Abstract - Repetitive Security is biggest concern for
emerging cyber atmosphere. It is very hard to develop
software to defend against cruelly developing assaults in
system. Researchers have demonstrated evincive technical
progress over the past ten years, much faster than was
previously anticipated in the field of Artificial Intelligence.
Artificial Intelligence techniques can enhance their overall
security deployment and give better security from an
expanding continuous learning and adaptation through
feedback loops. For promoting the development of cyber
security, a defense in depth architecture is required in
which AI is incorporated within each layer of that
architecture. In this paper, researcher has tried to deploy
AI in a Defense in Depth Architecture of cyber security.
Within each layer of cyber defense
1.0 INTRODUCTION
Information and communication technologies are top
handler of growth for our cyber society. Now Societies are
adopting Internet in many different ways and on many
different levels. This digital world not came only with
benefits but also vulnerabilities. Cyber security incidents,
sometimes intentional or accidental that are increasing at an
successive rate and are impacting on societal values. They
could also disrupt essential services such as healthcare,
electricity, water or mobile services. It covers everything
from the internet vandalism to physical and criminal
damage. The theft of intellectual property and economic or
state-sponsored espionage lies somewhere in between.
The core functionality of cybersecurity involves protecting
information and systems from major cyberthreats. These
cyber threats take many forms (e.g., application
attacks, malware, ransomware, phishing, exploit kits).
Unfortunately, cyber adversaries have learned to launch
automated and sophisticated attacks using these tactics at
lower and lower costs. As a result, keeping pace with
cybersecurity strategy and operations can be a challenge,
particularly in government and enterprise networks where, in
their most disruptive form, cyberthreats often take aim at
secret, political, military or infrastructural assets of a nation,
or its people.1
1
https://www.paloaltonetworks.com/cyberpedia/what-is-
cyber-security
Defense in depth2 is the concept of protecting a computer
network with a series of defensive mechanisms such that if
one mechanism fails, another will already be in place to
thwart an attack. Because there are so many potential
attackers with such a wide variety of attack methods
available, there is no single method for successfully
protecting a computer network. Utilizing the strategy of
defense in depth will reduce the risk of having a successful
and likely very costly attack on a network.
The first step of a defense in depth strategy to protect against
network breaches should be to establish proper access
control systems. Before granting access rights, an
enterprises system should check whether users have the
correct device identities (software, hardware and network
attributes) and user identities (each individual attribute of a
user). They should also have to meet certain role
requirements. For example, a network could grant access
only to employees using approved devices who are in
managerial positions at the company and using secure
network connections.
Network and security components must be able to
communicate so that if an attacker penetrates one system,
others can respond immediately to take preventative
measures. IF-MAP (www.if-map.org) is a robust protocol
that enables information sharing between disparate systems.
If an unauthorized user is able to break through these first
layers of defense, perhaps by stealing user credentials, an
enterprise can deprovision devices via a centrally managed
VPN or revoke remote access rights. Both of these actions
could be triggered as soon as a breach is detected.
2
SANS Reading Room by Todd McGuiness Version 1.2E
Defense In Depth
Now to defend these attacks our conventional security best
practices are deficient, against new frontier of
technologically advanced invader.

human knowledge, since neither individuals nor Artificial

Intelligence alone has proved overall success in this domain.
In this paper, Utilization of AI algorithm to defend security
risk and reduce potential business Impact.