& cplSiteName &

Guarded Optimism Over AI for Automation of Telco Security

Danny Dicks
Heavy Lifting Analyst Notes
Danny Dicks
1/3/2018
50%
50%

Artificial intelligence (AI) techniques such as neural networks and machine learning have been used for many years to improve the detection of malicious code and other threats within telecom traffic. The ability of such approaches to establish what normal patterns of traffic look like -- so as to flag abnormalities that might indicate an attack, or to characterize the behavior of systems after they have become infected with malware, so that it is possible to diagnose similar problems in other systems -- is undoubtedly a useful weapon in the fight against hackers and other malicious actors.

And AI has the potential to go further in support of telecom security. For instance, flagging that a denial of service or distributed denial of service (DoS/DDoS) attack has begun is one thing; automatically taking appropriate remediation actions based on the AI system's reasoning of what "appropriate" means is something different.

Vendors of DDoS prevention and mitigation solutions aren’t all sure that removing the human security analyst from this chain of events is a good thing: The consequences of a "false positive" identification of an attack, resulting in incorrect blocking or diverting traffic from certain sources, or of a certain type, can have serious consequences for a telco -- not least in terms of revenue. AI systems that can immediately present a human security analyst with the right type of data on which to base a decision, and perhaps a recommendation for three actions that could be taken, based on a machine learning model, seem a useful approach.

But other security management activities could be even more automated with the help of AI. To understand why in some cases the speed and accuracy of AI is appropriate, it is helpful to think about the threat and vulnerability context in which telcos find themselves at any given time.

Source: Heavy Reading
Source: Heavy Reading

The telecom industry has evolved from one where technologies and networks were largely proprietary and partners were trusted, to one that is much more open. This increases both the vulnerability of telco systems and exposes them to more threats. By putting in place new security-hardened networks, and deploying security products and functions, operators can reduce their vulnerability, but their control over threats is more limited.

The ability of AI to carry out complex analysis on high volumes of data very quickly, and to come to decisions about what is a threat, is something that is continually developing as traffic and the nature of threats change. One recent hot area of activity is in baselining of the behavior of devices connected to the Internet of Things (IoT). Here many established vendors and AI startups are developing solutions that will help operators to manage IoT devices and services more securely, making use of automatic profiling of those devices. More widely, application-level anomaly detection using local models of behavior on devices themselves, periodically updated from a central, cloud-based AI system, will help more rapid action in response to threats.

Heavy Reading’s Telecom Security Market Tracker, published in PowerPoint format, analyzes and forecasts the global market for cybersecurity solutions sold to communications service providers (CSPs). It maps available security solutions onto CSP domains, and profiles leading vendors of security solutions sold to CSPs -- both to protect their own networks and to enable them to provide managed security services to their customers.

— Danny Dicks, Contributing Analyst, Heavy Reading

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
More Blogs from Heavy Lifting Analyst Notes
A major re-architecting of the network will be needed to deliver future services, as we'll discuss during the upcoming BCE 2018.
Cable is moving into the Internet of Things (IoT) market, specifically homing in on home automation, using its advantage of existing connectivity and customers.
Communications service providers that are specialists in software-defined wide-area networking believe they're doing a good job on SD-WAN security but need to consider some enhancements to continue doing so.
Telefónica's 'fourth platform' uses artificial intelligence to analyze data from underlying platforms in order to better serve customers.
Fiber to the home (FTTH) and mm-wave 5G fixed wireless access (5G-FWA) are not actual competitors, as they both have their strengths and places in the market
Featured Video
From The Founder
Light Reading founder Steve Saunders talks with VMware's Shekar Ayyar, who explains why cloud architectures are becoming more distributed, what that means for workloads, and why telcos can still be significant cloud services players.
Flash Poll
Upcoming Live Events
May 14-16, 2018, Austin Convention Center
May 14, 2018, Brazos Hall, Austin, Texas
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
Australia's Optus on Back Foot After 'Anglo Saxon' Job Ad
Ray Le Maistre, Editor-in-Chief, 4/13/2018
Is Gmail Testing Self-Destructing Messages?
Mitch Wagner, Mitch Wagner, Editor, Enterprise Cloud, Light Reading, 4/13/2018
BDAC Blowback – Ex-Chair Arrested
Mari Silbey, Senior Editor, Cable/Video, 4/17/2018
Verizon: Lack of Interoperability, Consistency Slows Automation
Carol Wilson, Editor-at-large, 4/18/2018
AT&T Exec Dishes That He's Not So Hot on Rival-Partner Comcast
Mari Silbey, Senior Editor, Cable/Video, 4/19/2018
Animals with Phones
I Heard There Was a Dresscode... Click Here
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed