Exploring Machine Learning for Enhanced API Security

This RegTech experiment aspires to monitor API-driven business processes the same way infrastructure teams monitor networks and firewalls. Although the idea of analyzing unknown inputs and outputs in the hope of locating compromised APIs fascinates me, I remain skeptical. It is true that extra steps in defending API-driven business processes create an impression of security. Yet, if the traffic in a FI is too complicated, then API monitoring could be a viable possibility. This is an idea I've picked up from attending various RegTech/cybersecurity events, where monitoring employees' emails, chats, and phone calls is already a standard procedure in many established FIs. The aim of this experiment is to investigate the possibility of improved protection for Application Programming Interface (API) nodes within a financial institution's internal information environment, by leveraging machine learning algorithms that can detect any suspicious patterns of API activity without having to examine the data itself. As digitization picks up speed, businesses and FIs are likely to depend more on APIs to share data rather than exchanging emails, documents or meeting in person. Eventually, the reliance on APIs might become so common that accessing products and services digitally would be the expected way to go, rather than just one possibility. This exponential growth in digitization implies that API-to-API communication will become more commonplace, with information being rapidly shared in response to user activity. This, however, can also mask potential security risks, with malicious actors being able to gain access to an API origination or receiver service and use it to launch further cybersecurity assaults on the system. The traditional approach to this sort of cybersecurity risk involves defending the perimeter, with rigid measures in place to protect the internal information systems from cyberthreats. However, this strategy is not without its shortcomings - keeping track of entry points, ensuring their security, and the risk of a major cyber threat if the software used in these access points is compromised. Therefore, the FinTech suggested that financial institutions should establish a multi-layered protection system, continuously surveying the use of application programming interfaces within their internal networks, in an effort to differentiate and detect unusual API activity that could be part of a focused attack on the internal network. Nevertheless, a strategy of defense in depth can be difficult to realize since a large number of API messages incorporate confidential customer or transaction data. Permitting the cybersecurity experts potential unrestricted access to this data could lead to the FI being unable to fulfill its vow of secrecy. In order to close this void, the FinTech recommended that the API observing RegTech answer should be furnished with inherent abilities to obscuring delicate client or exchange data naturally, preceding examining the remainder of the substance. For example, anonymity abilities will naturally change over client name or identifier to a hash proportional. Along these lines, the real investigation of the data will comprise of just investigating obscure API demands for different exercises. The FinTech hypothesized that the issue would be reduced to a case of analyzing data to discover patterns that are linked statistically to recognized attempts to breach the internal data environment. For Instance, the frequent application of different permutations of established passwords to gain access to a specific server through an API might signify a breached API starting point. It was anticipated by FinTech that such a solution could be utilized either in-line, which would aim to observe the API traffic prior to allowing it to pass, or at the side-band, wherein it would monitor the API traffic without interrupting it. Should the experiment be successful, a new technique could be offered to Financial Institutions as a means of improving their internal data protection. This approach, by using RegTech solutions, can be characterized as a multi-level approach to security, giving FIs the capacity to spot potentially malicious activity more easily.

Source: https://medium.com/@notherArmchairEconomist/experiment-to-improve-security-for-apis-using-machine-learning-b9cdbd34f527?source=rss------fintech-5