(Image courtesy of IBM, Flickr).
(Image courtesy of IBM, Flickr).
(Image courtesy of IBM, Flickr).
(Image courtesy of IBM, Flickr).
(Image courtesy of IBM, Flickr).

IBM’s Watson Takes on Cybersecurity

May 12, 2016
Watson, the artificial intelligence platform from IBM, is applying big data to just about everything. Now, it is being taught to hunt down hackers and help companies fortify networks against cyber attacks.

Watson, the artificial intelligence platform from IBM, wears many hats. The cognitive computer has been a trivia master, physician’s assistant, financial analyst, cancer researcher, fitness coach, and customer service representative. Now, IBM is training the software to help protect companies from hackers and malware.

IBM recently announced a cloud-based version of the cognitive computing software that will understand the language of cybersecurity, using it to identify digital threats that might elude human analysts. The company is taking the same big data approach it applied to other industries, feeding Watson reams of security research to guide its hunt for hackers.

Watson has already begun to study two decades of IBM’s internal security research, including spam and phishing attacks; malware and viruses; network vulnerabilities; and even possible solutions. Once it has finished with the research materials, IBM aims for Watson to ingest 15,000 documents about digital security every month to keep it updated on the latest security measures.

That approach is similar to how Watson prepared for tasks like cancer research, where the program read through more than a half-million medical documents that it would use to help doctors diagnose and treat patients. In 2015, IBM acquired Merge Healthcare for its archive of 30 million X-rays and imaging scans, which Watson studied to better identify ailments such as cancer and heart disease.

IBM hopes that this approach will transform an industry overwhelmed by the growing number and complexity of cybersecurity threats. According to a 2015 Ponemon Institute survey, security analysts only investigate about 4% of malware alerts, underlining a shortage of engineers and automated services that locate high-priority threats. The survey also found that hackers have been gradually using more malicious forms of malware, giving missed threats the potential to become even more dangerous.

“The volume and velocity of data in security is one of our greatest challenges in dealing with cybercrime,” said Marc van Zadelhoff, general manager of IBM Security. Making matters worse for security analysts is that almost two-thirds of the alerts about threats to their networks are actually false positives, according to the Ponemon survey.

This is where Watson comes in. Rather than replace analysts, IBM is turning Watson into a consultant, searching through of research and security alerts faster than human operators ever could. It could help humans prioritize threats, shutting down potential attacks sooner.

The cybersecurity program has other advantages over human analysts. Watson can also look through blogs, research papers, articles, videos, reports, alerts, and other “unstructured data” that security professionals rarely have time to read during an attack. For example, it could read through an online security blog about a new form of malware, scan through a research paper on ways to stop it, and then send that data on to human operators.

“There is a massive amount of security data that exists for human consumption, which cannot be processed by traditional security systems,” J.R. Rao, director of security research at IBM, said in a statement.

Helping to put that security data in front of Watson, IBM is partnering with eight universities that will upload and annotate security data into the system. Working on the project is the University of Maryland Baltimore County, the Massachusetts Institute of Technology, California State Polytechnic University Pomona, Pennsylvania State University, New York University, the University of New Brunswick, the University of Ottawa, and the University of Waterloo.

Working with the cybersecurity version of Watson could also help train new human analysts. IBM also announced that it would be forming an “accelerated cognitive cybersecurity laboratory” with UMBC. The lab will focus on using machine learning and cognitive computers to solve cybersecurity issues.

The students helping to train Watson might eventually end up working at IBM, which has been spending to grow its security business. In February, the company added about 100 security consultants with the purchase of Resilient Systems, a cyberattack response company, inflating its roster to around 3,000 analysts.

Sponsored Recommendations

Board-Mount DC/DC Converters in Medical Applications

March 27, 2024
AC/DC or board-mount DC/DC converters provide power for medical devices. This article explains why isolation might be needed and which safety standards apply.

Use Rugged Multiband Antennas to Solve the Mobile Connectivity Challenge

March 27, 2024
Selecting and using antennas for mobile applications requires attention to electrical, mechanical, and environmental characteristics: TE modules can help.

Out-of-the-box Cellular and Wi-Fi connectivity with AWS IoT ExpressLink

March 27, 2024
This demo shows how to enroll LTE-M and Wi-Fi evaluation boards with AWS IoT Core, set up a Connected Health Solution as well as AWS AT commands and AWS IoT ExpressLink security...

How to Quickly Leverage Bluetooth AoA and AoD for Indoor Logistics Tracking

March 27, 2024
Real-time asset tracking is an important aspect of Industry 4.0. Various technologies are available for deploying Real-Time Location.

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!