Machine Learning Best Way to Defend Web3 From Exploits
Bedeviled by Hacks and Exploits Web3 Should Tap ML to Protect Its Turf — Here's HowOp-ed
It’s no secret that crypto-centric data breaches have been soaring recently, with this trend likely to increase in the foreseeable future, especially as cybercriminals continue to employ more sophisticated techniques to facilitate their attacks.
To this point, losses emanating from various cryptocurrency hacks surged by approx. 60% over the first seven months of the year, propelled, in large part, by funds being stolen from various decentralized finance (DeFi) protocols.
An AI Answer
During October 2022 alone, a record $718 million was stolen from DeFi protocols across 11 different hacks, sending the year’s cumulative hack-related losses over the $3B mark. Now many experts believe that artificial intelligence (AI) and machine learning (ML) — with the latter being a subset of the former — could help alleviate many of today’s most urgent cybersecurity issues.
An Essential Piece of the Puzzle?
ML-driven privacy systems are designed to learn and compute a project’s regular network activity and subsequently detect and identify suspicious movements. There are two types of ML systems that can be used: supervised ones that can learn to generalize from past attacks, and unsupervised ones that can detect unknown attacks, alerting cybersecurity personnel of any deviations from the norm.
Indeed, ML-ready technologies should become a crucial component of threat detection and defense of the burgeoning web3 sector, keeping bad actors at bay in an automated fashion.
The total capitalization of the AI cybersecurity market (of which ML is a major component) is projected to grow at a compound growth rate (CAGR) of 23.6% over the next five years, reaching a cumulative total of $46.3B by 2028.
From a technical perspective, ML systems allow security experts to identify problems quickly, utilize more data sets than is possible with simple human accounting, and enable them to devise systems that do not have an innate bias. In other words, they can augment older heuristic-based processes, making them more efficient and error-free.
The industry needs to make web3 more appealing to data scientists, something that can be done by educating that cohort about the underlying technology and providing incentives to make this niche more appealing.
As a result, it becomes easier for platforms to respond to hacking incidents long before the problem can compound. In fact, when ML platforms detect and identify malicious activities within a web3 system, they can automatically block a malicious entity from exploiting a protocol. Forta, for example, is a decentralized monitoring network capable of detecting threats and anomalies on DeFi, NFT, governance, bridges, and other web3 systems in real-time.
Most ML platforms are driven by data scientists, and here lies one of the key challenges as far as the implementation of this technology within the cybersecurity world goes. While web3 has attracted many developers, it hasn’t been able to attract a lot of data scientists so far.
This is unfortunate, given that there is so much data readily available for analysis, opening the door for many research opportunities for solving real-world problems. In this regard, the industry needs to make web3 more appealing to data scientists, something that can be done by educating that cohort about the underlying technology as well as providing incentives to make this niche more appealing.
Crypto Sleuth ZachXBT Exposed Chicanery For a Grateful DeFi Community
Deeply Researched Probes of Questionable Projects Proved 'Invaluable' in Mad YearThe Defiant
A vast majority of data science engagement in the cybersecurity ecosystem revolves around identifying attacks and suspicious on-chain activities. While these models encompass important elements such as anomaly detection, time series analysis, as well as supervised classifiers, there are still more opportunities to be developed that stretch beyond monitoring.
There are many ways ML may make today’s cybersecurity systems more secure and reliable. For example, it can be used to detect third-party threats and anomalies, identify irregular patterns, eliminate bots, orchestratea platform’s existing security protocols and behavioral analytics.
Here are some of the core impacts that the technologies mentioned above have on today’s cybersecurity frameworks:
Efficient Management of Vulnerabilities
Most crypto protocols cannot stay abreast of the vulnerabilities emerging daily. While conventional vulnerability management techniques are designed to respond to incidents after hackers have exploited a particular loophole, machine learning systems can identify vulnerabilities in an automated manner.
ML-powered behavior analysis tools can analyze the behavior of digital asset users across several transactions, allowing them to detect anomalies pointing in the direction of an unknown attack. As a result, protocols can safeguard their holdings even before an issue has been reported and fixed.
Over time, ML-enabled tech can even be applied within the context of platform auditing and monitoring, with the technology being used for the development of graph-based algorithms, embedded deep learning systems, and reinforcement learning mechanisms.
Faster Detection of External Threats
Most traditional security systems use attack signature-based indicators to single out individual threats. While this method is highly efficient in highlighting previously discovered problems, it is not very efficient in weeding out issues that have not yet been found.
That said, when traditional attack signature indicators are tied together with ML, the detection of potential threats can be significantly increased while at the same time minimizing false positives.
SOL Soars 36% As Bonk Memecoin Becomes First Hit of 2023
NFT Marketplace Magic Eden Generated Record Volume In DecemberThe Defiant
Machine learning is known for providing users with excellent forecasting capabilities and efficient data analysis methods, which are essential for optimizing blockchain mechanisms. Not only that, these properties are even more helpful when it comes to enhancing a blockchain’s native data verification procedures, detection of malicious attacks, and faster identification of fraudulent transactions.
As cyber-attacks become more sophisticated, machine learning can help projects be more prepared for external threats. Using the correct systems, organizations can not only detect and respond to hacking attempts in real-time but also take remedial measures before a threat becomes serious.
Still, AI/ML tech is not a panacea for today’s existing cybersecurity woes. Rather, the technologies must sit side by side with expert systems, making the ecosystem more secure. As we continue moving towards a more decentralized future, it will be interesting to see how these new technological paradigms will evolve.
Christian Seifert, a former web security specialist at Microsoft, is a security researcher in the Forta community.