banner

Blog

The Role of Artificial Intelligence and Machine Learning in Cybersecurity: Current Impact and Future Directions

  • picThursday October 19, 2023

Introduction

Artificial Intelligence (AI) and Machine Learning (ML) have emerged as game-changing technologies across various industries, from healthcare and education to transportation. In the digital age we live in today, where nearly every facet of our lives intersects with technology, the importance of cybersecurity cannot be overstated. This blog will explore how AI and ML revolutionise cybersecurity, from addressing evolving threats to providing advanced solutions for a safer digital realm.

The Evolving Cyber Threat Landscape

Before delving into AI and ML’s role in cybersecurity, it is crucial to understand the evolving cyber threat landscape. Cyberattacks have become more sophisticated, frequent, and damaging than ever before. These attacks can take various forms, including:

  1. Malware: Malicious software such as viruses, worms, and Trojans can infiltrate systems to steal data or cause damage.
  2. Phishing Attacks: Cybercriminals use deceptive emails or websites to trick individuals into revealing sensitive information like passwords and credit card numbers.
  3. Ransomware: This type of malware encrypts data and demands a ransom for decryption keys, crippling businesses and individuals.
  4. Distributed Denial of Service (DDoS) Attacks: Attackers flood a target system with traffic, overwhelming it and causing service disruptions.
  5. Zero-Day Vulnerabilities: Exploiting unknown security flaws in software before vendors patch them.

As the sophistication and frequency of these attacks continue to rise, traditional rule-based cybersecurity solutions need help to keep up. This is where AI and ML step in to revolutionise the cybersecurity landscape.

The Current Role of AI and ML in Cybersecurity

AI and ML have already made significant contributions to cybersecurity through various applications:

A. The Role of AI in Cybersecurity

Artificial Intelligence is the simulation of human intelligence processes by machines, especially computer systems. In cybersecurity, AI systems use algorithms and machine learning to analyse vast amounts of data, identify patterns, and make real-time decisions to detect and mitigate threats. Here are some ways AI contributes to cybersecurity:

1. Threat Detection and Prevention:
AI can enhance threat detection capabilities. Traditional cybersecurity measures often rely on the knowledge of known threats. This system means new, unknown threats (also known as zero-day threats) can slip through the cracks. AI-driven systems can be trained to identify and analyse vast amounts of data to identify patterns that indicate a cyber threat. AI-driven systems can continuously monitor network traffic, user behaviour, and system logs to identify abnormal patterns indicative of potential threats. These systems can recognise known malware signatures and anomalous activities, which may signify a new, previously unidentified threat. By automating threat detection, AI can significantly reduce the response time to potential breaches.

2. Advanced Malware Analysis:
AI algorithms can dissect and analyse malware samples more quickly and accurately than human experts. They can identify the characteristics and behaviour of malware, allowing for rapid development of countermeasures and better protection against emerging threats.

3. User Behaviour Analytics (UBA):
By analysing user behaviour and establishing a baseline for what is normal, AI can detect deviations that may signal insider threats or compromised accounts. UBA can identify unusual activities, such as unauthorised access attempts, data exfiltration, or abnormal data transfer patterns.

4. Phishing Detection:
AI-powered email security solutions can recognise suspicious emails and URLs, helping to block phishing attacks. They analyse email content, sender reputation, and recipient behaviour to identify phishing attempts, reducing the likelihood of users falling victim to these scams.

5. Predictive Analytics:
AI can forecast potential cybersecurity threats based on historical data and current trends. This proactive approach allows organisations to prepare for and mitigate emerging threats before they cause significant damage. These technologies can forecast potential vulnerabilities and help organisations prepare for attacks by analysing past incidents and identifying patterns. This methodology allows organisations to be proactive in their defence rather than just reacting to attacks.

6. Incident Response and Security Automation:
AI can help respond more quickly once a threat is detected. AI-driven security orchestration and automation platforms can respond to real-time security incidents. They can isolate compromised systems, update access controls, and trigger alerts to security teams, reducing the impact of attacks and minimising the time attackers have to operate within a network. It can automate various preventive tasks, such as blocking IP addresses and reducing the time it takes to contain a threat.

B. The Role of Machine Learning (ML) in Cybersecurity

Machine Learning is a subset of AI that focuses on developing algorithms to learn from and make predictions or decisions based on data. In cybersecurity, machine learning complements AI by providing the necessary tools for pattern recognition, anomaly detection, and predictive analysis. Here’s how machine learning contributes to cybersecurity:

1. Anomaly Detection
Machine learning models can identify anomalies in network traffic or user behaviour by learning what are normal and flag deviations. This helps in the early detection of intrusions or insider threats that may go unnoticed by rule-based systems.

2. Behavioural Analysis
Machine learning models can build behavioural profiles of users, devices, and applications. By continuously analysing these profiles, they can spot deviations from expected behaviour that may indicate a security breach.

3. Zero-Day Threat Detection
Machine learning algorithms can detect previously unknown threats by recognising patterns of activity that differ from the norm. This is crucial in identifying zero-day vulnerabilities before they can be exploited.

4. Natural Language Processing (NLP) for Text Analysis
NLP-powered machine learning models can scan and analyse text-based data sources like logs, social media, and forums to identify conversations or discussions about cyber threats or vulnerabilities. NLP helps monitor the underground hacker community and stay one step ahead of potential threats.

5. Predictive Analysis
Machine learning can analyse historical data to predict future cyber threats and trends. This proactive approach allows organisations to implement preventive measures and strengthen their security posture.

Addressing Challenges and Ensuring Ethical AI Use in Cybersecurity

While Artificial Intelligence (AI) and Machine Learning (ML) hold immense potential and significantly enhance cybersecurity, they have challenges and limitations. It’s important to be aware of these limitations to use these technologies effectively and to address potential vulnerabilities.

Challenges in AI and ML:

  1. Adversarial Attacks: Cybercriminals are becoming increasingly sophisticated in their attempts to deceive AI and ML systems using adversarial attacks. They manipulate input data to mislead AI and ML algorithms. These adversarial attacks can cause the algorithms to make incorrect decisions or overlook threats. AI systems must be regularly updated and retrained to mitigate adversarial attacks and recognise new attack patterns.
  2. Evasion Techniques: Cybercriminals continually devise new methods to manipulate AI models. They may craft malicious data to bypass AI-based security systems, rendering them ineffective.
  3. Data Privacy and Compliance: AI and ML in cybersecurity often involve the analysis of large datasets, including sensitive data, raising concerns about privacy and regulatory compliance. Protecting the confidentiality of data while using it for threat detection is a complex challenge.
  4. Data Breach Consequences: The potential damage can be significant if AI and ML systems are compromised. Attackers gaining access to a security AI system could use it to their advantage.
  5. Data Quality and Quantity: AI and ML models rely heavily on the quality and quantity of training data. If the training data is incomplete, biased, or not representative of real-world scenarios, the models may produce inaccurate results or fail to detect novel threats.
  6. Overfitting and Generalization: Machine learning models can suffer from overfitting, performing well on training data but poorly on new, unseen data. On the other hand, they can also struggle with generalisation, failing to adapt to new and evolving threats outside their training scope.
  7. False Positives and Negatives: Overreliance on AI and ML models may generate false positives, where legitimate activities are incorrectly flagged as threats, or false negatives, where actual threats are missed. High false positive rates can lead to alert fatigue among security professionals, while false negatives can result in security breaches.
  8. Explainability and Transparency: Many AI and ML models, especially deep learning models, are often considered “black boxes” because it can be challenging to understand how they arrive at their decisions. This lack of explainability can make it difficult to trust and troubleshoot these systems.
  9. Complexity and Costs: Implementing AI and ML solutions can be complex and costly. Many organisations may need more expertise and resources to do so effectively. Small and medium-sized enterprises (SMEs) with limited budgets and IT resources may need help implementing and maintaining AI-based security solutions effectively.
  10. Resource Intensity: Implementing AI and ML solutions can be resource-intensive. Organisations need sufficient computing power, storage, and expertise to effectively deploy and maintain these systems. The demand for AI and ML experts in cybersecurity often outpaces the supply, making it challenging for organisations to find and retain qualified personnel.
  11. Evolving Threat Landscape: The cyber threat landscape is constantly evolving, with attackers devising new techniques and strategies. AI and ML models may need help to keep up with rapidly changing attack vectors and tactics.
  12. Human Expertise: While AI and ML can enhance cybersecurity, they should not replace human expertise. Human security professionals are critical in interpreting results, making strategic decisions, and responding to unique and complex threats.
  13. Dependency on Training Data: Machine learning models rely on historical data for training. They may not perform well when facing threats or attack methods that are entirely new and have no historical data to learn from.
  14. Lack of Context: AI and ML models may need help accurately interpreting certain events or activities’ context. Understanding the intent behind actions can be challenging, leading to misclassifying benign actions as malicious.
  15. Resource Constraints: Smaller organisations may face challenges in implementing AI and ML solutions due to budget constraints, limited access to talent, or insufficient infrastructure.
  16. Maintenance and Updates: AI and ML models require continuous monitoring, maintenance, and updates to remain effective. Failure to do so can result in degraded performance and increased threat vulnerability.
  17. Overemphasis on AI and ML: While AI and ML can enhance cybersecurity, overreliance on these technologies can lead to several drawbacks:
      1. False Sense of Security: Organizations might assume that AI and ML can provide foolproof protection, leading to a false sense of security. This can result in neglecting other essential security measures, leaving vulnerabilities unaddressed.
      2. Neglecting Human Expertise: Human cybersecurity experts bring critical thinking, adaptability, and intuition to the table. Relying solely on AI and ML may lead to underutilising human expertise, which is crucial for assessing complex and novel threats.

Despite these limitations, AI and ML remain invaluable tools in the cybersecurity arsenal. By recognising these challenges and actively working to address them, organisations can harness the power of AI and ML to improve their security posture and defend against a wide range of cyber threats.

Balancing the benefits of AI and ML with these limitations and challenges is essential for a comprehensive and effective cybersecurity strategy. Organisations must integrate AI and ML as part of a broader security framework that includes human expertise, ongoing monitoring, and continuous adaptation to the evolving threat landscape.

What are the ethical implications of using AI for security purposes?

The use of AI in security has several ethical implications:

  1. Transparency: Users have the right to know if a security provider uses AI systems, how these systems make decisions, and for what purposes.
  2. Safety: Among the threats facing AI systems is the manipulation of input datasets to produce inappropriate decisions. Therefore, AI developers must prioritise resilience and security.
  3. Human Control: Although AI systems can operate autonomously, their results and performance should be constantly monitored by experts.
  4. Privacy Violations: The adoption of AI in cybersecurity raises concerns about potential privacy violations.
  5. Algorithmic Bias: AI systems can be biased based on the data they are trained on, which can lead to unfair outcomes.
  6. Job Displacement: The automation brought about by AI could lead to job displacement in the cybersecurity field.
  7. Responsibility, Equitability, Traceability, Reliability, and Governability: In February 2020, the Defense Department formally adopted these five principles of artificial intelligence ethics as a framework to design, develop, deploy and use AI in the military.
  8. Justice and Fairness: AI systems should be fair and not discriminate against any group. They should also promote justice.
  9. Non-maleficence: AI systems should not harm humans or humanity.

These ethical implications must be carefully considered and addressed to ensure the responsible use of AI in security.

Illustrating AI and ML Challenges with Real-World Examples.

  1. Adversarial Attacks:
    Example: In 2017, researchers at the University of California, Berkeley, experimented using adversarial attacks to fool a deep learning algorithm used in image recognition. By slightly modifying the pixels of a panda’s image, they made the algorithm misclassify it as a gibbon. This demonstrated how attackers could manipulate input data to evade AI-based security systems.
  2. Data Quality and Quantity:
    Example: If an AI-based intrusion detection system is trained primarily on data from a specific industry, such as finance, it may perform poorly when applied to a different industry, like healthcare. The lack of representative training data can lead to a system that fails to recognise industry-specific threats.
  3. False Positives and Negatives:
    Example: Imagine an AI-driven email security system that flags a legitimate email from a vendor as a phishing attempt due to some similarities in formatting. This results in a false positive and disrupts business communications. Conversely, if the system fails to detect a cleverly disguised phishing email, it leads to a false negative, posing a security risk.
  4. Explainability and Transparency:
    Example: Deep learning models, like convolutional neural networks (CNNs), are used in image-based threat detection. When a CNN identifies a threat in an image, it’s often challenging to understand why it reached that conclusion. This lack of explainability can make it difficult to trust the model’s decisions without additional context.
  5. Data Privacy and Compliance:
    Example: An organisation deploys an AI-based employee monitoring system to detect insider threats. While the system effectively identifies potential threats, it analyses employees’ communication logs, raising concerns about privacy and potentially violating data protection regulations like GDPR or HIPAA.
  6. Evolving Threat Landscape:
    Example: An AI-driven network security solution has been trained to detect known attack patterns. However, attackers exploit a sophisticated zero-day vulnerability, and the AI system, lacking historical data on this new threat, fails to identify the attack.
  7. Human Expertise:
    Example: An AI-based network intrusion detection system alerts a security team to a potential breach. Human expertise is required to investigate the alert further, assess the context, and determine whether it’s a genuine threat or a false positive. Without human judgment, the organisation could either overreact to benign events or miss real threats.
  8. Lack of Context:
    Example: An AI system monitoring employee behaviour detects an employee accessing sensitive company files late at night. Without context, the AI may flag this behaviour as suspicious. The employee might be working on a critical project with a tight deadline.
  9. Resource Constraints:
    Example: Small and medium-sized enterprises (SMEs) often have limited budgets and IT resources. Implementing and maintaining AI-based cybersecurity solutions may be challenging for SMEs due to resource constraints, leaving them more vulnerable to cyber threats.
  10. Maintenance and Updates:
    Example: An organisation deploys an AI-based threat detection system and assumes it will work indefinitely without updates. Over time, new attack methods and vulnerabilities emerge, but the system needs to be regularly updated or fine-tuned. As a result, it becomes less effective at detecting the latest threats.

Understanding these real-world examples highlights organisations’ complexities and challenges when integrating AI and ML into their cybersecurity strategies. While these technologies offer significant advantages, they should be used in conjunction with human expertise and with a clear understanding of their limitations and potential risks.

Examples of AI-Powered Cybersecurity Solutions

Here are some examples of how AI and ML cybersecurity solutions are transforming the industry:

  1. Darktrace: Darktrace uses AI to detect unusual behaviour within a network that could indicate a cyber threat. It learns what is normal for a network and can then identify anomalies that may indicate a cyber attack.
  2. Cylance: Cylance uses ML algorithms to predict, identify, and stop malware and advanced threats by analysing the DNA of files before they execute.
  3. Deep Instinct: Deep Instinct applies deep learning, a type of ML, to cybersecurity. It can predict and prevent any threat in real-time in any device, platform, or operating system.
  4. IBM Watson for Cyber Security: IBM Watson uses AI to analyse vast amounts of data from various sources to identify potential threats. It can understand, reason, and learn from security data and incidents.
  5. Cisco’s Encrypted Traffic Analytics (ETA): Cisco’s ETA uses ML to identify patterns and anomalies in encrypted traffic that could indicate malicious activity without decryption.
  6. Vectra AI: Vectra AI employs AI-powered threat detection and response to identify and mitigate cyber threats, providing real-time visibility into network behaviours and anomalies.
  7. ExtraHop: ExtraHop leverages ML-driven analytics to deliver real-time threat detection and response, helping organisations secure their digital assets and proactively defend against cyber threats.
  8. CrowdStrike: CrowdStrike offers cloud-native endpoint protection powered by AI and ML, providing organisations with advanced threat detection, real-time response, and threat intelligence to stop cyberattacks.
  9. Palo Alto Networks: Palo Alto Networks integrates AI and ML into its cybersecurity solutions, delivering next-generation firewall capabilities, advanced threat prevention, and secure cloud access to protect organisations from evolving cyber threats.
  10. Fortinet: Fortinet combines AI-driven cybersecurity with a broad range of security products, enabling organisations to defend against cyber threats across their networks, endpoints, and cloud environments with intelligent and automated security solutions.

These are just a few examples of how AI and ML are revolutionising the field of cybersecurity.

What are some examples of AI bias in cybersecurity?

AI bias in cybersecurity can lead to incorrect decisions and unfair outcomes. Here are some examples of AI bias in cybersecurity:

  1. Facial Recognition: Researchers at Microsoft found that due to the bias of some algorithms, Artificial Intelligence software running facial recognition can be wrong up to 38% of the time when determining whether a person is male or female.
  2. Job Success Prediction: AI software designed to predict whether a job seeker will be successful only had 56% accuracy.
  3. Access Control: A decision made by an AI system based on biased inputs could lead to false positives and block legitimate users from accessing company systems, resulting in lost productivity or customers.
  4. Microinequities in Consumer AI Products: Consumer AI products frequently contain microinequities that create user barriers based on gender, age, language, culture, and other factors.

These examples highlight the importance of addressing bias in AI systems used in cybersecurity.

How can we address the limitations of AI in cybersecurity?

Addressing the limitations of AI in cybersecurity involves a multi-faceted approach:

  1. Improving Data Quality: Ensuring the data used to train AI models is accurate, diverse, and representative can help improve the reliability of these models. This might involve using more comprehensive data sources or improving data collection and preprocessing techniques.
  2. Defending Against Adversarial Attacks: Techniques such as adversarial training, where the model is trained with adversarial examples, can help improve the model’s robustness against adversarial attacks.
  3. Increasing Explainability: Developing and using explainable AI techniques can help make AI decisions more transparent. This might involve using simpler models that are easier to understand or developing methods to interpret complex models.
  4. Balancing Automation with Human Oversight: While automation can improve efficiency, it’s important to maintain human oversight. This might involve developing systems that work in partnership with human analysts rather than replacing them.
  5. Addressing Privacy Concerns: Implementing strong data privacy and security measures can help address privacy concerns. This might involve anonymising data, implementing strong access controls, or using privacy-preserving machine learning techniques.
  6. Optimising Resource Use: Using more efficient algorithms or hardware can help reduce the computational resources required to train and use AI models.

Remember, addressing these limitations is not a one-time task but requires ongoing effort as technology and threats evolve.

What are some examples of cybersecurity attacks prevented by AI?

AI has been instrumental in preventing various types of cybersecurity attacks. Here are some examples:

  1. Preventing Brute-Force Attacks and Credential Stuffing: AI tools like CAPTCHA, facial recognition, and fingerprint scanners can automatically detect whether a login attempt is genuine, helping to prevent cybercrime tactics like brute-force attacks and credential stuffing.
  2. Detecting Unsafe Correspondence: AI can leverage deep learning to detect unsafe correspondence, such as emails with hidden content or messages with freshly created domains.
  3. Surfacing Anomalies: Deep learning models can track patterns in data and detect anomalies. For example, they can monitor email send frequency or insider threats.
  4. Analysing Mobile Endpoints: AI is being used to analyse mobile endpoints, which are increasingly becoming the target of cyber-attacks. For example, AI can detect if a device has been rooted or jailbroken, which could indicate that it has been compromised.
  5. Vulnerability Management: Organizations often struggle to manage and prioritise the many new vulnerabilities they encounter daily. AI and machine learning techniques can improve the vulnerability management capabilities of vulnerability databases.

These examples highlight how AI transforms cybersecurity by enhancing threat detection capabilities, automating processes, and providing predictive capabilities.

The Future of AI and ML in Cybersecurity

As technology evolves, so will AI and ML’s role in cybersecurity. The use of AI and ML in cybersecurity is still in its early stages, but the potential is enormous. Here are a few directions we could see in the future:

  1. Enhanced AI and ML Models: As AI and ML models become more sophisticated, they will better detect and prevent cyber threats. Improved accuracy and reduced false positives will make these technologies more reliable and efficient.
  2. Quantum Computing for Encryption: Quantum computing poses both a threat and an opportunity for cybersecurity. On one hand, quantum computers could break current encryption methods, rendering them obsolete. On the other hand, AI and ML can play a crucial role in developing post-quantum encryption techniques that are resistant to quantum attacks.
  3. Autonomous Security Operations: In the future, we may see fully autonomous security operations centres (SOCs) where AI systems detect and respond to threats and learn from each incident to improve future responses.
  4. Advanced Threat Hunting: AI could proactively hunt for threats in an organisation’s network. This would involve searching for indicators of compromise that have not yet triggered any alarms.
  5. Proactive Defence: In the future, AI may be used to defend against cyber threats proactively. Instead of simply responding to threats once they’ve occurred, AI could potentially identify vulnerabilities in a system and take steps to secure them before an attack occurs.
  6. Improved Threat Intelligence: As AI and ML algorithms become more sophisticated, their ability to detect threats will improve. We may see these technologies used to gather threat intelligence – information about potential or existing cyber threats – more effectively.
  7. Adversarial AI: Just as defenders can use AI, so too can attackers. We may see increased attacks using AI to find vulnerabilities or create more effective phishing emails.
  8. Explainable AI (XAI): As AI systems become more complex, understanding their decision-making process becomes more important. Future developments may focus on making AI decisions more transparent and understandable for human analysts. There is a growing focus on developing explainable AI models in cybersecurity to address trust and transparency in AI and ML. These models provide insights into how they make decisions, making it easier for security professionals to understand and trust their recommendations.
  9. Integration with Other Technologies: AI and ML could also be integrated with other emerging technologies to enhance cybersecurity. For example, blockchain technology could be used with AI to create more secure systems.
  10. AI for Cybersecurity Training: AI-powered cybersecurity training platforms can simulate realistic cyber threats and attacks, providing hands-on experience for security professionals to improve their skills and readiness.

Conclusion

The role of AI and ML in cybersecurity is significant and will continue to grow in the future. While they offer many benefits, it’s important to remember that they are tools that must be used correctly. As with any technology, the key to successful implementation is understanding its capabilities and limitations. Cybersecurity professionals must adapt to this changing landscape, leveraging AI and ML to enhance security and drive innovation.

References for research and study:
  • Kaspersky calls for ethical use of AI in cybersecurity – https://www.kaspersky.com/blog/ethical-ai-usage-in-cybersecurity/49184/
  • Principles of artificial intelligence ethics for the intelligence community – https://www.dni.gov/index.php/newsroom/reports-publications/reports-publications-2020/3634-principles-of-artificial-intelligence-ethics-for-the-intelligence-community-1692377385
  • The Ethics of AI: How Can We Ensure its Responsible Use? – https://becominghuman.ai/the-ethics-of-ai-how-can-we-ensure-its-responsible-use-35ac3cf76ae5
  • Artificial Intelligence(AI) in Cybersecurity: Future and Real Examples – https://www.pixelcrayons.com/blog/artificial-intelligence-in-cyber-security-future-and-real-examples/
  • Why Is Artificial Intelligence (AI) Important In Cybersecurity? – https://www.fortinet.com/resources/cyberglossary/artificial-intelligence-in-cybersecurity
  • AI Applications in Cybersecurity with Real-Life Examples – https://www.altexsoft.com/blog/ai-cybersecurity/

1 thought on “The Role of Artificial Intelligence and Machine Learning in Cybersecurity: Current Impact and Future Directions”

  1. Susmita

    It’s indeed a great read about the current impact of AI & ML on cybersecurity and its future role.

    Inside Traffic, what are some examples of privacy-preserving machine learning techniques?

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

Latest Posts

Blockchain and Cybersecurity: How Blockchain Technology is Shaping the Future of Security
Cybersecurity Challenges in the Era of IoT: Protecting a Connected World
Cybersecurity for Startups: Key Considerations and Best Practices
The Importance of Regular Cybersecurity Audits: What to Look for and How to Prepare
The Future is Passwordless: Navigating Beyond Traditional Security
Zero Trust Architecture: A Comprehensive Guide for Modern Cybersecurity
Social Engineering Attacks: Real-World Examples and How to Protect Yourself
Cybersecurity on a Budget: Affordable Tools and Strategies for Small Businesses
Cybersecurity Challenges in the Era of IoT: Protecting a Connected World
Top Cybersecurity Threats of 2024 and How to Defend Against Them

Popular Posts

Beware of Phishing Emails Masquerading as Salesforce to Target Facebook Page Owners
The Do’s and Don’ts: A Guide for Students and Kids to Stay Safe Online – Part I
15 freeware tools from the NirSoft package for endpoint or network monitoring
Role of Device Fingerprinting in Cyber Security – A Brief Overview
The Role of Artificial Intelligence and Machine Learning in Cybersecurity: Current Impact and Future Directions
Navigating the Digital World: A Parent’s Guide to Cybersecurity and Internet Safety for Kids
Cybersecurity Best Practices for Remote Workers
File Integrity Monitoring (FIM)
How to Shield Yourself from Holiday Scams: A Quick Security Checklist
From Detection to Action: Orchestrating an Effective Incident Response with EDR, NDR, and XDR

Tags

Tags

Scroll to Top