WOLKITE UNIVERSITY

COLLAGE OF COMPUTING AND

INFORMATICS
DEPARTEMENT OF COMPUTER SCIENCE

RESEARCH PROPOSAL

TITLE: Impact Of AI On Improving Cybersecurity Measures

Group members…………………………. Id

1.Israel Beyene…………………… NSR/1181/13

2.Lema Tadesse…………………. . NSR/1327/13
3.Dejene Habtemariam………… … NSR/063713
4.Senessa Assefa ……………………. NSR/1872/13
5.Dominic Luang Peter ……………. NSR/2542/13
Table of Contents

ABSTRACT...................................................................................................................1

INTRODUCTION..........................................................................................................1

STATEMENT OF PROBLEM......................................................................................2

OBJECTIVE...................................................................................................................3

GENERAL OBJECTIVE:..............................................................................................3

SPECIFIC OBJECTIVE:...............................................................................................3

LITERATURE REVIEW...............................................................................................4

METHODOLOGY.......................................................................................................10

Expected Outcomes:.....................................................................................................11

SIGNIFICANCE OF THE PROJECT.........................................................................12

DURATION AND PLAN OF ACTION:.....................................................................14

BUDGET OR COST:...................................................................................................15

REFERENCES.............................................................................................................16
ABSTRACT

As the digitization of our world progresses, cyber criminals have an expanding

landscape to carry out their attacks. The field of Artificial Intelligence (AI) has seen
advancements that are being utilized by both attackers and defenders in the realm of
network security. This raises the question: what steps should cybersecurity companies
take to outwit these criminals? In order to delve into this matter and explore its future,
a study was conducted, drawing upon existing literature on the use of AI in the
cybersecurity industry. Additionally, insights from professionals currently working in
the field were gathered through a survey and interviews. The objective of this study is
to inform the public about the present role of AI in the industry, considering that it is a
relatively new development gradually gaining wider acceptance. Initial research
suggests that AI may hold the key to thwarting these criminals. However, there are
significant topics to discuss, such as how cyber attackers are employing this
technology, its integration into defense mechanisms, and the industry challenges that
may impede its rapid growth. Nevertheless, as cyberattacks continue to evolve, AI
will play a crucial role in achieving victory in this technological arms race.
INTRODUCTION

In today's technologically driven world, our lives are heavily intertwined with the
internet and mobile devices. The COVID-19 pandemic has further accelerated the
shift towards online platforms for various aspects of daily life. However, this
increased reliance on technology has also given rise to a growing threat from cyber
criminals seeking to exploit vulnerabilities and gain unauthorized access to our
personal and business information. Protecting ourselves and our assets from this
significant threat has become paramount. As a result, cybersecurity has become
increasingly important in safeguarding the devices that are central to our lives,
whether it's our social media accounts or business networks. The need for enhanced
security measures has become crucial as cyber attacks have become more
sophisticated, leveraging evolving AI technologies, such as ChatGPT, to carry out
malicious activities. Artificial Intelligence holds the potential to provide the security
solutions we require to safeguard what we hold dear. The purpose of this research is
to educate the general public about the ongoing trends in the technological landscape,
raising awareness of the advancements being made and enabling individuals to
implement them for their own security, be it in their businesses or homes. This
research serves to highlight the continuous evolution of both security measures and
cyber attacks, urging individuals to remain vigilant and prepared for what the future
may hold. The thesis aims to consolidate prior research on the subject, while also
incorporating insights from professionals actively engaged in this ever-changing
industry.

1
STATEMENT OF PROBLEM

This research focuses on exploring the extensive potential of Artificial Intelligence

(AI) in revolutionizing the cybersecurity industry. The ever-evolving landscape of
cybersecurity poses significant challenges for organizations and individuals alike, as
cyber threats become more sophisticated and complex. In response to this escalating
threat landscape, AI presents a promising solution by augmenting and enhancing
traditional cybersecurity approaches. The thesis aims to explore the following
overarching questions:
1. What is the current state of AI in the cybersecurity industry, and what are the
future possibilities and directions?
2. What are the overarching challenges and barriers that hinder the widespread
adoption and implementation of AI in cybersecurity practices?
3. How do malicious actors exploit the capabilities of AI, and what are the broader
implications for cybersecurity as a whole?
By examining these broad questions, the thesis seeks to provide a comprehensive
understanding of the transformative potential of AI in cybersecurity, the challenges
associated with its integration, and the broader impact of AI-driven attacks on the
cybersecurity landscape.

OBJECTIVE

The objective of this thesis is to comprehensively investigate the potential of Artificial

Intelligence (AI) as a game changer in the cybersecurity industry. The thesis aims to
achieve the following objectives:

GENERAL OBJECTIVE:

Provide a comprehensive understanding of the transformative potential of AI in the

cybersecurity domain, encompassing technological advancements, challenges,

2
evaluation of existing solutions, implications of AI-driven attacks, and ethical
considerations.

SPECIFIC OBJECTIVE:

 Assess the current state of AI in the cybersecurity industry, examining its existing
applications, advancements, and potential future developments.

 Identify and analyze the challenges and barriers that impede the widespread
adoption and effective implementation of AI in cybersecurity practices.
 Evaluate the effectiveness, limitations, and areas for improvement of AI-powered
cybersecurity solutions, with the aim of identifying best practices and potential
areas of innovation.
 Investigate how malicious actors exploit AI technologies to their advantage,
exploring the tactics, techniques, and implications of AI-enabled attacks on
cybersecurity.
 Explore the potential ethical and privacy concerns associated with the integration
of AI in cybersecurity, examining the balance between enhanced security
measures and the protection of individual rights and data privacy.

By addressing these objectives, the thesis aims to provide a comprehensive analysis of

the opportunities, challenges, and ethical dimensions of leveraging AI in the
cybersecurity industry. The research aims to contribute to the existing knowledge and
inform industry professionals, policymakers, and stakeholders about the
transformative potential of AI, the obstacles to its integration, the evaluation of
existing solutions, the implications of AI-driven attacks, and the ethical considerations
surrounding AI in cybersecurity.

3
LITERATURE REVIEW

This review explores the utilization of Artificial Intelligence (AI) in the cybersecurity
industry, covering current trends and potential future directions. The discussion also
includes the significance of addressing the skill resource gap, and the exploitation of
AI by cyber criminals.

Artificial intelligence evolution to its current trends

The increasing digitalization of the world has made cybersecurity paramount for
businesses to protect their assets and information (Hunter, 2020; Simonovich, 2021).
Cyber-attacks pose significant threats to both businesses and personal privacy,
necessitating effective protection measures, with AI emerging as a potential solution.
Cybersecurity encompasses a range of technologies aimed at safeguarding computers,
networks, programs, and data from cyber criminals' attacks (Xin et al., 2018). Many
organizations employ a hybrid approach that combines software and hardware
appliances across multiple layers of defense. These measures include firewalls,
antivirus software, and intrusion detection systems (IDS) (Diogenes and Ozkaya,
2018; Xin et al., 2018).

Traditionally, antivirus software has relied on signature-based detection as the

primary method (Hall, 2021; Xin et al., 2018). Such methods identify known attacks
by comparing their signatures to those stored in a malicious signature database. While
effective in detecting known attacks, this approach falls short when it comes to
identifying new or zero-day attacks, as the software lacks the associated signature in
its database to classify them as threats (Hall, 2021; Xin et al., 2018).

Hall's article presents alarming statistics, revealing that there have been nearly 16
billion recorded breaches and approximately 1 in 100 emails is a phishing attempt as
of June 2020 (Hall, 2021). These numbers highlight the extensive attack surface and
its continuous growth. Attackers are adapting by altering their signatures and
employing their own AI technologies. To effectively combat these evolving threats, it
is crucial to enhance defensive strategies and incorporate AI into defense
mechanisms. Traditional signature-based detection, a reactive approach, has proven

4
ineffective in defending against these evolving attacks. Therefore, the proactive
implementation of AI and machine learning (ML) as a preventative solution is
necessary to address these advancing threats (McClurg, 2020). However, it is
important to note that until AI and ML models have been trained, traditional analysis
remains the most reliable defense strategy compared to untrained AI/ML models. The
existing network and endpoint protection measures, which have been in place for
years, are becoming obsolete as hackers continuously adapt. This underscores the
need to train AI models to fill this role (Labs, 2021).

In terms of functionality, Artificial Intelligence utilizes programmed behavioral

analysis to constantly monitor and detect threats, providing immediate defensive
responses to both known and new (zero-day) attacks (Simonovich, 2021). A
substantial amount of data is necessary for the algorithm to establish a baseline for
normal business operations and detect any anomalies that may indicate malicious
activity. The utilization of AI and ML in anomaly detection will enhance the ability to
identify and mitigate threats (Halsey, 2021; Xin et al., 2018).

Artificial Intelligence (AI) plays a crucial role in improving cybersecurity by

enhancing the detection rate of known attacks and reducing false positives for
unknown attacks (Xin et al., 2018). It operates at both macro and micro levels to
provide comprehensive protection.

At the macro level, AI facilitates the implementation of next-generation firewalls

(NGFW) that offer enhanced security measures. Unlike traditional signature-based
databases, AI/ML algorithms can detect and block suspicious files based on specific
behavioral patterns, without relying on historical comparisons. When a file exhibits
certain predefined behaviors, it is isolated and analyzed. With each iteration, the
algorithm learns from these experiences and improves its proficiency in identifying
suspicious files in the future (Hall, 2021).

At the micro level, AI employs heuristic analysis to detect viruses by examining code
for suspicious elements. This heuristic-based detection method makes it more difficult
for zero-day attacks to infiltrate a network. For example, AI-based facial recognition
software adds an extra layer of protection to mobile devices and the networks they are
connected to (Hall, 2021).

5
The AI revolution in cybersecurity is continuously advancing. Simonovich discusses
the introduction of DeepArmor Industrial software, developed through a collaboration
between Siemens Energy and AI startup SparkCognition. This software utilizes AI to
identify and flag cyber threats proactively, even before an attack occurs (Simonovich,
2021). In 2021, global cybersecurity leader Sophos introduced several notable
developments, including the SOREL-20M dataset for accelerating malware detection,
the AI-powered Impersonation Protection Method that compares email sender names
with a database to identify suspicious messages, and the YaraML Automatic
Signature Generation Tool that enables AI to generate its own signatures ("Sophos
Announces 4 New…", 2021). These advancements represent just the beginning of the
ongoing progress in AI-driven cybersecurity.

As the technology continues to advance, it is important to consider the certifications

and regulations that will accompany it. Halsey emphasizes the need for a standards-
based approach, such as the ISA/IEC 62443 series, to provide individuals and
businesses with knowledge of standardized procedures for their security platforms. A
study revealed that 81% of engineers and managers believe that standards help
companies improve compliance with security regulations (Halsey, 2021).
Additionally, according to Hunter, third-party certification systems are preferred over
self-certification systems, which are currently practiced under the National Institute of
Standards and Technology. The Cybersecurity Maturity Model Certification (CMMC)
is an example of a third-party certification system that may soon become a
requirement for defense contract eligibility in the United States. However, this could
potentially create barriers to entry in defense supply chains and could be challenging
to keep up with. Hunter suggests that AI may offer a better alternative to this system
(Hunter, 2020).

Future of AI in Cybersecurity and its Benefits

The future of AI in cybersecurity holds promising potential, although there are

varying viewpoints on what lies ahead. The technology is rapidly advancing and
offers numerous benefits, alongside certain concerns within the cybersecurity industry
(Hall, 2021; Maguire, 2022; Yampolskiy, 2017). Hall's research highlights a study

6
indicating that the AI market in cybersecurity is projected to reach $46.3 billion by
2027, underscoring its substantial growth prospects. He identifies four key advantages
of AI implementation: its ability to improve over time, handle large volumes of data,
enable faster detection and response to attacks, and enhance overall security for
businesses. However, there is a concern that AI may produce false positives and
inaccurate results if the available datasets lack diversity. Hall suggests that Deep
Learning, a subfield of AI, could offer a solution to mitigating these false positives
(Hall, 2021).

One of the classified benefits mentioned by Hall is AI's capacity to handle vast
amounts of data, surpassing human capabilities. Many sources support this notion,
emphasizing that AI can analyze extensive datasets resulting from previous cyber-
attacks. This data analysis is crucial for identifying patterns, understanding attack
techniques, and improving future defenses. AI's ability to process and analyze such
enormous datasets is a significant advantage that human analysts alone would find
impractical or impossible to achieve.

The analysis required to develop effective solutions for future challenges surpasses
human capabilities, which is where AI comes into play (Addo et al., 2019; Addo et
al., 2020; Hall, 2021; Hunter, 2020; Maguire, 2022).

Addo et al. emphasize in their books the critical importance of both the quality and
quantity of data sources. These data sources are necessary to train AI systems
effectively, enabling them to continuously learn, adapt, and respond to new variations
of cyber-attacks (Addo et al., 2019; Addo et al., 2020; Hall, 2021).

The question of whether AI will replace humans in the future remains a subject of
debate. Some sources argue in favor of replacement (Hunter, 2020; Yampolskiy,
2017; "AI likely to replace humans...", 2021), while others contend that humans will
still be necessary (Addo et al., 2020; Labs, 2021). While nothing is certain, this
ongoing discussion is reasonable given the rapid growth of this technology.

A survey of IT leaders revealed that 41% believed AI would replace their roles in
business by 2030, while 9% disagreed ("AI likely to replace humans...", 2021).
Hunter suggests that AI algorithms can be utilized to assess vulnerabilities, identify

7
entry points, and address real-time issues, eliminating the need for humans in these
tasks (Hunter, 2020). Yampolskiy takes a more extreme perspective, warning about
the potential global consequences if a super intelligent AI (SAI) system were to fail,
expressing concerns shared by Stephen Hawking, Bill Gates, and Elon Musk
regarding the potential loss of human control over AI (Yampolskiy, 2017).

On the other hand, many sources argue that despite the growth of AI, humans will
continue to play important roles. Addo et al. explain in their book that while AI
detects threats and analyzes raw data, humans are still needed to take corrective
actions and defend against attacks (Addo et al., 2020). An interview response from
Labs similarly states that software alone cannot detect everything and that humans are
necessary to fine-tune AI or machine learning systems for specific environments
(Labs, 2021).

METHODOLOGY

 Data Extraction:
Pertinent information will be extracted from the selected literature sources,
focusing on key findings, methodologies used in previous studies, and relevant
theoretical frameworks discussed by the authors. The extracted data will be
organized to facilitate subsequent analysis.
 Thematic Analysis:
A thematic analysis of the literature will be conducted to identify common
themes, trends, and patterns. Similar findings and arguments will be grouped
together to form thematic categories. Themes such as improved threat detection,
enhanced response times, ethical considerations, and human-AI collaboration
may be identified.
 Data Synthesis:
The findings from the literature review will be synthesized, taking into account
the identified themes and patterns. The relationships between different themes
will be analyzed, and their contributions to the overall understanding of the
impact and challenges of AI in cybersecurity will be discussed.

8
 Discussion and Interpretation:
The implications of the synthesized findings will be discussed, and the results
will be interpreted in the context of the research objective and questions.
Different viewpoints and arguments presented in the literature will be compared
and contrasted, highlighting any inconsistencies or gaps in knowledge.

Expected Outcomes:

 The research will analyze the current state of AI in the cybersecurity industry,
examining its existing applications, advancements, and potential future
developments. This analysis will contribute to a deeper understanding of how AI
can be effectively utilized to enhance cybersecurity practices.
 The study will identify and analyze the challenges and barriers that impede the
widespread adoption and effective implementation of AI in cybersecurity. By
highlighting these obstacles, the research aims to provide insights into key areas
that need to be addressed to fully leverage the potential of AI in the field.
 An evaluation of AI-powered cybersecurity solutions will be conducted to assess
their effectiveness, limitations, and areas for improvement. This evaluation will
identify best practices and potential areas of innovation, contributing to the
development of optimized AI-driven cybersecurity solutions.
 The research will investigate how malicious actors exploit AI technologies to
their advantage, exploring the tactics, techniques, and implications of AI-enabled
attacks on cybersecurity. By gaining insights into these threats, the study aims to
enhance understanding of the evolving threat landscape and the need for robust
defense mechanisms.
 Ethical and privacy considerations associated with the integration of AI in
cybersecurity will be explored. The research will examine the balance between
enhanced security measures and the protection of individual rights and data
privacy, providing guidance on ethical frameworks and responsible AI use in
cybersecurity.
 Overall, the thesis aims to provide a comprehensive analysis of the opportunities,
challenges, and ethical dimensions of leveraging AI in the cybersecurity industry.
The expected outcomes include a deeper understanding of AI's potential in

9
 cybersecurity, insights into barriers to adoption, recommendations for
improvements in AI-powered solutions, awareness of AI-enabled threats, and
guidance on ethical considerations in AI-driven cybersecurity practices.

SIGNIFICANCE OF THE PROJECT

The research holds significant potential in the following areas:

 Advancing Knowledge: This study contributes to the existing body of knowledge

by exploring the impact of AI on cybersecurity practices and investigating the
benefits and challenges of implementing AI in threat detection and prevention. It
offers valuable insights that enhance our understanding of how AI technologies
can improve cybersecurity measures.
 Improved Cybersecurity Practices: The findings of this research can lead to the
development of more effective and efficient cybersecurity practices. By
identifying the specific areas where AI can significantly enhance threat detection
capabilities, organizations can leverage these technologies to proactively detect
and mitigate cyber threats, thereby reducing potential damages and losses.
 Addressing Challenges: By examining the challenges associated with
implementing AI in cybersecurity, this research helps in identifying potential
obstacles and providing guidance for their mitigation. It sheds light on ethical
considerations, technical limitations, and human-AI collaboration issues, enabling
organizations to navigate these challenges effectively and ensure the responsible
and secure use of AI technologies.
 Decision Support: The insights gained from this research serve as a valuable
resource for decision-makers, policymakers, and cybersecurity professionals.
They inform strategic decision-making processes related to AI adoption and
cybersecurity investment, facilitating informed choices and optimal resource
allocation.
 Future Research Directions: This research identifies potential gaps or areas
requiring further investigation within the field of AI in cybersecurity. By
highlighting these gaps, it inspires and guides future research endeavors to delve
deeper into specific aspects, such as developing new AI algorithms for threat

10
 detection, exploring novel AI applications in cybersecurity, or investigating the
implications of AI on privacy and data protection.
 Practical Applications: The outcomes of this research have practical implications
for organizations and practitioners involved in cybersecurity. The identified
benefits, challenges, and best practices inform the design and implementation of
AI-based cybersecurity systems, helping organizations enhance their cyber
resilience and adapt to evolving threats.
 In summary, this research holds significant promise in advancing knowledge,
improving cybersecurity practices, addressing challenges, providing decision
support, guiding future research, and facilitating practical applications in the field
of AI in cybersecurity.

DURATION AND PLAN OF ACTION:

Project Duration: The estimated duration for this research project is 6 months and 2
weeks.
Phase’s Action Plan of Action Duration
Phase 1 Project Initiation Refine the research scope 2 weeks
and identify the key
focus areas
Phase 2 Literature Review Extract data from the 6 weeks
selected literature
sources, focusing on key
findings and
methodologies used.
Conduct a thematic
analysis of the literature,
identifying common
themes and patterns.

11
Phase 3 Data Synthesis and Analyze the relationships 8 weeks
Analysis between different themes
and subtopics.
Interpret the findings in
the context of the
research objectives and
questions.

Phase 4 Discussion and Compare and contrast 6 weeks

Interpretation different viewpoints and
arguments presented in
the literature.
Address the research
questions and draw
conclusions based on the
findings.

Phase 5 Report Writing and Revise and edit the report 4 weeks
Finalization for clarity, coherence,
and accuracy.
Incorporate feedback
from advisors or
reviewers.
Finalize the research
report and prepare it for
submission or
dissemination.

BUDGET OR COST:

REASON FOR MATERIAL ESTIMATED DESCRIPTION

12
THE COST

COST
Research Paper 2000 Br Budget for relevant
Equipment literature, and
Pen
specialized
equipment.
Software tools

etc

Travel and Viechels 5000Br Account for travel

Fieldwork costs, including
Housing
Expenses transportation,
accommodation,
Meal
and meals if
Drinkings fieldwork or
collaboration is
required.

Publication and …. 5000Br Budget for

Dissemination publishing research
findings in
academic journals,
including article
processing charges,
membership fees,
and conference
presentation
expenses.

13
REFERENCES

Addo, A., Centhala, S., & Shanmugam, M. (2019). Artificial Intelligence for Risk
Management. Business Expert Press.

Addo, A., Centhala, S., & Shanmugam, M. (2020). Artificial Intelligence for
Security. Business Expert Press.

AI likely to replace humans in cybersecurity space by 2030. (2021). FRPT- Telecom

Snapshot, 20–20.

Diogenes, Y., & Ozkaya, E. (2018). Cybersecurity, attack and defense strategies:
Infrastructure security with Red Team and Blue Team tactics. Packt Publishing.

Erdogan, G., Hugo, Å., Romero, A., Varano, D., Zazzeri, N., & Žitnik, A. (2020). An
Approach to Train and Evaluate the Cybersecurity Skills of Participants in
Cyber Ranges based on Cyber-Risk Models: Proceedings of the 15th
International Conference on Software Technologies, 509–520.
https://doi.org/10.5220/0009892105090520

Hall, D. (2021). 4 Benefits of Using AI in Cybersecurity | CIO Insight. CIO Insight,

N.PAGN.PAG

14