Why it matters

The flow of digital information is expanding on a daily basis making it increasingly difficult to manage and structure it or even to separate what is important from what is superfluous.

Faced with this challenge, new promising breakthrough technologies are being developed to bring ‘data analytics’ to the next evolutionary level. Artificial Intelligence (AI), in particular, is expected to become significant in many fields. Some forms of AI enable machine learning like deep learning can be used to perform predictive analytics. Their potential for the defence domain is huge as AI solutions are expected to emerge in critical fields such as cyber defence, decision-support systems, risk management, pattern recognition, cyber situation awareness, projection, malware detection and data correlation to name but a few. 

We have already seen tremendous technological progress on self-driving cars where an analysis of the surrounding environment is made in real-time and AI systems steer cars autonomously under specific circumstances. One of the potential applications of AI in cyber defence may be to enable the setting up of self-configuring networks. It would mean that AI systems could detect vulnerabilities (software bugs) and perform response actions like self-patching. This opens new ways to strengthening communications and information systems security by providing network resilience, prevention and protection against cyber threats. Cyber experts agree that the human system integration is a key element that must be present in an AI cyber security system. If we take into account the high speed required to perform any cyber operation, it’s obvious that only machines are capable of reacting efficiently in the early stages of serious cyber-attacks. AI can thus overcome the shortfalls of traditional cyber security tools. It is also a powerful mechanism able to improve malware detection rates using a baseline of cyber intelligence data. AI cybersecurity systems can learn from indicators of compromise and may be able to match the characteristics of small clues even if they are scattered throughout the network. 

Another aspect relevant in building an AI enabled cyber defence could be the future implications of Quantum computing or high processing computers. This enhancement to support data-processing may increase the efficiency of algorithms. Algorithms are key components of running AI and may be tailored to counter complex cyber threats. An algorithm is a set of step-by-step instructions given to a computer to accomplish a specific task. AI may push this technology to another level, to achieve intelligent autonomous algorithms. To illustrate these research challenges, Facebook recently abandoned an AI experiment after ‘chatbots’ invented their own language which was not understandable by humans. Computer machines had demonstrated better skills than humans in playing chess or poker. This breakthrough technology is likely to be disruptive in many ways nobody can predict today. 

What the EDA does

The EDA organises ‘Cyber Innovation Days’ to provide Project Team Cyber Defence members and Cyber Research and Technology working group representatives with examples of European research efforts in the cyber defence domain and to foster discussion between and within academia, industry and the armed forces on relevant research and emerging research topics.

It is considered one of the initiatives to facilitate the necessary innovation in the cyber field. The EDA has included AI in the Cyber Strategic Research Agenda as a recognition of its high potential for defence and the tremendous impact it is likely to have on current state-of-the-art technologies.

The way ahead

The practical implementation of AI cyber security systems may lead to changes and new approaches on cyber system engineering and cyber defence architectures. 

New AI applications are emerging on Intent Based Network Security (IBNS), on AI platforms for cyber defence or immune computer systems which have the ability to self-adapt. On the other hand, the rise of AI-enabled cyber-attacks is expected to cause an increase of sophisticated cyber threats. Ongoing and future research activities should be explored in countering complex cyber threats, malware reverse engineering and projection to enhance a cyber situation awareness among many others.          

Previous article

Blockchain technology in defence

Next article

Robotics in defence