INTRODUCTION TO ARTIFICIAL INTELLIGENCE FOR CYBER THREAT INTELLIGENCE INVESTIGATION

Transcript

1. INTRODUCTION TO ARTIFICIAL INTELLIGENCE FOR CYBER THREAT INTELLIGENCE INVESTIGATION OLAKANMI

   OLUWOLE 28-04-2023

2. Our mission To monitor and alert users of immediate risk

   using a tactical approach, research, analyze and monitor the technical developments of various cyber trends and threat-actors in the following fields:

3. How we are doing it We gather massive amounts of

   data using various sources such as publicly available web references, social media channels and the deep dark web using a wide range of honey-pot techniques.

4. Cyber Threat Intelligence tailored for Africa

5. None
6. None

7. Global standards, Local expertise.

8. OUTLINE 1. Quick and dirty introduction to Cyber Threat Intelligence

   and Artificial Intelligence 2. Why Artificial Intelligence in Cyber Threat Intelligence? 3. Concerns of Artificial Intelligence in Cyber Threat Intelligence 4. Use cases of Artificial Intelligence in Cyber Threat Intelligence 5. Evolution of OSINT Investigations 6. Practical examples of using Artificial Intelligence for Cyber Threat Intelligence Investigations

9. Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications

   and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject's response to that menace or hazard. - Gartner 2013 INTRODUCTION Image from sociallinks.io

10. INTRODUCTION Image from sociallinks.io

11. INTRODUCTION Image from sociallinks.io

12. INTRODUCTION Image from sociallinks.io

13. ❖ Improved predictive capabilities ❖ Improved decision making based on

    data ❖ Minimizing human error and bias ❖ AI models can automate many of the repetitive and time-consuming tasks involved in cyber threat intelligence, potentially lowering costs for organizations ❖ Artificial intelligence models can be scaled up or down as needed, allowing organizations to quickly adapt to changing threat landscapes and analyze large volumes of data without adding additional resources WHY ARTIFICIAL INTELLIGENCE IN CTI

14. ❖ There is a risk that organizations may become over-reliant

    on AI models for cyber threat intelligence, leading to a false sense of security. AI models can be powerful tools, but they should be used in conjunction with human expertise and oversight for conducting advanced threat investigations ❖ Adversarial attacks refer to attempts to manipulate or trick AI models into producing incorrect or misleading results. This is particularly relevant when it comes to cyber defense, where attackers may attempt to deceive AI models in order to evade detection ❖ AI models rely on large volumes of high-quality data to function effectively but sometimes there may be limited data available due to the sensitive nature of the information or the difficulty in collecting and analyzing it ❖ AI models may inadvertently learn and propagate biases present in their training data or algorithms, potentially leading to skewed or misleading threat analyses. ❖ Deep Fakes SOME CONCERNS

15. USE CASES OF AI IN CTI ❖ Summarization ❖ IOC

    Extraction ❖ TTP Extraction ❖ Predictive Intelligence ❖ Alert/Report Generation ❖ Threat Detection Generation ❖ Malware Analysis

16. EVOLUTION OF OSINT INVESTIGAGTION ❖ Publicly available information ❖ Commercially

    available information ❖ Blockchain and crypto activities ❖ Artificial intelligence in OSINT

17. PRACTICAL EXAMPLE – ChatGPT for collections

18. PRACTICAL EXAMPLE – ChatGPT for automating dorks

19. PRACTICAL EXAMPLE – ChatGPT for Finding impersonations

20. PRACTICAL EXAMPLE – G-3P0 For Reverse Malware Analysis

21. Whisper – For Speech Recognition GitHub - openai/whisper: Robust Speech

    Recognition via Large-Scale Weak Supervision

22. CONCLUSION The integration of artificial intelligence in cyber threat intelligence

    is only at it’s beginning stages. As AI capabilities develop, we will see more advance use cases of AI in cyber threat intelligence.

23. THANK YOU

24. None