AI Cyber Solutions Positioning To Better Secure Web3

AI, Artificial Intelligence concept, Circuit board.


The past year was tough for crypto markets with the Terra Luna meltdown, the FTX bankruptcy, a string of high-profile insolvencies, and a surfeit of hacking-related incidents. A recent report from Immunefi, the bug bounty and security platform, revealed the crypto industry incurred losses of $3.9 billion in 2022 due to various hacking, fraud, and scam-related incidents.

The decentralized finance (DeFi) market was the most targeted by cyber criminals and suffered over $3 billion in losses from 155 incidents, a 56 percent increase on 2021. A CyberEdge report found a record 63 percent of ransomware victims paid ransoms (2021), encouraging cybercriminals to increase their attacks, and that ransomware attacks have increased by 80 percent year-on-year.

With the Web3 market forecast to scale to $6 trillion, cyber security experts are expecting cyber crime to scale in pace with Web3 growth. Cyber experts predict that artificial intelligence (AI) and in particular, the machine learning (ML) branch of AI, will vastly improve the fabric of digital security to make Web3 more secure.

The AI cybersecurity market is set to grow to $46 billion by 2028, over 23 percent annually. With the rising popularity of AI platforms like OpenAI’s ChatGPT, Google’s inaccurate Bard, and the newly hailed Microsoft AI build out of Bing, one might speculate these base AI technologies stand to accelerate the development of the heuristics side of cybersecurity.

How ML Can Better Secure Web3

Web3, the decentralized web, is built on the foundation of blockchain technology. While public blockchains can provide greater transparency and autonomy for users, they are (more) vulnerable to third-party attacks. Data and transactions are recorded on a public decentralized ledger, rather than a central (authority’s) database, and present a new range of digital security issues. ML is rapidly becoming an integral part of today’s Web3 defense, offering new ways to identify and mitigate potential vulnerabilities.

One of the ways in which ML is being used to defend the Web3 ecosystem is through the optimization of smart contracts. Smart contracts are self-executing contracts containing the terms of the agreement in computer code and eliminate the need for human intervention. Smart contracts are the engine room of many of today’s most popular DeFi platforms. They can be vulnerable to external attacks due to a lack of proper testing, poorly secured interactions with other smart contracts, re-entrancy attacks, and front-running invasions, to name a few.

Christian Seifert, researcher-in-residence at Web3 security platform Forta says, “Machine learning will continue to be used by crypto projects to identify and mitigate vulnerabilities present in their smart contract infrastructures. The technology can also provide insights and intelligence, which can improve decision-making and drive innovation within this space. Simply put, ML is [fast] becoming an essential tool within the realm of Web3 security.”

ML models analyze large amounts of big data, billions and trillions of data items, and can identify patterns and anomalies that help to indicate fraudulent activity. ML is being used in Web3 security in an expansive range of areas including predictive capabilities by training ML algorithms using historical data to identify the characteristics of ransomware attacks, phishing, malware, money laundering and terrorist finance, identity provenance, oracle data provenance, and potential node failure.

Dr. Neha Narula, Director of the Digital Currency Initiative at the MIT Media Lab, says, “Machine learning can be used to predict and prevent future exploits, by analyzing patterns and trends in data, it can identify potential vulnerabilities before they are exploited. This allows developers to take proactive measures to mitigate these vulnerabilities, making Web3 projects more secure for users.”

ML Only As Good As The Training

ML models are only as good as the information data sets they are trained on, so it is important to ensure that the models are trained on a diverse and (statistically) representative set of data in order to improve their ability to detect and prevent exploits.

“The use of AI/ML in cybersecurity can be double edge sword. On the one hand, it can significantly reduce the time in detecting threats and allowing cybersecurity professionals to focus on the activity that is more likely than not malicious. However, too much reliance on these systems may lead to an increase in advanced and sophisticated attacks capable of evading AI/ML systems,” says David Schwed, COO of blockchain security firm Halborn.

Forta, Halborn, and a number of other cybersecurity firms like Cyware Labs, are making the case for ML to protect the burgeoning Web3 ecosystem from third-party threats. Booz Allen Hamilton, the American government and military contractor specializing in intelligence, has employed ML technologies to effectively replace human security resources, allowing researchers to maximize their work efficiency.

Darktrace, a British-American company specializing in cyber-defense uses ML-based immunity solutions to protect its clients. The firm thwarted a WannaCry ransomware attack that has affected more than 200,000 people (across 100+ countries) to date using this technology.

While machine learning can be used to improve the security of Web3 it is not a foolproof solution. Blockchain security is a constantly evolving field, and new types of cyber attacks are coming to the front line every day. ML tools can be exploited by cyber criminals, and while the technology can be used to detect and prevent known types of cyber attacks, it is often not as effective in the protection of unknown or previously unseen types of attacks.

As cyber attacks continue to become more sophisticated in their both their designs and intended outcomes, ML is positioning to play an important role in helping to better secure the Web3 metaverse. The impressive results of ChatGPT have seen already seen record investments in AI-based technology and the competition has turned up the heat on traditional search firms.

It won’t be long before cybersecurity platforms deploy a greater use of heuristics to thwart cybercriminal who are equally matched with the same technology. Only time will tell how much more effective this “AI-layer” of smart security will be in reducing cybercrime. Let us hope we can change the outcome of this zero sum game to the benefit of citizens and business and not cybercriminals.


Leave a Comment