Cyber threat analysis requires high-speed supercomputers, such as Theta at Argonne’s Leadership Computing Facility, a DOE Office of Science User Facility. (Image by Argonne National Laboratory.) |
Topics: Artificial Intelligence, Computer Science, Internet, Mathematical Models, Quantum Computing
"Locks are made for honest people."
Robert H. Goodwin, June 19, 1925 - August 26, 1999 ("Pop")
It is indisputable that technology is now a fundamental and inextricable part of our everyday existence—for most people, our employment, transportation, healthcare, education, and other quality of life measures are fully reliant on technology. Our dependence has created an urgent need for dynamic cybersecurity that protects U.S. government, research and industry assets in the face of technology advances and ever more sophisticated adversaries.
The U.S. Department of Energy’s (DOE) Argonne National Laboratory is helping lead the way in researching and developing proactive cybersecurity, including measures that leverage machine learning, to help protect data and critical infrastructure from cyberattacks.
Machine learning is a category of artificial intelligence that involves training machines to continually learn from and identify patterns in data sets.
“Applying machine learning approaches to cybersecurity efforts makes sense due to the large amount of data involved,” said Nate Evans, program lead for cybersecurity research in the Strategic Security Sciences (SSS) Division. “It is not efficient for humans to mine data for these patterns using traditional algorithms.”
Argonne computer scientists develop machine learning algorithms using large data sets— comprising log data from different devices, network traffic information, and instances of malicious behavior—that enable the algorithms to recognize specific patterns of events that lead to attacks. When such patterns are identified, a response team investigates instances matching those patterns.
Following an attack, the response team patches the vulnerability in the laboratory’s intrusion protection systems. Forensic analysis can then lead to changes that prevent similar future attacks.
“We are looking for ways to stop attacks before they happen,” said Evans. “We’re not only concerned with protecting our own lab, we’re also developing methods to protect other national labs, and the country as a whole, from potential cyberattacks.”
Argonne applies machine learning to cybersecurity threats
Savannah Mitchem, Argonne National Laboratory