Does A Security Analyst Trust Machine Learning Technology Created Analytics?

admin Cloud Security Expert - CloudCodes Software
  • July 15th, 2019

Machine Learning Technology

Does a Security Analyst Trust Machine Learning Technology

When we published a post on contextualize trust, several business officials started asking a question from our support executives that – Does a security analysts trust the analytical solutions that are powered by the Machine Learning technology?

As per our experts’ opinion, the answer to this question is NO (in majority cases). Now definitely your mind might be prepared to ask next question i.e., ‘why the answer is no?’ In order to give answer to this, we have to move a little bit back. We believe that it will work to go a moment back and understand some basics involved in machine learning technology and analytics. This will help in getting the best answer to this query.

Before we begin with the major technical part first, you have to revise some important terminologies. So let’s get started!

Definition of Important Terminologies

  • Machine Learning – Machine learning technology helps computer machines to learn and create assumptions like human beings. The capability of learning and analyzing is gained through data, expert’s skills, and presence in the real world. The algorithms could detect big data, convert it into information, assume future events, and reveal mysteries secrets from the stored data. This offers clients with a measure to secure lives, assume those at heart disease and strokes’ risk, track possible threats, ignore data breaches, predict cloud threats, identify internal attacks, and stop cyber criminals. These algorithms could be aimed at addressing human nature to make predictions and, prevent internal malicious attacks. This secure companies from malware as yet unaddressed by security products.
  • Analytics – Analytics provide a means for converting data into an effective and efficient information that helps in decision making. This identifies useful insights and patterns of the existing data like trying to understand client’s behavior to predict the purchasing habits. In the world of cloud data security, analytics play a vital role in identifying risky end users or internal attacks by concentrating on user’s behavior.

Now Comes the Trust Question

If machine learning algorithms have this capability, why don’t we believe its observations? On basis of the research, we believe that following issues are the causes:

  • The answer of ‘what is the need to trust algorithms’ question is still missing from the process.
  • Major absence of a proper cloud data security training to business employees.
  • The core layer of expertise level is completely absent.
  • Lack of regulations and defined social norms.

It seems to be a perverse pleasure in describing on how self-driving cars could crash, automatic recognition of images could racist errors, and neural networks are coded for cracking passwords, with much less focus located on all the advantages available for users from machine learning technology.

Filling the Gaps

Even in dreams where machine learning algorithms have gained a near-perfect status, it is secure to predict that being human, security analysts will still have reservations about the output of machine learning technology. Following listed are six fields, which needs to be looked at to detect it:

  • Human-based AI – If an individual is provided with a little bit control over algorithms, he or she will use products that are powered by machine learning technology. The feature to:
    • Control and update the outcome
    • Ignore the false results, and
    • protects users from false alarms’ effects

    all renders the confidence for which we are confident and have the ability to ignore false alarms. Most importantly, the algorithms are helping users in making decisions – they are not for replacing them.

  • Context-Based – Distrust could be resulted when ‘what’ and ‘why’ reasoning is absent around the queries like:
    • Why have the algorithm has defined an individual as a risky person?
    • What does that particular output mean?
    • What is the reasoning behind observations?

    Machine learning technology is all about data analyzes and detection of a useful patter. Assuming that the technology will work perfectly on its own is not good assumption. It requires security analysts to describe a better scenario and come with the actual correct outcome. No only analysts but, software developers also show their active participation in the same because this helps in recognizing the false-positives.

  • Investigation-based – Around 62% of security threats are caused because of human unintentional errors while working. In such case, it is not at all good to blame ML technology for the occurrence of cybercrime. Organizations must investigate false-negative scenarios to detect whether its:
    • Users who failed in noticing the cloud security alert, or
    • The ML algorithms failed in discovering the threat.

    In either situation, we are profiting – if its an algorithm that is improper, we have a chance to upgrade it. Also, this will simultaneously help in improving users’ mechanism of visualization and alert.

Trust Has Its Importance

Is it possible to build a trust in between analytics and its end users by adding data, case-studies, investigations, following social norms, and educating about models? The answer to this question is simply Yes! Integration of the explanation, power for controlling the final output, false-negative investigation, and ML made up by social norms, is an approach to fill the gap between security analysts and machine learning technology powered analytical solutions.