"New AI Model Aims to Plug Key Gap in Cybersecurity Readiness"
A team of scientists from the Department of Energy's (DOE) Pacific Northwest National Laboratory (PNNL), Purdue University, Carnegie Mellon University (CMU), and Boise State University has turned to Artificial Intelligence (AI), threading together three large databases of information regarding computer vulnerabilities, weaknesses, and likely attack patterns. The AI-based model automatically links vulnerabilities with specific attack vectors that adversaries may use to compromise computer systems. The work should help defenders detect and prevent attacks more frequently and promptly. A portion of the work is now available on GitHub as open source. The team will release the remaining code soon. The new AI model uses Natural Language Processing (NLP) and supervised learning to connect information in three different cybersecurity databases. The team's model automatically links vulnerabilities to the corresponding weaknesses with an accuracy of up to 87 percent, and links weaknesses to the appropriate attack patterns with an accuracy of up to 80 percent. According to the researchers, these numbers are significantly better than what current tools provide, but they warn that their new methods still need to be tested more widely. This article continues to discuss the new AI model developed to improve threat prioritization and spot attacks more quickly.