The concept of Deep Learning belongs to the category of Artificial Intelligence and is a sub-category of Machine Learning, a methodology that uses artificial neural networks (ANNs), which have been developed to mimic the activity of the human brain.
Simplifying the concept a lot, we could say that through this "deep learning" the machine can autonomously carry out a hierarchical classification of the data, thus obtaining only those truly relevant to the solution of the problem, while at the same time starting a continuous self-learning circuit. Just like the human mind can do. The vast scope of the implementations of this technology is therefore understood, even more so in a sector, that of cyber security, which is facing increasingly sophisticated challenges.
In that battlefield that is now the company network, machines challenge machines while technicians study increasingly creative solutions to overcome the opponent. Because what is at stake, in the end, is the very survival of the company. When the real problem is the unknown, a security infrastructure based on known threats can no longer function. And it doesn't work anymore. Here artificial intelligence and Deep Learning open new scenarios in which it is possible to block new threats in real time and without human intervention.
Read also the interview with the team of Deep Instinct, the solution that uses deep learning as a tool to prevent, anticipate and counter potential new malicious threats.
Deep Learning to counter and prevent intrusions into IT systems
One of the main applications of Deep Learning in the field of cyber security concerns systems for the contrast of intrusions. These are systems that are able to detect suspicious activity and presences within the network based on known signatures and forms. However, these systems generate many false positives, tiring the work of security personnel. Deep Learning could greatly improve the situation, reducing false positives through increasingly precise analyzes and improving the response of security teams.
Intrusions into the IT network of companies, however, can also come from within, when it is an employee, for example, who initiates fraudulent activities. Deep Learning is able to analyze and understand user behavior, promptly detecting anomalies that otherwise could escape or would require a lot of effort to be identified. Think for example of the employee who logs in after hours. The system, which has learned the routine behavior, identifies an anomaly and can issue an alarm.
Apply Deep Learning against SPAM
This is an application that Google itself has successfully implemented to improve the fight against SPAM emails. In fact, through these deep learning techniques, natural language is processed by creating linguistic and statistical models that allow for better detection of SPAM. In this way, Gmail has been able to block SPAM categories that are usually difficult to identify, such as image-based emails or those that take advantage of the creation of new domains. Furthermore, these systems allow users to adapt the filters to their needs, as not everyone considers the same messages SPAM.