AiR, AI-based Detection Model Service

AI assistant service to support quick and accurate
decision-making while detecting cyber security threats

‘AiR’ is an AI detection model service that explains the prediction results and basis of the Classification · Explainable · Generative AI-based models in natural language.
It is provided in a hybrid form that combines external generative models such as ChatGPT with Classification and descriptive models based on IGLOO Corporation's own AI capabilities.

  • Needs for AI based
    Detection
    Model Service

  • Can we trust the predictions made by AI
    What are the criteria by which AI detects specific security data as abnormal or normal?

    Why is there no AI service in a more accessible format to
    make the AI-based decision-making criteria easier for
    security personnel to understand?

  • Key Features

  • ‘AiR’ is a ‘hybrid detection model’ service that provides the basis for the AI model’s decision-making on specific security data through the IGLOO detection model, descriptive AI, and generative AI.
    Users can evaluate the reliability of AI answers by checking the criteria by which AI model made specific predictions and improve their understanding of AI answers with the given descriptions in natural language.

    • 1

      IGLOO's Classification AI detection model

      It is based on a technology that can classify abnormal and normal security-related behavior through AI data learning.

      The model, which learns high-quality learning data developed by IGLOO using its own system data, establishes its own decision-making criteria to determine whether there is an attack or not.

    • 2

      IGLOO's explainable AI model

      It is based on a technology that informs what criteria AI uses to detect specific behavior as abnormal or normal.

      It describes AI predictions based on algorithms(e.g. SHAP) or existing patterns.

      It Identifies the reason why the Classification AI detection model has produced such results on the basis of the importance of attack features that has affected the model’s prediction process.

    • 3

      Generative AI model

      It is based on AI technology that creates new content based on learning about existing content.

      It provides descriptions in natural language, determined by ChatGPT based on its own data.

      There are plans to link multiple generative AI models and to apply the own generative AI model.

  • Advantages

  • Expected Effect

  • AiR is a security-specialized AI assistant that integrates IGLOO Corporation’s own AI technologies.

    AiR bridges knowledge gaps across security organizations by increasing reliability and understanding of AI-detected attacks, helping to ensure the best action is always implemented quickly.

    1

    Upgrading the security organization's analysis capabilities

    By comparing and checking the answers provided by the three AI models, you can increase your organization’s analysis capabilities.

    Predictions made by Classification AI detection model
    (results produced by the Classification model)

    Importance of attack characteristics (features) that has influenced the predictions
    (results produced by the descriptive model )

    Results in “natural language” form provided by the generative model.

    2

    Enhancing response efficiency by linking with various security devices

    We support integration with our own products and third-party products (SIEM, SOAR, portal, existing data protection products, etc.)

    It is possible to improve the playbook creation efficiency and reinforcement effect of SPiDER SOAR.