& cplSiteName &

Guarded Optimism Over AI for Automation of Telco Security

Danny Dicks
Heavy Lifting Analyst Notes
Danny Dicks
1/3/2018
50%
50%

Artificial intelligence (AI) techniques such as neural networks and machine learning have been used for many years to improve the detection of malicious code and other threats within telecom traffic. The ability of such approaches to establish what normal patterns of traffic look like -- so as to flag abnormalities that might indicate an attack, or to characterize the behavior of systems after they have become infected with malware, so that it is possible to diagnose similar problems in other systems -- is undoubtedly a useful weapon in the fight against hackers and other malicious actors.

And AI has the potential to go further in support of telecom security. For instance, flagging that a denial of service or distributed denial of service (DoS/DDoS) attack has begun is one thing; automatically taking appropriate remediation actions based on the AI system's reasoning of what "appropriate" means is something different.

Vendors of DDoS prevention and mitigation solutions aren’t all sure that removing the human security analyst from this chain of events is a good thing: The consequences of a "false positive" identification of an attack, resulting in incorrect blocking or diverting traffic from certain sources, or of a certain type, can have serious consequences for a telco -- not least in terms of revenue. AI systems that can immediately present a human security analyst with the right type of data on which to base a decision, and perhaps a recommendation for three actions that could be taken, based on a machine learning model, seem a useful approach.

But other security management activities could be even more automated with the help of AI. To understand why in some cases the speed and accuracy of AI is appropriate, it is helpful to think about the threat and vulnerability context in which telcos find themselves at any given time.

Source: Heavy Reading
Source: Heavy Reading

The telecom industry has evolved from one where technologies and networks were largely proprietary and partners were trusted, to one that is much more open. This increases both the vulnerability of telco systems and exposes them to more threats. By putting in place new security-hardened networks, and deploying security products and functions, operators can reduce their vulnerability, but their control over threats is more limited.

The ability of AI to carry out complex analysis on high volumes of data very quickly, and to come to decisions about what is a threat, is something that is continually developing as traffic and the nature of threats change. One recent hot area of activity is in baselining of the behavior of devices connected to the Internet of Things (IoT). Here many established vendors and AI startups are developing solutions that will help operators to manage IoT devices and services more securely, making use of automatic profiling of those devices. More widely, application-level anomaly detection using local models of behavior on devices themselves, periodically updated from a central, cloud-based AI system, will help more rapid action in response to threats.

Heavy Reading’s Telecom Security Market Tracker, published in PowerPoint format, analyzes and forecasts the global market for cybersecurity solutions sold to communications service providers (CSPs). It maps available security solutions onto CSP domains, and profiles leading vendors of security solutions sold to CSPs -- both to protect their own networks and to enable them to provide managed security services to their customers.

— Danny Dicks, Contributing Analyst, Heavy Reading

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
More Blogs from Heavy Lifting Analyst Notes
The use of artificial intelligence by telcos is currently limited, but the Acumos AI Project looks set to make machine learning applications more easily created and readily available.
Cable is moving in on the wireless market, with many exciting opportunities opening up across the board, including in WiFi, mobile virtual network operator (MVNO) and 5G.
On July 27, Nick Read will become Vodafone Group CEO designate before assuming the role of Group CEO on October 1. What can we expect from the operator's current CFO once he's in the hot seat?
More than half the communications services providers surveyed for this report expect to have 5G backhaul ready by 2020, even though they still do not know which vendors they plan to use for this step.
Mobile operators may find that all their investments in VoLTE and RCS are for naught as OTT providers win and they are left monetizing the data pipe.
Featured Video
From The Founder
John Chambers is still as passionate about business and innovation as he ever was at Cisco, finds Steve Saunders.
Flash Poll
Upcoming Live Events
September 12, 2018, Los Angeles, CA
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 6, 2018, London, United Kingdom
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
Telecom Jargonosaurus Part 1: Repeat Offenders
Iain Morris, News Editor, 7/13/2018
Verizon Taps Malady as Acting CTO
Dan Jones, Mobile Editor, 7/12/2018
Get Off My Wireline Lawn!
Carol Wilson, Editor-at-large, 7/17/2018
Eurobites: EU Socks Google With $5B Monster-Fine for Android Control-Freakery
Paul Rainford, Assistant Editor, Europe, 7/18/2018
Netflix Is Growing, but Don't Ask by How Much
Phil Harvey, US News Editor, 7/16/2018
Animals with Phones
Casual Tuesday Takes On New Meaning Click Here
When you forget your pants.
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed