Machine Learning in the Age of Cyber AI

A Review of Machine Learning Approaches for Cyber Security and Darktrace’s Underlying Technology
White Paper Wed 29 Aug 2018

A new era in cyber security has begun. In today’s complex digital environments, machines are fighting machines, and advanced attackers and criminal groups are contriving sophisticated new ways to perpetrate their missions. The corporate network has become a battlefield, where the stakes are control of digital assets and, ultimately, the ability of the organization to function.

The danger today is not just the classic scenarios of data theft, or a hacked website, but the silent threat lurking beneath the surface. These attackers are quiet, creeping in unannounced, and surreptitiously changing data at will, or installing kill switches ready to be activated. Using custom code, only crossing the perimeter boundary once and never sending information outside, such threats are almost impossible to find.

Against this new reality, legacy security systems are failing, and many face extinction. This is because the traditional approach to cyber security relies on being able to define the threat in advance. Rigidly programmed to only detect known threats, this approach is no longer viable. From novel and fast-spreading attacks to insiders gone rogue, from hacked IoT devices to compromised supply chains, the threat landscape evolves in unpredictable ways and a new approach to cyber defense is urgently required.

Under this new paradigm, AI technology can identify and neutralize previously unseen cyber-threats. While machine learning has the power to transform cyber defense, the challenge of getting it to work at scale, in a variety of dynamic data environments, while detecting genuine threats in real time, without human intervention, is not trivial.

With the first AI for cyber defense proven to work across diverse digital enterprises, Darktrace is the world leader in detecting and autonomously responding to cyber-threats that legacy systems miss. Powered by machine learning and AI algorithms, Darktrace’s ‘immune system’ technology is used by thousands of organizations worldwide.

This white paper explains Darktrace’s approach to machine learning and shines a light on the unique interplay between unsupervised machine learning, supervised machine learning, and deep learning behind the world’s leading cyber AI technology.