BT has developed an epidemiology-based cybersecurity prototype, “Inflame”, which uses deep reinforcement learning to enable enterprises to automatically detect and respond to cyber-attacks before they compromise a network.
Using the spread of viruses in human populations as a model to inform its AI, Inflame is a key component in BT’s recently-announced Eagle-i platform.
Epidemiological modelling is typically associated with the spread of viruses and diseases amongst human populations, and has been critical in analysing and managing the spread of COVID-19 over the past 20 months. Using the same principals of epidemiology, BT’s Inflame solution has been developed to understand how computer viruses and cyber-attacks spread across enterprise networks, and how to prevent them from happening.
To develop the technology, security researchers at the BT Labs in Suffolk, UK, built models of enterprise networks which were used to test numerous scenarios based on differing R rates of cyber-infection. This testing enabled the research team to understand how these threats can penetrate and compromise a network, and develop optimal automated responses needed to contain and prevent the spread of viruses across them.
The deep reinforcement training and learning undertaken in the development of Inflame means the solution can automatically model and respond to a detected threat within an enterprise network. These responses are also underpinned by ‘attack lifecycle’ modelling, which assesses real-time security alerts against established patterns to understand the current stage of an ongoing cyber-attack. This insight is used to predict the next stages of an attack and rapidly identify the best response to prevent it from progressing any further.
BT recently announced its transformational cyber defence platform ‘Eagle-i’, which uses AI to provide real-time detection of issues and intelligent automated responses. The platform has been designed to self-learn from the intelligence provided by each intervention, so that it constantly improves its threat knowledge and dynamically refines how it protects other users going forward.
“We know the risk of cyber-attack is higher than ever and has intensified significantly during the pandemic. Enterprises now need to look to new cybersecurity solutions that can understand the risk and consequence of an attack, and quickly respond before it’s too late,” said Howard Watson, Chief Technology Officer, BT. “Epidemiological testing has played a vital role in curbing the spread of infection during the pandemic, and Inflame uses the same principles to understand how current and future digital viruses spread through networks. Inflame will play a key role in how BT’s Eagle-i platform automatically predicts and identifies cyber-attacks before they impact, protecting customers’ operations and reputation.”