Engineered Multi-layer AI Service
- Semi-supervised AI Models. In this approach, normal behaviors are labeled, allowing for robust learning during training. Since insider threats are rare events, this type of labeling contributes to effective model training. However, it requires an initial larger effort to label normal behaviors.
- Unsupervised AI Models. These models do not require labeling and perform well under the realistic assumption that insider threat cases are quite rare within the entire dataset.
2. Second AI Tier. This tier generates the final output for cyber threat detection by assigning an anomaly score to each instance and ranking them to create a comprehensive threat listing. This process aims to maximize the detection of genuine threats while minimizing false positives, ensuring optimal accuracy in threat identification.
AI AEGIS CyberSecurity AI models
1. AI models targeting specific types of behavior and threat detection for each category within your physical and digital ecosystem:
2. AI models targeting specific types of anomaly and threat detection:
3. Reinforcement learning is used for continuous dynamic learning through time. As new data arrives from a different source and network entity, the system automatically updates its features and the AI machine is retrained to account for new behavioral patterns and contexts.
AI AEGIS Cybersecurity Fine-tuning, Optimization and Backtesting
Aegis CyberML™ offers two additional services to improve the implementation speed and accuracy of the AI anomaly detection models:
Model fine-tuning & optimization:
When your customized Aegis CyberML™ platform becomes operational, you can execute the model over historic timeframes and measure the accuracy of the anomaly detection against actual scenarios.