{"id":15393,"date":"2021-11-01T10:00:29","date_gmt":"2021-11-01T09:00:29","guid":{"rendered":"https:\/\/www.secuinfra.com\/?p=15393"},"modified":"2023-12-13T14:25:58","modified_gmt":"2023-12-13T13:25:58","slug":"deep-learning-a-field-of-artificial-intelligence-keeping-pace-with-tomorrows-threats","status":"publish","type":"post","link":"https:\/\/testing.secuinfra.com\/en\/techtalk\/deep-learning-a-field-of-artificial-intelligence-keeping-pace-with-tomorrows-threats\/","title":{"rendered":"Deep Learning &#8211; A Field of Artificial Intelligence &#8211; Keeping pace with tomorrow&#8217;s threats"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_83 counter-flat ez-toc-counter ez-toc-white ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">[inhalt_uebersetzt]<\/p>\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/deep-learning-a-field-of-artificial-intelligence-keeping-pace-with-tomorrows-threats\/#An_overview\" >An overview<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/deep-learning-a-field-of-artificial-intelligence-keeping-pace-with-tomorrows-threats\/#The_data\" >The data<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/deep-learning-a-field-of-artificial-intelligence-keeping-pace-with-tomorrows-threats\/#Artificial_Neural_Networks\" >Artificial Neural Networks<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/testing.secuinfra.com\/en\/techtalk\/deep-learning-a-field-of-artificial-intelligence-keeping-pace-with-tomorrows-threats\/#Approach_to_network_attack_detection_using_Deep_Learning\" >Approach to network attack detection using Deep Learning<\/a><\/li><\/ul><\/nav><\/div>\n<p>While signature- or rule-based detection methods can be used very reliably in the context of known threats, certain attack scenarios cannot be addressed by these methods.<br \/>\nThe increasing complexity, creativity, and speed of development of new attack methods or variants of already known ones pose challenges for signature-based detection methods.<br \/>\nAdditional approaches are needed that are able to support such a system where signatures and rules can no longer be used effectively.<\/p>\n<p>Thus, we enter the field of anomaly detection.<br \/>\nThese methods first learn the normal behavior of the environment in which they are located and observe it.<br \/>\nIf there is now a significant deviation from the normal behavior, this leads to an alarm.<br \/>\nSuch an approach is suitable for attack detection purposes, since attacks can be interpreted as a deviation from the normal operation of a system.<br \/>\nThus, anomaly detection for attack detection purposes is a viable approach in theory.<\/p>\n<p>This design implicitly allows to detect attack methods that:<\/p>\n<ul>\n<li>cannot be addressed by signatures<\/li>\n<li>are novel<\/li>\n<\/ul>\n<p>The latter is because the approach does not look for specific attacks.<br \/>\nRather, it detects the consequence of these, namely the changed behavior of the environment caused by the attack.<\/p>\n<p>At SECUINFRA, we are researching anomaly detection using Deep Learning to identify network-level attacks.<\/p>\n<p>In this article, we would like to provide, in the most beginner-friendly way possible, a non-technical overview of the methodology and idea.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"An_overview\"><\/span>An overview<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>However, before we elaborate on this topic more extensively, let&#8217;s first create a brief overview.<br \/>\nThis should help to understand which areas the topic of artificial intelligence covers and where our research work fits in.<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\" wp-image-15388 aligncenter\" src=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung-300x293.png\" alt=\"\" width=\"613\" height=\"598\" srcset=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung-300x293.png 300w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung-1024x1001.png 1024w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung-768x751.png 768w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung-60x60.png 60w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung-24x24.png 24w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung-36x36.png 36w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung-48x48.png 48w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Einordnung.png 1164w\" sizes=\"(max-width: 613px) 100vw, 613px\" \/><\/p>\n<p>In the literature, there are many different interpretations of how the individual areas of artificial intelligence are to be classified or what they consist of.<br \/>\nTherefore, this non-exhaustive chart serves the purpose of a loose orientation.<\/p>\n<p>Machine learning is probably the field that receives most of the public attention.<br \/>\nThese methods are able to detect regularities in historical data.<br \/>\nThis process is not so different from the way we humans learn.<br \/>\nWe generalize from observations and experiences and create knowledge in this way.<br \/>\nAnalogously, such a process is also capable of independently determining solutions for unknown data in the future through the recognized patterns and characteristics.<\/p>\n<p>Deep Learning refers to a family of methods in the Machine Learning domain.<br \/>\nHere we speak of artificial neural networks. We speak of Deep Learning when the architecture of the neural network has a certain complexity.<br \/>\nWe will explain this in more detail in the section that discusses the structure of such networks.<\/p>\n<p>But now let&#8217;s start with the probably most important section of our work.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_data\"><\/span>The data<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The quality of the results is directly dependent on the quality of the data. While obvious at first glance, this is one of the biggest challenges.<br \/>\nWhat data am I collecting?<br \/>\nDoes the data &#8220;speak&#8221; what I am looking for?<br \/>\nThat is, is there any intrusion into my network infrastructure visible at all in what I am observing?<br \/>\nWhat form does my method expect the data to take so that it can truly learn from it?<\/p>\n<p>These are just a few of the questions that need to be answered when it comes to the data foundation.<br \/>\nThis section represents the most time-consuming aspect.<br \/>\nThe task is to select and prepare the data in such a way that our method is able to see what we want it to see.<\/p>\n<p>The basis is network data, or rather recordings in the form of PCAPs, which capture the communication.<br \/>\nPer observation, various features are extracted here.<br \/>\nFrom here on, we will refer to these properties as features.<br \/>\nIn the machine learning domain, this is the common term for &#8220;properties of observations&#8221;.<\/p>\n<p><img decoding=\"async\" class=\" wp-image-15387 aligncenter\" src=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Feature-300x194.png\" alt=\"\" width=\"633\" height=\"409\" srcset=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Feature-300x194.png 300w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Feature-1024x662.png 1024w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Feature-768x497.png 768w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Feature-24x16.png 24w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Feature-36x23.png 36w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Feature-48x31.png 48w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Feature.png 1398w\" sizes=\"(max-width: 633px) 100vw, 633px\" \/><\/p>\n<p>As can be seen in the figure, in our example the features &#8220;transmission duration&#8221; and &#8220;size of the transmitted data&#8221; are recorded per observation.<\/p>\n<p>What can be seen here is that:<\/p>\n<ul>\n<li>one row corresponds to one observation<\/li>\n<li>a column represents the value progression of a feature over time\n<ul>\n<li>i.e. over all observations<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>As the number of observations increases, a certain basic behavior emerges in each of our features.<\/p>\n<p>Which values occur particularly frequently in this feature over time?<br \/>\nBy how much do the values generally scatter around this most frequent value?<br \/>\nIn what range of values do the values usually range?<\/p>\n<p>The more of these observations become available, the more reliably these questions can be answered.<\/p>\n<p><img decoding=\"async\" class=\" wp-image-15386 aligncenter\" src=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime-300x154.png\" alt=\"\" width=\"635\" height=\"326\" srcset=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime-300x154.png 300w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime-1024x524.png 1024w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime-768x393.png 768w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime-1536x786.png 1536w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime-24x12.png 24w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime-36x18.png 36w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime-48x25.png 48w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/overTime.png 1840w\" sizes=\"(max-width: 635px) 100vw, 635px\" \/><\/p>\n<p>This graphic shows a very nice and clear picture of the value development in the transmission duration feature.<br \/>\nThe values are predominantly within a well-defined value range, marked here with &#8220;Range Low&#8221; and &#8220;Range High&#8221;. Outliers are not visible and the variation from the average is constant. A clear behavioral picture.<br \/>\nIt should be noted here that in practice, various pre-processing and cleaning steps are usually necessary before such a clear picture of the data is obtained. The graphic already shows the ideal case, so to speak.<\/p>\n<p>Now we need to capture this behavior with all its properties and patterns.<br \/>\nFor this purpose, we make use of Deep Learning.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Artificial_Neural_Networks\"><\/span>Artificial Neural Networks<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3>The architecture<\/h3>\n<p>Artificial neural networks are loosely inspired by the human brain.<br \/>\nThey consist of neurons that communicate through a multitude of connections using signals in the form of numerical values.<br \/>\nA neuron is a component that performs mathematical operations on its inputs.<br \/>\nThe result decides with which intensity or if at all a signal should be sent to the neurons of the following layer.<\/p>\n<p>The inputs to a neuron consist of:<\/p>\n<ul>\n<li>Outputs from the neurons of the previous layer<\/li>\n<li>Coefficients, also called weights<\/li>\n<\/ul>\n<p>These two components are combined and processed by the neuron.<\/p>\n<p>Neurons are arranged in layers.<br \/>\nThese layers are respectively called input, output, or hidden layer, depending on their location in the network.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\" wp-image-15382 aligncenter\" src=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/NN-300x283.png\" alt=\"\" width=\"586\" height=\"553\" srcset=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/NN-300x283.png 300w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/NN-1024x966.png 1024w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/NN-768x725.png 768w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/NN-24x24.png 24w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/NN-36x34.png 36w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/NN-48x45.png 48w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/NN.png 1172w\" sizes=\"(max-width: 586px) 100vw, 586px\" \/><\/p>\n<p>From a certain number of hidden layers one speaks of &#8220;Deep Learning&#8221;, usually three upwards.<br \/>\nThis means Deep Learning is a subcategory of artificial neural networks, as already shown in the figure at the beginning of the article.<\/p>\n<p>The goal of neural networks is to capture patterns in data that we present to them.<br \/>\nIt is irrelevant what the data is. Images, videos, sensor data, acoustic information, just to name a few examples. As long as it can be represented numerically, it is basically suitable for processing.<\/p>\n<h3>The learning process<\/h3>\n<p>Learning is the process of extracting significant patterns and regularities from historical data that fundamentally define it.<br \/>\nBefore starting, we choose the data that will be input to the neural network (our observations) and the outputs we expect per input.<\/p>\n<p>The learning algorithm starts with the neural network guessing the corresponding output per input.<br \/>\nSince we know the expected output, an error value can be calculated from this.<br \/>\nThe error is, in other words, a metric that says: \u201cHow wrong was my neural network with its output compared to the expected value for this observation?\u201d<\/p>\n<p>This error value is now used to adjust the neural network&#8217;s weights so that the error is smaller on the next trial.<br \/>\nThis happens in the context of each observation presented.<\/p>\n<p>You can think of each layer, or its outputs, as an abstraction of our input.<br \/>\nSo each layer, except the first, operates on a representation of our original input, which it received from the previous layer.<br \/>\nAs our input progresses through the neural network, it becomes more reorganized and aggregated.<\/p>\n<p>The weights are used to highlight the elements in the abstractions of each layer that are most relevant to generate outputs that are as close as possible to our expected target values.<br \/>\nThus, as learning proceeds, the neural network increasingly acquires the ability to focus on the patterns and characteristics that describe the actual underlying relationship between all input-target value pairs.<\/p>\n<p>After all input data has been presented once, outputs have been generated to it, and the error values have been used for parameter optimization, the process is repeated. Several times, possibly hundreds of times.<br \/>\nIdeally, however, each time with a slightly improved version of the neural network than in the previous run, resulting in an ever decreasing error value.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\" wp-image-15385 aligncenter\" src=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Epoch-300x122.png\" alt=\"\" width=\"838\" height=\"341\" srcset=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Epoch-300x122.png 300w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Epoch-1024x415.png 1024w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Epoch-1536x623.png 1536w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Epoch-24x10.png 24w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Epoch-36x15.png 36w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Epoch-48x19.png 48w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Epoch.png 1800w\" sizes=\"(max-width: 838px) 100vw, 838px\" \/><\/p>\n<p>The result of this process is a so-called model. The name is derived from the fact that the training serves to model the underlying relationships between the inputs and target values.<br \/>\nIn the best case, this model is now able to generalize adequately through what it has learned in order to convert new inputs into outputs in the future whose target values are unknown. The task of the model is now to determine these values itself in the future.<\/p>\n<p>Whether the model does this satisfactorily can be evaluated after training. For this purpose, we use another data set consisting of input values and known target values. Here we let the model generate new outputs for these observations (which were not presented in the training before). These are then compared again with the actual target values. This process simulates productive use.<br \/>\nIs the error associated with this independent data set comparable to that at the final stage of training? If yes, this means that the neural network was most likely able to capture the patterns and aspects in the input data during the learning process, which can be used to infer the target values from the inputs.<\/p>\n<h3>Excursus<\/h3>\n<p>At this point it should be emphasized that the predefined target values can be arbitrary.<br \/>\nThere are no semantic restrictions on what you can map from your inputs.<\/p>\n<p>However, only pairings of inputs and target values are useful, where the target value can really be derived from the input and where this relation can be learned or exists at all.<br \/>\nWhether this is true, by the way, is not always known beforehand and also not necessarily ascertainable.<\/p>\n<p>An example would be the attempt to predict future price developments of a stock based on past trends and price movements.<\/p>\n<p>If the random walk theory holds, historical price movements do not imply those in the future.<br \/>\nThus, predicting future prices based on past movements is by definition impossible.<br \/>\nTherefore, one will not be able to solve this problem with neural networks.<\/p>\n<p>Now the matter is not quite so clear-cut.<br \/>\nThe counter assumption is that certain recurring patterns, which are formed by price movements, increase the probability of a subsequent rising or falling price.<br \/>\nRecognizing and acting accordingly forms a basic pillar of every trader&#8217;s work.<\/p>\n<p>According to this thesis, it is possible to draw conclusions about the future based on past price movements and to generate recommendations in the style of &#8220;buy&#8221; or &#8220;sell&#8221; with the help of neural networks, depending on the observed price movement pattern.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\" wp-image-15384 aligncenter\" src=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell-300x196.png\" alt=\"\" width=\"586\" height=\"383\" srcset=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell-300x196.png 300w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell-1024x670.png 1024w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell-768x503.png 768w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell-1536x1005.png 1536w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell-24x16.png 24w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell-36x24.png 36w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell-48x31.png 48w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/BuySell.png 1586w\" sizes=\"(max-width: 586px) 100vw, 586px\" \/><\/p>\n<p>Opinions differ as to which of the two theories is actually correct.<br \/>\nHowever, this example only serves as an illustration.<br \/>\nDepending on the problem, it cannot be determined with certainty beforehand whether the target values can be derived from the inputs.<\/p>\n<p>The best option in such a case is indeed to &#8220;just try it out&#8221;.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Approach_to_network_attack_detection_using_Deep_Learning\"><\/span>Approach to network attack detection using Deep Learning<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Now, last but not least, let&#8217;s talk about how we want to take advantage of this for attack detection purposes.<br \/>\nThe overall goal is to capture the normal behavior of the computer network environment. This means that our network communication data must be processed and our neural network must be constructed in such a way that it can learn what basic characteristics define our data.<\/p>\n<p>There are several ways in which this can be technically implemented in the learning process.<br \/>\nGiven that an observation in the network is taken as input, two possible approaches are:<\/p>\n<ul>\n<li>to set the target value to observations after the input in time<\/li>\n<li>to set the target value equal to the input<\/li>\n<\/ul>\n<p>Option 1. is viable, since predicting future network behavior with sufficiently small error can be interpreted as successfully modeling computer network communication.<br \/>\nThe neural network must learn to &#8220;look into the future&#8221; and this is only possible with a basic understanding of computer network behavior.<\/p>\n<p>Variant 2. is equally valid, since here it must learn to recover from the various abstractions of the inputs across all layers the inputs themselves.<br \/>\nUsually neural networks in variant 2. are constructed in such a way that over the hidden layers compression and thus data loss is forced.<br \/>\nThis serves the forcing to extract only the relevant information from the inputs in order to learn from these alone to infer the inputs again.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\" wp-image-15381 aligncenter\" src=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Variants-300x214.png\" alt=\"\" width=\"847\" height=\"604\" srcset=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Variants-300x214.png 300w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Variants-1024x730.png 1024w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Variants-768x548.png 768w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Variants-24x17.png 24w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Variants-36x26.png 36w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Variants-48x34.png 48w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/Variants.png 1310w\" sizes=\"(max-width: 847px) 100vw, 847px\" \/><\/p>\n<p>The idea of using this design for attack detection is now as follows:<br \/>\nBehavior caused by an attack represents a deviation from the normal behavior of the computer network.<br \/>\nNamely, the behavior of the computer network in the case of an attack will have different characteristics and properties than the observed behavior in the case of harmless, daily network communication.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\" wp-image-15383 aligncenter\" src=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/AttPredFail-260x300.png\" alt=\"\" width=\"645\" height=\"744\" srcset=\"https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/AttPredFail-260x300.png 260w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/AttPredFail-889x1024.png 889w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/AttPredFail-768x885.png 768w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/AttPredFail-21x24.png 21w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/AttPredFail-31x36.png 31w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/AttPredFail-42x48.png 42w, https:\/\/testing.secuinfra.com\/wp-content\/uploads\/\/AttPredFail.png 1064w\" sizes=\"(max-width: 645px) 100vw, 645px\" \/><\/p>\n<p>At this moment, an increased error between the neural network outputs and the actual network observations is to be expected.<br \/>\nThe neural network does not &#8220;expect&#8221; this change, because in the course of the learning process it has not seen and learned behavior patterns in the network communication, which are caused by attacks.<br \/>\nThe increased error thus represents an indicator of a possible attack.<\/p>\n<p>Such a design allows in theory the detection of all attacks, provided they cause noticeable behavioral changes in the observed features.<br \/>\nA very nice approach but just as challenging because of the discussed aspect of universality in regard to attack detection, for example. Therefore, this is still an open research topic.<\/p>\n<p><strong>We hope that this article has given you an insight into the topic of anomaly and attack detection using Deep Learning.<\/strong><br \/>\n<strong>SECUINFRA will continue to research how artificial intelligence methods can be used for cybersecurity purposes.<\/strong><br \/>\n<strong>So that we can counter tomorrow&#8217;s threats today.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The increasing complexity of development of new attack methods or variants of already known ones pose challenges for signature-based detection methods. Additional approaches are needed that are capable of supporting such a system where signatures and rules can no longer be used effectively.<\/p>\n","protected":false},"author":13,"featured_media":27623,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[102,104,81,251],"tags":[],"dpc_coauthors":[],"class_list":["post-15393","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-deep-learning","category-network","category-techtalk","category-threat-detection"],"acf":[],"_links":{"self":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/15393","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/comments?post=15393"}],"version-history":[{"count":0,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/posts\/15393\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/media\/27623"}],"wp:attachment":[{"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/media?parent=15393"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/categories?post=15393"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/tags?post=15393"},{"taxonomy":"dpc_coauthors","embeddable":true,"href":"https:\/\/testing.secuinfra.com\/en\/wp-json\/wp\/v2\/dpc_coauthors?post=15393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}