Everything the IT Security Channel Needs to Know About Machine Learning

Everything the IT Security Channel needs to know about Machine Learning

What is it that you think of when reading or hearing the term “machine learning”? Chess playing robots? That gadget that cuts the grass of your lawn while you enjoy your new-found spare time? or the terminator relentless chasing Sarah Connor through a movie franchise and TV series?

These things are often viewed with a distance, but what would you say if I said that there are likely to be aspects of machine learning in yours and your customer IT networks today?

Maybe we should take a step back first and cover the basics.

What is Machine Learning?

Machine learning, sometimes abbreviated as ML is an aspect of a broader term you are probably already familiar with; AI or Artificial Intelligence.

[You may be curious to check out “What is the difference between Artificial Intelligence, Machine Learning and Deep Learning]

Specifically, machine learning is an algorithm which creates a system of predicting ever increasingly accurate outcomes, based on input data, as it becomes available.

An almost perfectly relatable example of machine learning is online shopping and advertising. You will more than likely have discovered that online advertising becomes increasingly targeted the more you browse online retailer sites, use search engines to research products and mention them in email communications.

The more you feed the machine learning algorithm with data, the more accurate its predictions become.

What are the Different Types of Machine Learning?

While machine learning describes a very specific method of dynamic outcome generation, there are a number of different types of machine learning. Some of which include:

  • – Decision Tree Machine Learning – Much like those magazine diagrams which you answer yes or no to, to come to a conclusion, machine learning can analyse and discover the logical path between questions and answers to determine the most efficient path.
  • – X-Means Clustering – Whereby characteristics or symptoms of X help to discover X. For example, a medical diagnosis; we start without knowing the illness and arrive at an answer by narrowing down the possibilities by the symptoms.
  • – Reinforced Learning – Capitalises on the speed of modern machines by running multiple yet slightly different models, to determine the most favourable outcome.
  • – Neural Networks – An encroachment into another topic, deep learning. Where a machine is fed vast amounts of independent data sources, which it then links, much like the way the human brain functions.

Where is Machine Learning Currently in Use?

The term machine learning is probably much broader than you had originally thought. Infact machines which could learn to play Chess and Go using machine learning algorithms have been around for over 30 years.

Specifically in the IT and IT security channel, the following machine learning uses have been observed:

  • – Email and Web Filtering Solutions – Learn based on content, following URLs and executing attachments of downloaded files in sandboxes.
  • – Network Security Solutions – Baseline networks over a period of time to discover a state of “normal” and provide warning should that state change.
  • – Automation Solutions – Observe a pattern of human initiated behaviour over time and then replay them to save time.
  • – User Behaviour and Analytics – Much like network security solutions, baseline normal human behaviour and access in your network and provide warning if something appears outside of the norm.

Of course, this list is not limited to the above.

[You may also be interested to read “Artificial Intelligence Will Save Encryption from Irrelevance“]

Why Should IT Administrators be Thinking of Machine Learning?

There are many occasions in my career where I have witnessed a cool solution which has no application. It is of course a shame to see innovation go to waste, but critical that there is a need. Otherwise, it serves no purpose.

Therefore the number one question when looking at machine learning from the perspective of an IT Administrator is, what problem does this solve?

There are two fundamental benefits to machine learning, which are both intrinsically linked.

The first is the saved time and resource gained by increasing automation and speed; machine learning algorithms are much faster than their human equivalent and reduce some of the mindless and repetitive tasks that resources might currently be used on.

Secondly, based on that speed, the insights which machine learning algorithms have are unparalleled. For example, machine learning algorithms are now used to detect and determine new strands of malware and are able to determine the intention of code much faster and with better accuracy the more it encounters samples.

And in our fast-paced world where everything must increase in speed exponentially, it remains as infallible as possible, but there doesn’t appear to be much space for the human being.

It is a case of keep-up or lose out.