Endpoint security refers to a methodology of protecting devices like laptops, mobiles and other wireless devices that are used as endpoint devices for accessing the corporate network. Although such devices create potential entry points for security threats still endpoints are becoming a more common way to compute and communicate than local or fixed machines. Such attacks tend to occur because a lot of data is outside the corporate firewall that exposes it to security threats. Some such threats to which our system is exposed constantly are phishing, spoofing, vishing, etc.
In such types of attacks, a person pretends to be someone else in order to trick users into disclosing confidential data, information or both. In order to prevent any kind of unauthorized access gain to confidential information, a cloud-based stack can protect against highly targeted script-based attacks including malware. ML and AI enhance the capabilities of this cloud network by supporting real-time blocking of new and unknown threats.
It is one of the most common types of attacks aimed at stealing the victim’s personal information like banking account details. Attackers usually use spoofed emails that contain links directing the user to a malware-infected site. Such sites replicate genuine sites and trick the user into entering confidential details like passwords. AI and ML co-ordinate very well with each other in order to identify potential anomalies in emails. By analyzing the metadata, content, context of emails the system makes suitable decisions on how to tackle the malicious email. Using words like urgent and promotion in an email are picked by the AI systems as suspicious but the final decision is made after analyzing the email as a whole based on the following parameters. Whether there was a previous conversation, a connection between the subject and the content of the email, along with misspelled domains if any. ML-based protection continuously learns from such scenarios along with feedback data given to it by the user making the protection more accurate day by day.
3. Spear Phishing
It is a type of phishing but done in a more planned way by the attacker. The attacker first tends to do a background check on the user and then according to the users’ most common interests, most common visited websites and social media feeds the user is analyzed and is sent so-called credible mails which ultimately lead the target to open up little by little. Ultimately the user ends up downloading the malicious file. However, ML and AI make consistent efforts to tackle such kind of attacks. AI is used to understand the communication patterns which take place and if the system identifies an attack the ML-powered AI system block it before they cause any damage.
4. Watering Hole
Such attacks are based on the principle that a hunter uses for the prey to fall into the trap. In such attacks, the attacker tends to exploit the vulnerabilities of a website that is visited again and again by the user. ML and AI her us the path traversal algorithms for detecting any kind of malicious data. These traversal algorithms analyze if a user is directed to any kind of malicious website. For plotting such kind if attacks a lot of data from email traffic, proxy and pocket are required which is thoroughly scanned by the ml systems.
5. Network Sniffing
It is the process of capturing and analyzing the data packets that travel across the network. The network sniffer monitors all the data with the use of clear and readable messages being transmitted over a network. The best countermeasure to prevent sniffing is the use of encrypted communication between the hosts. VPNs are particularly used for encrypting the data. ML and AI-powered VPNs have however taken the protection to another level. ML-powered VPNs are equipped with a sophisticated learning algorithm that creates a private tunnel in the open networks like WiFi encapsulating and encrypting all the data sent on the network. This is done to prevent an attacker from deciphering the contents even if the data packets have been intercepted
The principle of this attack although remains too straightforward but still, is effective today. It aims at causing interruption or suspension of a specific host or server by flooding it with large quantities of useless traffic(data) so that the server is not able to respond. Such flooding is done by multiple botnets(infected systems) simultaneously. DDOS is very effective because they are of lower bandwidth and hence they tend to bypass the detection quite easily and are often mixed with other attacks that also prevent them from the detection. However, AI-powered ML systems can instantaneously distinguish good traffic from bad traffic. This detection takes place within a few seconds that is the reason that such systems are preferred because they are quick, accurate and can analyze huge chunks of data in a very short interval of time.
Although Machine learning and Artificial intelligence have revolutionized the security systems there is no denying the fact that they have drawbacks in certain areas. One of the drawbacks is that dealing with AI AND ML systems requires a lot of financial resources which a medium scale industry cannot bear to spend. Sometimes hackers may exploit artificial intelligence and use it against the user if a hacker is successfully able to foil the system tricking it into misidentifying or misclassifying certain objects due to modified inputs by an attacker. In simple terms, the attacker may trick the system into thinking about the absence of a particular security check and manage to open a device without a face id or a password. Certain ML-powered software can also mimic a person’s voice after listening to the voice for just some time. Such software is used for vishing. Vishing is a technique in which phishing is combined with voice. This attack involves caller ID spoofing that masks the real phone number with that similar to the target, making them believe in the genuineness of the caller and thus successfully carrying out the attack. Thus we can say AI AND ML act as double-edged swords while transforming the endpoint security.
- Difference Between Artificial Intelligence and Business Intelligence
- Difference Between Artificial Intelligence and Human Intelligence
- Significance Of Artificial Intelligence in Cyber Security
- How can Artificial Intelligence Impact Cyber Security in the Future?
- Difference between Machine learning and Artificial Intelligence
- Machine Learning and Artificial Intelligence
- How Machine Learning and Artificial Intelligence Will Impact Global Industries in 2020?
- Artificial intelligence vs Machine Learning vs Deep Learning
- Difference Between Artificial Intelligence vs Machine Learning vs Deep Learning
- Machine Learning - Types of Artificial Intelligence
- 8 Best Topics for Research and Thesis in Artificial Intelligence
- What is Bipolar Disorder and How Can Artificial Intelligence Help in Detecting it?
- The State of Artificial Intelligence in India and How Far is Too Far?
- Difference Between Data Science and Artificial Intelligence
- Difference between Artificial Intelligence and Automation
- Difference Between Internet of Things and Artificial Intelligence
- Advantages and Disadvantage of Artificial Intelligence
- Artificial Intelligence | An Introduction
- Turing Test in Artificial Intelligence
- Chinese Room Argument in Artificial Intelligence
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.