1. CSN
  2. All Volumes and Issues
  3. Volume 7, Number 1, 2025
  4. Analysis of Cyber Attacks Using Machine Learning on the Information Security Management Systems

Analysis of Cyber Attacks Using Machine Learning on the Information Security Management Systems

CSN.
2025;
Volume 7, Number 1
: pp. 68 - 78
https://doi.org/10.23939/csn2025.01.068
Authors:
  1. A. V. Habrylchuk
  2. V. A. Susukailo
  3. Y. O. Kurii
  4. S. I. Vasylyshyn
1
Lviv Polytechnic National University, Department of Information Protection
2
Lviv Polytechnic National University, Department of Information Protection
3
Lviv Polytechnic National University, Information Security Department
4
Lviv Polytechnic National University, Department of Information Protection

The article analyzes how modern machine learning algorithms are integrated into cyber threats, changing traditional cyberattack approaches. Artificial intelligence allows attackers to automate systems compromise and adapt their actions to real-time defense mechanisms. Detecting such attacks is one of the biggest challenges, as traditional cyber defense tools cannot always adequately respond to the speed and dynamism of threats created with the help of artificial intelligence. The article also examines the risks associated with using AI threats, including privacy compromise, damage to the reputation of organizations, and financial losses. The article proposes protection measures based on international standards, such as ISO 27001, to counter these challenges. In particular, it emphasizes the importance of implementing access controls, threat monitoring, ensuring data integrity, using cryptography, and conducting regular security audits. It also emphasizes the need to develop new tools to detect threats and prevent manipulations carried out using AI.

EvilProxy
PassGAN
DeepLocker
FaceSwap
Respeecher
ISO 27001:2022
  1. Horowitz M. C. et al. Artificial intelligence and international security. Center for a New American Security. 2022.
  2. Burova N., Oprysk R., Kurii Y., Lakh Y., Susukailo V. Machine learning as a key tool in defensive cyber operations: the effectiveness of phishing threat detection. Social Development and Security. 2024. 14(5).  113-123. Doi: https://doi.org/10.33445/sds.2024.14.5.11.
  3. Opirskyy I., Susukailo V., Vasylyshyn S. Дослідження можливостей використання чатботів зі штучним інтелектом для дослідження журналів подій. Ukrainian Information Security Research Journal. 2023. 24(4). 177-183. Doi: https://doi.org/10.18372/2410-7840.24.17380.
  4. The near-term impact of AI on the cyber threat. NCSC. URL: https://www.ncsc.gov.uk/report/impact-of- ai-on-cyber-threat (дата звернення: 19.01.2025)
  5. Business Email Compromise: The  $55  Billion  Scam.  URL: https://www.ic3.gov/PSA/2024/ PSA240911 (дата звернення: 19.01.2025).
  6. The AI Guardian: A New Era of Cyber Defense. Nationwide. URL: https://news.nationwide.com/the-ai- guardian-a-new-era-of-cyber-defense/ (дата звернення: 19.01.2025).
  7. Vakhula O., Kurii Y., Opirskyy I., Susukailo V. Security as Code Concept for Fulfilling ISO/IEC 27001: 2022 Requirements. In CPITS, 2024. Pp. 59-72.
  8. Kurii Y., Susukailo  V.,  Opirskyy I. Розробка методології оцінки відповідності стандарту ISO 27001. Ukrainian   Information   Security   Research   Journal. 25(3).   132-139.   Doi:   https://doi.org/10.18372/2410-    7840.25.17938.
  9. ISO/IEC 27001:2022. URL: https://www.iso.org/standard/27001 (дата звернення: 19.01.2025).
  10. ISO/IEC 27002:2022. URL: https://www.iso.org/standard/75652.html (дата звернення: 19.01.2025).