Abstract
This chapter presents an overview of the problem of survivability of information systems, along with solutions that are currently available to designers of such systems. The notion of survivability in the context of cybersecurity over multi-user distributed information systems is defined, which is set as the target of cyber defense to prevent the adversary from successfully completing their mission. The cyber-attackers’ kill chain is explained. Artificial Intelligence (AI) techniques that may be employed in order to promote information system survivability are outlined and the technical issues toward which each technique can contribute are listed. Following that, schemes for increased cyber survivability are presented, which focus on solving particular problems that commonly appear by employing artificial intelligence techniques. First, the problem of email message filtering in the context of breaking the cyber kill chain is analyzed and a typical AI-assisted technical solution is given. Following that, the effect of malware in survivability is presented and an approach to its solution based on the static analysis and detection of patterns is presented. Subsequently, the collusion attack, an attack where multiple malware programs collaborate in order to achieve malicious goals, is presented and an AI-powered solution is outlined based on currently available technology. A three-level anomaly detection system is presented that employs AI primitives and detects problematic behavior in network traffic, packed files, and SQL statements in order to produce cybersecurity defense actions and warnings. Dynamic analysis of potentially harmful programs is analyzed and a technique that performs such analysis is presented that examines the executed machine-level instruction opcodes and utilizes AI in order to circumvent efforts of malware creators to obfuscate the actions and intents of their code. A recently proposed comprehensive cooperative infrastructure defense system is briefly presented that is based on the artificial intelligence ant colony paradigm. The system aims to coordinate human and automated efforts to protect the integrity of large-scale information systems. It uses multiple AI principles in order to utilize existing information and obtain novel knowledge, adapting to new threats and user expectations. Finally, survivability promoting countermeasures are presented that act as additional fail-safe mechanisms to impair the cyber-attackers mission.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alazab, M., R. Layton, R. Broadhurst, and B. Bouhours. 2013. Malicious spam emails developments and authorship attribution. Fourth cybercrime and trustworthy computing workshop 58–68.
Alazab, M., S. Venkatraman, P. Watters, and M. Alazab. 2013. Information security governance: The art of detecting hidden malware. IT security governance innovations: theory and research, 293–315. Harrisburg: IGI Global.
Asăvoae, Irina Măriuca, Jorge Blasco, Thomas M. Chen, Harsha Kumara Kalutarage, Igor Muttik, Hoang Nga Nguyen, Markus Roggenbach, and Siraj Ahmed Shaikh. 2017. Detecting malicious collusion between mobile software applications: The AndroidTM case. https://www.jorgeblascoalis.com/assets/papers/Asavoae2017.pdf.
Atighetchi, Michael, and Joseph Loyall. 2010. Meaningful and flexible survivability assessments: Approach and practice, 12–18. In CrossTalk: The journal of defense software engineering.
Azab, A., M. Alazab, and M. Aiash. 2016. Machine learning based botnet identification traffic. IEEE Trustcom/BigDataSE/ISPA 1788–1794.
Azab, A., R. Layton, M. Alazab, and J. Oliver. 2014. Mining malware to detect variants. Fifth cybercrime and trustworthy computing conference 44–53.
Carlin, Domhnall, Philip O’Kane, and Sakir Sezer. 2017. Dynamic analysis of malware using run-time opcodes. Data analytics and decision support for cybersecurity, 99–125. Berlin: Springer.
Demertzis, Konstantinos, and Lazaros Iliadis. 2015. A bio-inspired hybrid artificial intelligence framework for cyber security. Computation, cryptography, and network security, 161–193. Berlin: Springer.
Doukas, Nikolaos. 2017. Technologies for greener internet of things systems. Green IT engineering: components, networks and systems implementation, 23–42. Berlin: Springer.
Doukas, Nikolaos, Oleksandr P. Markovskyi, and Nikolaos G. Bardis. 2019. Hash function design for cloud storage data auditing. Theoretical Computer Science 800: 42–51.
Haack, J.N., G.A. Fink, W.M. Maiden, A.D. McKinnon, S.J. Templeton, and E.W. Fulp. 2011. Ant-based cyber security. Eighth international conference on information technology: new generations 918–926.
Asif Khan, M., and Mureed Hussain. 2010. Cyber security quantification model. In Proceedings of the 3rd international conference on security of information and networks.
Parisi, Alessandro. 2019. Hands-On Artificial Intelligence for Cybersecurity: Implement Smart AI Systems for Preventing Cyber-Attacks and Detecting Threats and Network Anomalies. Birmingham: Packt Publishing Ltd.
Stavroulakis, P., M. Kolisnyk, V. Kharchenko, N. Doukas, O.P. Markovskyi, and N.G. Bardis. 2017. Reliability, fault tolerance and other critical components for survivability in information warfare. International Conference on E-Business and Telecommunications, 346–370. Berlin: Springer.
Tarnowski, Ireneusz. 2017. How to use cyber kill chain model to build cybersecurity. European Journal of Higher Education IT.
Tsukerman, Emmanuel. 2019. Machine Learning for Cybersecurity Cookbook. Birmingham: Packt Publishing Ltd.
Wilson, Duane. Cyber survivability—Keeping mission systems survivable in the event of a mission-based cyberattack. https://www.survice.com/media/technology-spotlight/cyber-survivability-keeping-mission-systems-survivable-event-mission.
Wolfgang, Ertel. 2011. Introduction to Artificial Intelligence. London: Springer. Translated by Nathanael Black with illustrations by Florian Mast.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Doukas, N., Stavroulakis, P., Bardis, N. (2021). Review of Artificial Intelligence Cyber Threat Assessment Techniques for Increased System Survivability. In: Stamp, M., Alazab, M., Shalaginov, A. (eds) Malware Analysis Using Artificial Intelligence and Deep Learning. Springer, Cham. https://doi.org/10.1007/978-3-030-62582-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-62582-5_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-62581-8
Online ISBN: 978-3-030-62582-5
eBook Packages: Computer ScienceComputer Science (R0)