Pre-trained Models for Cyber Security
We have seen the steps to design your own models from scratch in my earlier blogs, but training your own machine learning model involves a lot of steps and it’s a costly process involving skilled men power and the tools sets described in those articles. Not every organization has the budget or the men power to implement a complete AI echo system in-house but the burgeoning size of data produced is necessitating organizations to learn valuable insights from this data as showing in this study at 82% of the organizations wants AI implemented in their environments.
Concept of using pre-trained models that learn from the industry specific data can help these organizations.
This pre-trained learning has several benefits for the security industry.
- Models learn from the threats impacting a particular industry and benefit all the participants.
- No need to develop costly pipeline to do in-house learning.
- Timely discovery and remediation of newly discovered threats across industry.
- Robust models because the account for the bias/variance tradeoff as they learn across industry.
- Be transparent in Providing the training and test set that customer can try on their own.
Following are the capabilities that reliably pre-trained models should provide.
- Capability to ingest raw data from various organizations in the same industry, so that participants are not left with this cumbersome task.
- Design models with comprehensive set of features that represents the all the players in the industry.
- Make the underlying algorithms transparent so that organizations use systems from various AI providers.
- Thoroughly test and validate models so they provide highest accuracy with minimum errors.
- Provide strong security if the solution is cloud based and customers need to send their data on cloud.
- Provide on-prem alternatives for customers that are wary of compliance issues such as GDPR.
What security industry need to pave the way for such model into their environment
- Desire to bring more cognitive power to their environment.
- Mechanism for preserving, curating, and sharing threat intelligence data.
