Machine Learning in Cybersecurity: A Guide

Abstract

Decision-makers should ask certain questions before employing machine-learning (ML) or artificial intelligence (AI) solutions and receive satisfactory answers. This document suggests important questions when employing ML or AI in cybersecurity and outlines what a satisfactory answer should contain. We focus on questions about quality and usefulness. The questions we discuss are: 1. What are you trying to find out? 2. What information is needed to answer the target question? 3. How do you anticipate that the ML/AI tool will address that question? 4. Is the design of the ML/AI tool robust to the well-known attacks against ML/AI in our adversarial, cybersecurity environment? 5. How can the input datas bias be managed? 6. Does the evaluation of the ML/AI tool properly account for well-known study design errors and biases?7. What alternative tools have you considered? What are the advantages and disadvantages of each?

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Feb 01, 2019
Accession Number
AD1088210

Entities

People

  • Jonathan M. Spring
  • Joshua Fallon
  • Leigh Metcalf

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Air Platforms
  • Autonomy
  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Aircrafts
  • Artificial Intelligence
  • Biological Sciences
  • Computers
  • Cybersecurity
  • Electronic Mail
  • Engineering
  • Information Security
  • Kernels (Operating System)
  • Machine Learning
  • Malware
  • Military Aircraft
  • Operating Systems
  • Security
  • Software Development
  • Test And Evaluation
  • Training

Fields of Study

  • Computer science

Readers

  • Distributed Systems and Data Platform Development
  • Environmental Engineering
  • Systems Analysis and Design

Technology Areas

  • AI & ML
  • AI & ML - DoD AI Strategy
  • AI & ML - Information Retrieval
  • AI & ML - Neural Networks
  • Cyber