» Data Science for Cybersecurity - NUS Information Technology | NUS IT Services, Solutions & Governance

Data Science for Cybersecurity

Kumar Sambhav, Research Computing, NUS IT

Data science is an extensive field which touches base with so many use cases that makes it difficult to describe its capabilities just by using the term itself. Data science provides important tools to allow us to gain insights into, sometimes humanly unfathomable datasets.

Machine learning allows data scientists to make predictions based on past knowledge. This attribute of machine learning comes in handy when doing analyses for cybersecurity as most of the cybersecurity use cases are based on the need of learning from past patterns or behaviors. It is often used to predict whether if there is a potential threat to our existing systems.

The reactionary strategy of responding to attacks, meaning, that the cybersecurity professionals respond to threats only after an attack, might not be the best way recommended. With that approach, the attackers will always have an upper hand. Hence it is crucial to be able to predict the attacks before they even happen.

To be able to predict attacks, data focused approaches like anomaly detection are major tools that come in handy. Using anomaly detection, professionals scan the various types of logs that they gather and based on the result, they can establish a norm or generalised behavior of various kinds of activities. Any cybersecurity incident is typically associated with a deviation from the norm and hence from the detection results, those threats can be easily identified and stopped.

Similarly, deep learning approaches can be used effectively in penetration tests. One of such example is PassGAN. PassGAN is a generative adversarial network or GANs, which are very helpful in penetration testing. Using GANs we can simulate an attack behavior and check how well the security of our systems would perform if a real attack happens. PassGAN does exactly what its named for, as a password guessing attack tool for systems to test the quality of their security.

SSGAN is another example in which researchers used GANs to hide suspicious payloads on normal looking files.

AI and data science have revolutionized cybersecurity in many ways. The contribution of data science to cybersecurity is quite immense and new avenues of research will inevitably open in the future.

If you have any data science or AI related queries, please reach out to us at data.engineering@nus.edu.sg .