Explore our Topics:

Minority Report-style AI predicts cyberattacks before they happen

Researchers have developed a framework that combines three AI models to defend and protect Internet of Things (IoT) devices.
By admin
Jan 30, 2025, 10:49 AM

Researchers have developed a new system that uses artificial intelligence to anticipate and prevent cyberattacks on Internet of Things (IoT) devices before they can cause damage. 

The breakthrough comes at a critical moment – in just the first half of 2023, cyberattacks on Internet of Things (IoT) devices surged by 300%, while IoT malware attacks skyrocketed by 400%. For the healthcare sector, where connected devices are projected to reach 29 billion by 2027, the stakes couldn’t be higher.

Modern healthcare runs on a complex network of IoT devices that hackers view as prime targets – from nurse call systems and infusion pumps to medication dispensing systems and connected cameras. What makes these systems particularly vulnerable? About one in five connected medical devices still run on unsupported operating systems, creating perfect entry points for cybercriminals. For hospitals, where a single breach now costs an average of $10.93 million – the highest across all industries – this predictive capability could prove revolutionary.

The innovative framework combines three powerful AI models: GPT (best known for powering chatbots), BERT (a language processing system), and LSTM (a neural network specialized in analyzing sequences). Working together, these models achieved an impressive 98% accuracy in predicting potential network intrusions.

The system works like a highly sophisticated early warning system. The GPT model monitors network traffic and predicts what legitimate network patterns should look like. BERT then acts as a fact-checker, verifying whether the predicted patterns make sense. Finally, LSTM serves as the security guard, identifying any suspicious patterns that might indicate an upcoming attack.

This three-layer approach marks a significant shift from current cybersecurity methods. Most existing systems function like a home alarm that goes off when someone breaks in. The new AI system is more like a security camera that spots suspicious activity in the neighborhood and alerts authorities before any break-in occurs.

The researchers tested their system using a dataset that simulated real-world IoT network traffic, including various types of attacks such as distributed denial of service (DDoS), browser hijacking, and malware. The results showed that the system could successfully predict and classify different types of attacks with high accuracy.

The system’s success rate is particularly noteworthy given the complex nature of modern cyberattacks. While it achieved near-perfect accuracy in identifying most types of attacks, it showed some limitations in detecting XSS (cross-site scripting) attacks, one of the most common types of website vulnerability according to IEEE Computer Society.

XSS attacks, or cross-site scripting, are particularly sneaky cyberattacks where hackers inject malicious code into websites that then runs on visitors’ browsers. Think of it like a digital version of tampering with an ATM – criminals plant hidden code that affects everyone who uses the site later. These attacks can steal passwords, hijack user sessions, or redirect visitors to fake websites. Their subtle nature makes them especially difficult for AI systems to detect, as the malicious code often looks very similar to normal web traffic.

The system currently requires significant computational resources, and they only used a limited dataset for training. Future work will focus on testing the framework with a broader range of attack types and optimizing its performance.

The research team plans to expand their work by testing the system against more sophisticated and contemporary attacks. They’re also exploring ways to make the system more efficient and practical for real-world applications.

As cyberattacks become more sophisticated and frequent, this predictive approach to cybersecurity could prove invaluable. The ability to stop attacks before they happen, rather than merely responding to them, could save organizations billions in potential damages and protect countless users from data theft and service disruptions.


Show Your Support

Subscribe

Newsletter Logo

Subscribe to our topic-centric newsletters to get the latest insights delivered to your inbox weekly.

Enter your information below

By submitting this form, you are agreeing to DHI’s Privacy Policy and Terms of Use.