitdefender

While some predict that particular activities could be replaced almost entirely (78 percent) by machine learning and artificial intelligence algorithms, they mostly refer to physical and predictable activities, such as operating machinery or assembly line working. When it comes to machines completely taking over our jobs and lives, rest assured, we still have a long way to go.

As for cyber-security, with more than 300,000 unique malware samples emerging each month, using flesh-and-blood security researchers to manually go through that much data is unrealistic and counterproductive. To that end, modern internet security companies have started developing and training machine learning algorithms to take over a great deal of the daily automatism involving malware detection and analysis, with the same accuracy as a highly skilled and experienced security researcher.

Humans still required

Despite advances in machine learning in relation to cyber-security, humans are not entirely out of the equation. Simply reducing manpower for one task does not mean people get left behind. If anything, they can start focusing on how to better train and adjust the programming of machine learning algorithms to both improve malware detection accuracy and optimise performance indicators.

The popular belief that robots will take over the world and, consequently, your job is misguided. Because digitalisation has encompassed every aspect of our lives, cyber-criminals have also leveraged technologies for rapidly developing, targeting, and using malware for their own gain. As cyber-security is supposed to proactively tackle these threats, the use of machine learning and algorithms, which can parse large numbers of files many times faster than a person, is also key in protecting data as well as personal and financial assets.

The merging of human ingenuity and artificial intelligence algorithms for cyber-security is key in actively and accurately plugging new and unknown threats, or fighting malware that changes its behaviour from one victim to another. Ransomware is a perfect example of polymorphic behaviour that properly trained machine learning algorithms can detect and stop.

However, machine-learning algorithms alone can't achieve a 99.99 percent accuracy rate in spotting unknown malware; the engineers who designed those algorithms are the true innovators. Constant tweaking and improvements are responsible for these accurate detections, and security researchers and the engineers behind machine learning algorithms make up for the bulk of the “intelligence” that these machines seem to pose.

Will cyber-security become fully automated?

While science fiction may have taught us that artificial intelligence has the potential to be fully autonomous, we are still a long way from that becoming the norm. In terms of cyber-security, there is still room for expanding the abilities of machines, but human intervention is certainly required, at least for the here and now.

Fully unsupervised machine learning algorithms are yet to be developed and, because the security landscape is constantly changing, the humans need to “teach” machines what to look for. While companies such as Bitdefender have been relying on these algorithms since 2008, they have advanced to the point where they are statistically almost as accurate as an actual researcher.

While endeavors from Google, Facebook, and IBM may have machine learning heading towards self-awareness, current cybersecurity-centric machine learning will probably go down the same path, in time. For now however, it is comforting to know that in the majority of cases, humans, facilitated by advanced cyber-security algorithms are working together in tandem to keep watch over your data.


Contributed by Bogdan Botezatu, senior e-threat analyst, Bitdefender