AI can be used to prevent cybersecurity threats linked to ransomware, says University of Cincinnati researcher Nelly Elsayed.
"We are in a hype era of AI," says Elsayed, associate professor in the UC School of Information Technology. "Some people support it, others fear it, but in general people who design technology are trying to use it for good."
Elsayed, founder and leader of the Applied Machine Learning and Intelligence Lab at UC, recently published research in the Journal of Information Security and Applications, arguing that Generative AI may be an ally in strengthening ransomware defense.
It can be used to integrate synthetic data generation and behavioral forecasting, stress test systems by checking for adversarial behavior simulation and improve trust of human-AI collaboration in security operation systems.
Cybersecurity analysts and system defenders can use AI to detect new malicious attacks and classify and identify new means of attack from bad actors, according to Elsayed. Simulating with hackers might allow for creating possible attack scenarios and learning to think like attackers to offer more robust tools for defense, she adds.
"It's a way to generate a combination of possible attacks system defenders might not have considered," she says.
Elsayed adds a practical example could be a user pasting a suspicious email into a generative AI system and asking about the validity of the email. AI could help screen and catch red flags: a suspicious logo or misspellings.
"AI can become an early warning or screening tool," she says.
In order for AI to be an important tool, Elsaye says that explainability such as why AI considers an item a phishing email is important in building trust among users.
Elsayed said governance and responsible use of AI is a necessity as it can be considered a "double-edged sword."
"We need governance, rules, policies and a kind of code of conduct," she adds. "Defining best practices and specifying how AI should be used in an organization are necessities.
"It is possible to build long-term cybersecurity resilience using AI," says Elsayed.
AI will never replace humans but it can change our work patterns, notes Elsayed, adding that AI has long been part of daily lives in areas such as medical imaging with early detection of disease like lung cancer and facial recognition in smartphones.
"Generative AI made AI more visible, but AI itself is not new," says Elsayed.
