Artificial Intelligence the Strategic Key of Cybersecurity

Abstract

Despite the fact that digital transformation introduces multiple advantages, it also introduces crucial security challenges, since it combines heterogeneous communications, the integration of digital devices, legacy technologies. In the case of power grid, in addition to damage to the availability, integrity and confidentiality of information; there may be manipulation and take control of assets through the infection of operational systems. In this context, powerful cybersecurity schemes and mechanisms that guarantee the safe transmission of information and the safe operation of assets are required. The goal is develop cyber security schemes and mechanisms based on intelligent cyber defense mechanisms that provide flexibility and self-learning capacity to support humans in the analysis and generation of containment measures against cyber-attacks. This paper presents the developed and validation of an Intrusion Detection and Prediction System (IDPS) based on individual classifiers and ensemble algorithms. The IDPS has demonstrated be an efficient countermeasure against several cyberattacks. The proposed IDPS uses J48 (decision tree), CLONAL-G (artificial immune system), bayesian classifier and ensemble algorithm and was validated with the KDDCup databases. The attacks in the data set are categorized into four attack types: DoS (denial-of-service attacks), R2L (root-to-local attacks), U2R (user-to-root attack), and Probe (probing attacks). The results show that the individual classifiers perform well for particular attack, so it was necessary to build an ensemble algorithm that combine the information from each classifier for better performance. The idea is not to rely on a single classifier for the decision, but rather individual information from different classifiers is combined to make the final decision.