ML for Bot Management

What are the main challenges and opportunities of using AI and machine learning for Cybersecurity?

At VerifiedVisitors we use virtual armies of highly automated agents (Service Workers or Lambdas) at the edge of network that respond dynamically to threats. Think of your immune system, constantly working in the background to protect us.

✅ This becomes a complete game changer for those still writing WAF rules and deciphering log data. This conditional security layer, only gets triggered by the actual behaviour of the attackers, just as your white blood cells do today.

✅ The defence works by setting the appropriate policy first. For example you may have zero tolerance on critical paths such as your login paths. Once the policy is set, the AI/ML goes into operation automatically and takes the appropriate defensive actions, dynamically according to the threat.

✅ The Huge opportunity is dynamic defence, automation of policy, and constant protection and surveillance to establish zero trust at the network edge.

What are the threats?

❌ Web versions of ChatGPT such as AgentGPT assemble, configure, and deploy autonomous AI Agents in your browser. Combine these highly intelligent agents, with for example a botnet or P2P residential managed proxy service and you have automated agents that are extremely hard to detect. At the moment AgentGPT is really useful for example, to scan flights and prices for an upcoming vacation. It's not hard to see how such technology can be used for malicious purposes.

❌ These type of agents require no programming, and when combined with a Bot as a Service platform, using massive proxies to rotate millions of IP and user agents, they can take a sophisticated bot attack to new levels with zero technical knowledge, infrastructure or set-up, all from a laptop anywhere in the world.

❌ Already Bots as a service platforms advertise they breach 99% of defences and can scrape data from APIs and websites. However, for sites with bot defences, they still need a templated script, advanced honeypot mitigation and sometimes custom scripts to work for each target site. In the future they might not.

❌ The speed of development of these AI tools is extremely rapid. Security professionals typically don't have AI/ML skills in their wheelhouse. Training, education, risk assessments from the new threat landscape are all urgently required.

✅ Where are we heading? At VerifiedVisitors we're always looking ahead, using our Red Team to use the latest tech stacks and feed back the intelligence into our detectors. It's a continuous process, of refining our detectors, measuring efficacy and re-iterating on our models.

Photo by Sean Benesh on Unsplash