SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsAI has increased accessibility to beneficial technological capabilities for organizations and ushered in a new era of advanced threats. With the help of AI, the generation of new and dangerous malware is faster and easier to develop than ever before. This paper investigates whether legacy tools such as VirusTotal, MetaDefender, and Hybrid Analysis remain effective in detecting modern threats and explores the alternative of using AI as a detection technique. This paper will compare the results of AI-generated malware analysis using legacy tools and various AI models and prompts to develop best practices to protect organizations of all sizes. The results show that AIassisted malware analysis is significantly more effective at detecting these new threats than legacy approaches and provides vital analysis. Throughout testing, ChatGPT has been proven to be the most effective model for malware analysis. This paper also explores how AI file analysis can be automated using the low-code automation solution N8n to further augment detection. The implications of this research can help organizations defend their interests more cost-effectively amid rapid technological change.