Svoboda | Graniru | BBC Russia | Golosameriki | Facebook
skip to main content
Advanced Search

Trailblazing the Artificial Intelligence for Cybersecurity Discipline: A Multi-Disciplinary Research Roadmap

Authors: Sagar Samtani, Murat Kantarcioglu, Hsinchun ChenAuthors Info & Claims
ACM Transactions on Management Information Systems (TMIS), Volume 11, Issue 4
Article No.: 17, Pages 1 - 19
https://doi.org/10.1145/3430360
Published: 02 December 2020 Publication History
Metrics
Total Citations40
Total Downloads5,755
Last 12 Months1,906
Last 6 weeks184
All formatsPDF

Abstract

Cybersecurity has rapidly emerged as a grand societal challenge of the 21st century. Innovative solutions to proactively tackle emerging cybersecurity challenges are essential to ensuring a safe and secure society. Artificial Intelligence (AI) has rapidly emerged as a viable approach for sifting through terabytes of heterogeneous cybersecurity data to execute fundamental cybersecurity tasks, such as asset prioritization, control allocation, vulnerability management, and threat detection, with unprecedented efficiency and effectiveness. Despite its initial promise, AI and cybersecurity have been traditionally siloed disciplines that relied on disparate knowledge and methodologies. Consequently, the AI for Cybersecurity discipline is in its nascency. In this article, we aim to provide an important step to progress the AI for Cybersecurity discipline. We first provide an overview of prevailing cybersecurity data, summarize extant AI for Cybersecurity application areas, and identify key limitations in the prevailing landscape. Based on these key issues, we offer a multi-disciplinary AI for Cybersecurity roadmap that centers on major themes such as cybersecurity applications and data, advanced AI methodologies for cybersecurity, and AI-enabled decision making. To help scholars and practitioners make significant headway in tackling these grand AI for Cybersecurity issues, we summarize promising funding mechanisms from the National Science Foundation (NSF) that can support long-term, systematic research programs. We conclude this article with an introduction of the articles included in this special issue.

References

[1]
Ahmed Abbasi, Suprateek Sarker, and Roger Chiang. 2016. Big data research in information systems: Toward an inclusive research agenda. J. Assoc. Inf. Syst. 17, 2 (2016), I--XXXII.
Crossref
Google Scholar
[2]
Ahmed Abbasi, Zhu Zhang, David Zimbra, Hsinchun Chen, and Jay F Nunamaker. 2010. Detecting fake websites: The contribution of statistical learning theory. MIS Q. (2010), 435--461.
Google Scholar
[3]
Nolan Arnold, Mohammadreza Ebrahimi, Ning Zhang, Ben Lazarine, Mark Patton, Hsinchun Chen, and Sagar Samtani. 2019. Dark-net ecosystem cyber-threat intelligence (CTI) tool. In 2019 IEEE International Conference on Intelligence and Security Informatics (ISI’19).
Crossref
Google Scholar
[4]
Indranil Bardhan, Hsinchun Chen, and Elena Karahanna. 2020. Connecting systems, data, and people: A multidisciplinary research roadmap for chronic disease management. MIS Q. 44, 1 (2020), 185--200.
Google Scholar
[5]
Katy Börner and David E. Polley. 2014. Visual Insights: A Practical Guide to Making Sense of Data. MIT Press.
Google Scholar
[6]
Matt Bromiley. 2016. Threat intelligence: What it is, and how to use it effectively. SANS Institute. Retrieved June 5, 2017, from https://www.sans.org/reading-room/whitepapers/analyst/threat-intelligence-is-effectively-37282.
Google Scholar
[7]
Miles Brundage, Shahar Avin, Jack Clark, Helen Toner, Peter Eckersley, Ben Garfinkel, Allan Dafoe, Paul Scharre, Thomas Zeitzoff, Bobby Filar, Hyrum Anderson, Heather Roff, Gregory C. Allen, Jacob Steinhardt, Carrick Flynn, Seán Ó HÉigeartaigh, Simon Beard, Haydn Belfield, Sebastian Farquhar, Clare Lyle, Rebecca Crootof, Owain Evans, Michael Page, Joanna Bryson, Roman Yampolskiy, and Dario Amodei. 2018. The malicious use of artificial intelligence: Forecasting, prevention, and mitigation. (February 2018). Retrieved from http://arxiv.org/abs/1802.07228
Google Scholar
[8]
Hsinchun Chen. 2012. Dark Web: Exploring and Data Mining the Dark Side of the Web. Springer New York, New York, NY.
Crossref
Google Scholar
[9]
Hsinchun Chen, Roger H. L. Chiang, and Veda C. Storey. 2012. Business intelligence and analytics: From big data to big impact. MIS Q. 36, 4 (2012), 1165--1188.
Crossref
Google Scholar
[10]
Ronan Collobert and Jason Weston. 2008. A unified architecture for natural language processing: Deep neural networks with multitask learning. In Proceedings of the 25th International Conference on Machine learning (ICML’08), 160--167.
Digital Library
Google Scholar
[11]
Mengnan Du, Ninghao Liu, and Xia Hu. 2019. Techniques for interpretable machine learning. Commun. ACM 63, 1 (2019), 68--77.
Digital Library
Google Scholar
[12]
Po-Yi Du, Ning Zhang, Mohammedreza Ebrahimi, Sagar Samtani, Ben Lazarine, Nolan Arnold, Rachael Dunn, Sandeep Suntwal, Guadalupe Angeles, Robert Schweitzer, and Hsinchun Chen. 2018. Identifying, collecting, and presenting hacker community data: Forums, IRC, carding shops, and DNMs. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI’18), 70--75.
Crossref
Google Scholar
[13]
Malaka El, Emma McMahon, Sagar Samtani, Mark Patton, and Hsinchun Chen. 2017. Benchmarking vulnerability scanners: An experiment on SCADA devices and scientific Instruments. In 2017 IEEE International Conference on Intelligence and Security Informatics (ISI’17), 83--88.
Crossref
Google Scholar
[14]
Katheryn A. Farris, Ankit Shah, George Cybenko, Rajesh Ganesan, and Sushil Jajodia. 2018. VULCON: A system for vulnerability prioritization, mitigation, and management. ACM Trans. Priv. Secur. 21, 4 (2018), 1--28.
Digital Library
Google Scholar
[15]
Ian J. Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, and Yoshua Bengio. 2014. Generative adversarial nets. In Advances in Neural Information Processing Systems.
Google Scholar
[16]
Shirley Gregor and Alan R. Hevner. 2013. Positioning and presenting design science research for maximum impact. MIS Q. 37, 2 (2013), 337--355.
Digital Library
Google Scholar
[17]
John Grisham, Sagar Samtani, Mark Patton, and Hsinchun Chen. 2017. Identifying mobile malware and key threat actors in online hacker forums for proactive cyber threat intelligence. In 2017 IEEE International Conference on Intelligence and Security Informatics (ISI’17), 13--18.
Crossref
Google Scholar
[18]
Christopher R. Harrell, Mark Patton, Hsinchun Chen, and Sagar Samtani. 2018. Vulnerability assessment, remediation, and automated reporting: Case studies of higher education institutions. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI’18).
Crossref
Google Scholar
[19]
Hemant Jain, Balaji Padmanabhan, Paul A. Pavlou, and Raghu T. Santanam. 2018. Humans, algorithms, and augmented intelligence: The future of work, organizations, and society. Inf. Syst. Res. 29, 1 (2018), 250--251.
Crossref
Google Scholar
[20]
Anne Johnson and Emily Grumbling (Eds.). 2019. Implications of Artificial Intelligence for Cybersecurity. National Academies Press, Washington, DC.
Crossref
Google Scholar
[21]
Yann LeCun, Yoshua Bengio, and Geoffrey Hinton. 2015. Deep learning. Nature 521, 7553 (2015), 436--444.
Crossref
Google Scholar
[22]
Qing Li and Gregory Clark. 2015. Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges. John Wiley 8 Sons, Inc., Indianapolis, IN.
Crossref
Google Scholar
[23]
Yunji Liang, Sagar Samtani, Bin Guo, and Zhiwen Yu. 2020. Behavioral biometrics for continuous authentication in the internet-of-things era: An artificial intelligence perspective. IEEE Internet Things J. 7, 9 (2020), 9128--9143.
Crossref
Google Scholar
[24]
Raffael Marty. 2008. Applied Security Visualization. Addison-Wesley Professional.
Digital Library
Google Scholar
[25]
National Science and Technology Council. 2019. The National Artificial Intelligence Research and Development Strategic Plan: 2019 Update. Washington, DC. Retrieved from https://www.nitrd.gov/pubs/National-AI-RD-Strategy-2019.pdf.
Google Scholar
[26]
National Science Foundation. 2019. National artificial intelligence (AI) research institutes (2019). nsf20503 | NSF -- national science. Retrieved from https://www.nsf.gov/pubs/2020/nsf20503/nsf20503.pdf.
Google Scholar
[27]
Jay F. Nunamaker, Nathan W. Twyman, Justin Scott Giboney, and Robert O. Briggs. 2017. Creating high-value real-world impact through systematic programs of research. MIS Q. 41, 2 (2017), 335--351.
Digital Library
Google Scholar
[28]
Jay F. Nunamaker, Minder Chen, and Titus D. M. Purdin. 1990. Systems development in information systems research. J. Manag. Inf. Syst. 7, 3 (1990), 89--106.
Digital Library
Google Scholar
[29]
Alessandro Parisi. 2019. Hands-On Artificial Intelligence for Cybersecurity: Implement Smart AI Systems for Preventing Cyber Attacks and Detecting Threats and Network Anomalies. Packt Publishing, Birmingham, UK.
Google Scholar
[30]
Ken Peffers, Tuure Tuunanen, Marcus A. Rothenberger, and Samir Chatterjee. 2007. A design science research methodology for information systems research. J. Manag. Inf. Syst. 24, 3 (2007), 45--77.
Digital Library
Google Scholar
[31]
Arun Rai. 2020. Explainable AI: From black box to glass box. J. Acad. Mark. Sci. 48, 1 (2020), 137--141.
Crossref
Google Scholar
[32]
Arun Rai, Panos Constantinides, and Saonee Sarker. 2018. Editor's comments: Next-generation digital platforms: Toward human--AI hybrids. MIS Q. 43, 1 (2018), iii--ix.
Google Scholar
[33]
S. Samtani, H. Zhu, and H. Chen. 2020. Proactively identifying emerging hacker threats from the dark web. ACM Trans. Priv. Secur. 23, 4 (2020), 1--33.
Digital Library
Google Scholar
[34]
Sagar Samtani, Maggie Abate, Victor Benjamin, and Weifeng Li. 2020. Cybersecurity as an industry: A cyber threat intelligence perspective. In The Palgrave Handbook of International Cybercrime and Cyberdeviance.
Crossref
Google Scholar
[35]
Sagar Samtani, Kory Chinn, Cathy Larson, and Hsinchun Chen. 2016. Azsecure hacker assets portal: Cyber threat intelligence and malware analysis. In 2016 IEEE Conference on Intelligence and Security Informatics (ISI’16), 19--24.
Digital Library
Google Scholar
[36]
Sagar Samtani, Ryan Chinn, and Hsinchun Chen. 2015. Exploring hacker assets in underground forums. In 2015 IEEE International Conference on Intelligence and Security Informatics (ISI’15), 31--36.
Crossref
Google Scholar
[37]
Sagar Samtani, Ryan Chinn, Hsinchun Chen, and Jay F. Nunamaker. 2017. Exploring emerging hacker assets and key hackers for proactive cyber threat intelligence. J. Manag. Inf. Syst. 34, 4 (2017), 1023--1053.
Crossref
Google Scholar
[38]
Sagar Samtani, Shuo Yu, Hongyi Zhu, Mark Patton, and Hsinchun Chen. 2016. Identifying SCADA vulnerabilities using passive and active vulnerability assessment techniques. In 2016 IEEE Conference on Intelligence and Security Informatics (ISI’16), 25--30.
Digital Library
Google Scholar
[39]
Sagar Samtani, Hongyi Zhu, Balaji Padmanabhan, Yidong Chai, and Hsinchun Chen. 2020. Deep learning for information systems research. (October 2020). Retrieved from http://arxiv.org/abs/2010.05774
Google Scholar
[40]
Joshua Saxe and Hillary Sanders. 2018. Malware Data Science: Attack Detection and Attribution. No Starch Press, San Francisco, CA.
Google Scholar
[41]
Ben Shneiderman, Catherine Plaisant, Maxine Cohen, Steven Jacobs, Niklas Elmqvist, and Nicholas Diakopoulos. 2016. Designing the User Interface: Strategies for Effective Human-Computer Interaction (6th ed.). Pearson.
Digital Library
Google Scholar
[42]
Mark Stamp. 2017. Introduction to Machine Learning with Applications in Information Security. CRC Press, Taylor 8 Francis Group, Boca Raton, FL.
Google Scholar
[43]
Yonghui Xu, Sinno Jialin Pan, Hui Xiong, Qingyao Wu, Ronghua Luo, Huaqing Min, and Hengjie Song. 2017. A unified framework for metric transfer learning. IEEE Trans. Knowl. Data Eng. 29, 6 (2017), 1158--1171.
Digital Library
Google Scholar
[44]
Qiang Yang, Yang Liu, Tianjian Chen, and Yongxin Tong. 2019. Federated machine learning. ACM Trans. Intell. Syst. Technol. 10, 2 (2019), 1--19.
Digital Library
Google Scholar
[45]
Jason Yosinski, Jeff Clune, Yoshua Bengio, and Hod Lipson. 2014. How transferable are features in deep neural networks? In Advances in Neural Information Processing Systems.
Google Scholar
[46]
Hongyi Zhu, Sagar Samtani, Randall Brown, and Hsinchun Chen. 2020. A Deep Learning approach for recognizing activity of daily living (ADL) for senior care: Exploiting interaction dependency and temporal patterns. MIS Q. (2020), Forthcoming. Retrieved from https://ssrn.com/abstract=3595738.
Google Scholar
[47]
Hongyi Zhu, Sagar Samtani, Hsinchun Chen, and Jay F. Nunamaker. 2020. Human identification for activities of daily living: A deep transfer learning approach. J. Manag. Inf. Syst. 37, 2 (2020), 457--483.
Crossref
Google Scholar

Cited By

View all
  • Rich MAiken M(2024)An Interdisciplinary Approach to Enhancing Cyber Threat Prediction Utilizing Forensic Cyberpsychology and Digital ForensicsForensic Sciences10.3390/forensicsci40100084:1(110-151)Online publication date: 4-Mar-2024
    https://doi.org/10.3390/forensicsci4010008
  • Samtani SRaff EAnderson H(2024)Applied Machine Learning for Information SecurityDigital Threats: Research and Practice10.1145/36520295:1(1-5)Online publication date: 11-Mar-2024
    https://dl.acm.org/doi/10.1145/3652029
  • Ullman SAmpel BSamtani SYang SChen HBaeza-Yates RBonchi F(2024)The 4th Workshop on Artificial Intelligence-enabled Cybersecurity AnalyticsProceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining10.1145/3637528.3671494(6741-6742)Online publication date: 25-Aug-2024
    https://dl.acm.org/doi/10.1145/3637528.3671494
  • Show More Cited By

Recommendations

  • AI vs. AI: Exploring the Intersections of AI and Cybersecurity

    IWSPA '21: Proceedings of the 2021 ACM Workshop on Security and Privacy Analytics

    The future of cybersecurity will pit AI against AI. In this talk, we explore the role of AI in strengthening security defenses as well as the role of security in protecting AI services. We expect that the scale, scope and frequency of cyber attacks will ...

  • Artificial Intelligence for next generation cybersecurity: The AI4CYBER framework

    ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security

    Artificial Intelligence (AI) is playing a crucial role both in the technological advances and emerging advanced threats in cybersecurity. Despite efforts by competent authorities in Europe to regulate the use of AI in a way that aligns with the ethics ...

  • The 4th Workshop on Artificial Intelligence-enabled Cybersecurity Analytics

    KDD '24: Proceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining

    Cybersecurity remains a grand societal challenge. Large and constantly changing attack surfaces are non-trivial to protect against malicious actors. Entities like the United States and the European Union have recently emphasized the value of Artificial ...

Comments

Information & Contributors

Information

Published In

ACM Transactions on Management Information Systems  Volume 11, Issue 4
Special Issue on Analytics for Cybersecurity and Privacy, Part 1
December 2020
244 pages
ISSN:2158-656X
EISSN:2158-6578
DOI:10.1145/3426166
Issue’s Table of Contents
Copyright © 2020 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 December 2020
Accepted: 01 November 2020
Revised: 01 November 2020
Received: 01 October 2020
Published in TMIS Volume 11, Issue 4

Permissions

Request permissions for this article.
Request Permissions

Check for updates

Author Tags

  1. Cybersecurity
  2. adversarial machine learning
  3. analytics
  4. artificial intelligence
  5. cyber threat intelligence
  6. disinformation
  7. security operations centers

Qualifiers

  • Introduction
  • Research
  • Refereed

Funding Sources

  • National Science Foundation

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1,906
  • Downloads (Last 6 weeks)184
Reflects downloads up to 02 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all
  • Rich MAiken M(2024)An Interdisciplinary Approach to Enhancing Cyber Threat Prediction Utilizing Forensic Cyberpsychology and Digital ForensicsForensic Sciences10.3390/forensicsci40100084:1(110-151)Online publication date: 4-Mar-2024
    https://doi.org/10.3390/forensicsci4010008
  • Samtani SRaff EAnderson H(2024)Applied Machine Learning for Information SecurityDigital Threats: Research and Practice10.1145/36520295:1(1-5)Online publication date: 11-Mar-2024
    https://dl.acm.org/doi/10.1145/3652029
  • Ullman SAmpel BSamtani SYang SChen HBaeza-Yates RBonchi F(2024)The 4th Workshop on Artificial Intelligence-enabled Cybersecurity AnalyticsProceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining10.1145/3637528.3671494(6741-6742)Online publication date: 25-Aug-2024
    https://dl.acm.org/doi/10.1145/3637528.3671494
  • Mahboubi ALuong KAboutorab HBui HJarrad GBahutair MCamtepe SPogrebna GAhmed EBarry BGately H(2024)Evolving techniques in cyber threat hunting: A systematic reviewJournal of Network and Computer Applications10.1016/j.jnca.2024.104004232(104004)Online publication date: Dec-2024
    https://doi.org/10.1016/j.jnca.2024.104004
  • Alaeifar PPal SJadidi ZHussain MFoo E(2024)Current approaches and future directions for Cyber Threat Intelligence sharing: A surveyJournal of Information Security and Applications10.1016/j.jisa.2024.10378683(103786)Online publication date: Jun-2024
    https://doi.org/10.1016/j.jisa.2024.103786
  • Sarker IJanicke HMohsin AGill AMaglaras L(2024)Explainable AI for cybersecurity automation, intelligence and trustworthiness in digital twin: Methods, taxonomy, challenges and prospectsICT Express10.1016/j.icte.2024.05.007Online publication date: May-2024
    https://doi.org/10.1016/j.icte.2024.05.007
  • Manatova DDeVries CSamtani S(2024)Understand your shady neighborhood: An approach for detecting and investigating hacker communitiesDecision Support Systems10.1016/j.dss.2024.114271184(114271)Online publication date: Sep-2024
    https://doi.org/10.1016/j.dss.2024.114271
  • Han XXiao SSheng JZhang G(2024)Enhancing Efficiency and Decision-Making in Higher Education Through Intelligent Commercial Integration: Leveraging Artificial IntelligenceJournal of the Knowledge Economy10.1007/s13132-024-01868-2Online publication date: 15-May-2024
    https://doi.org/10.1007/s13132-024-01868-2
  • Nobles C(2023)Offensive Artificial Intelligence in CybersecurityReal-World Solutions for Diversity, Strategic Change, and Organizational Development10.4018/978-1-6684-8691-7.ch021(348-363)Online publication date: 30-Jun-2023
    https://doi.org/10.4018/978-1-6684-8691-7.ch021
  • Iturbe ERios ERego AToledo N(2023)Artificial Intelligence for next generation cybersecurity: The AI4CYBER frameworkProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3605051(1-8)Online publication date: 29-Aug-2023
    https://dl.acm.org/doi/10.1145/3600160.3605051
  • Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Get Access

Login options

Full Access

Get this Article

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media

Download PDF
View Issue’s Table of Contents