With online threats on the rise around the world, one Fordham professor is working on a potentially revolutionary way to head them off and stay one step ahead of the cybercriminals. And it has a lot to do with the tech that powers everyday programs like ChatGPT.
That tech, called generative AI, holds the key to a new system “that not only anticipates potential attacks but also prepares systems to counteract previously unseen cyberthreats,” said Mohamed Rahouti, Ph.D., assistant professor in the computer and information science department and one of Fordham’s IBM research fellows.
He and a crew of graduate students are working on new systems that, he said, are needed to get ahead of sophisticated attacks that are constantly evolving. Their focus is a type of easy-to-launch attack that has proved crippling to companies and government agencies ever since the internet began.
Denial of Service Attacks
Cybercriminals sometimes overwhelm and freeze a company’s or government agency’s computer systems by bombarding them with way more internet traffic than they can handle, using multiple computers or multiple online accounts. This is known as a distributed denial of service attack, or DDOS.
A typical attack could cost a company $22,000 a minute, he said. Nearly 30,000 of them take place every day around the world. Many of them are foiled by programs that use machine learning and artificial intelligence.
But those programs don’t always know what to look for, since they typically rely on snapshots of past traffic, Rahouti said. Another challenge is the growing number of internet-connected devices, from smart watches to autonomous vehicles, that could provide cybercriminals with new avenues for attack.
Generative AI
Hence the research into using generative AI, which could produce a far wider range of possible attack scenarios by working upon computer traffic data to make new connections and predictions, he said. When it’s trained using the scenarios produced by generative AI, “then my machine learning/AI model will be much more capable of detecting the different types of DDOS attacks,” Rahouti said.
To realize this vision, Rahouti and his team of graduate students are working on several projects. They recently used generative AI and other techniques to expand upon a snapshot of network traffic data and create a clearer picture of what is and isn’t normal. This helps machine learning programs see what shouldn’t be there. “We were amazed at the quality of this enhanced picture,” Rahouti said.
This bigger dataset enabled their machine learning model to spot low-profile attacks it had previously missed, he said.
Large Language Models
For their next project, they’re studying a large language model—the kind that powers ChatGPT—for ideas about how generative AI can be applied to cybersecurity. They’re using InstructLab, an open-source tool launched by IBM and Red Hat in May.
With all the companies and university researchers invested in new uses for generative AI, Rahouti is optimistic about its future applications in cybersecurity. The goal is to develop a system that runs on its own in the background, detecting both existing and emerging threats without being explicitly told what to look for.
“At present, we don’t have a fully autonomous system with these capabilities,” Rahouti said, “but advancements in AI and machine learning are moving us closer to achieving this level of real-time, adaptive cybersecurity.”
