School of Business; School of Engineering and Computational Sciences
machine learning, threat intelligence, intrusion detection, malware analysis, adversarial machine learning
Artificial Intelligence and Robotics | Information Security
Barker, Charity, "Applications of Machine Learning to Threat Intelligence, Intrusion Detection and Malware" (2020). Senior Honors Theses. 985.
Artificial Intelligence (AI) and Machine Learning (ML) are emerging technologies with applications to many fields. This paper is a survey of use cases of ML for threat intelligence, intrusion detection, and malware analysis and detection. Threat intelligence, especially attack attribution, can benefit from the use of ML classification. False positives from rule-based intrusion detection systems can be reduced with the use of ML models. Malware analysis and classification can be made easier by developing ML frameworks to distill similarities between the malicious programs. Adversarial machine learning will also be discussed, because while ML can be used to solve problems or reduce analyst workload, it also introduces new attack surfaces.