Securing Cyberspace: AI-Enabled Cyber-adversary Defense

Abstract

The proliferation of information technology (IT) has transformed modern society. However, IT has created significant vulnerabilities owing to its rapid development cycle. Adversaries can exploit these vulnerabilities using assets (the set of tools and techniques used by adversaries to conduct advanced cyber-attacks) to gain access to an organization's critical assets,networks, systems, and confidential data. Existing procedures for identifying, collecting, mitigating, and robustifying adversarial assets are often manual. Cyber analysts often cite these manual processes as their primary challenges. Furthermore, the cyber threat intelligence (CTI) provided by these procedures is often reactive after a breach has occurred. Therefore, automating proactive collection, identification, mitigation, and robustification against adversarial assets is critical for proactive CTI and for improving organizational cybersecurity. This dissertation proposes four essays that utilize state-of-the-art deep learning techniques to automate the analysis of adversary assets and enhance CTI. Essay I uses text classification with deep transfer learning to categorize adversary assets based on their attack vectors. Essay II adopts principles of text classification with multi-teacher knowledge distillation to link adversary assets to mitigation strategies in the MITRE ATT&CK framework. Essay III leverages text generation and adversarial training to robustify AI models against adversarial assets. Finally, Essay IV adopts AI-enabled audio generation and classification techniques to protect against adversarial assets in the audio domain. All four essays contribute significant practical implications and add to the information systems knowledge base. By automating and improving adversary asset analysis, this research can provide organizations with a proactive approach to identifying, mitigating, and robustifying against adversarial assets.