via UT Dallas
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.
The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.
UT Dallas researchers presented a paper on their work, “Improving Intrusion Detectors by Crook-Sourcing,” at the annual Computer Security Applications Conference in December in Puerto Rico. They presented another paper, “Automating Cyberdeception Evaluation with Deep Learning,” in January at the Hawaii International Conference of System Sciences.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
There are criminals trying to attack our networks all the time, and normally we view that as a negative thing. Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like.”
Dr. Kevin Hamlen, Eugene McDermott Professor of computer science
The approach aims to solve a major challenge to using artificial intelligence for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, said Gbadebo Ayoade MS’14, PhD’19, who presented the findings at the recent conferences.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade, now a data scientist at Procter & Gamble Co. “We’re using deception to get better data.”
Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, Hamlen said. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation. The decoy site looks legitimate to intruders, said Dr. Latifur Khan, professor of computer science at UT Dallas.
“Attackers will feel they’re successful,” Khan said.
Governmental agencies, businesses, nonprofits and individuals face a constant threat from cyberattacks, which cost the U.S. economy more than $57 billion in 2016, according to a report to the White House from the Council of Economic Advisers.
As hackers’ tactics change, DEEP-Dig could help cybersecurity defense systems keep up with their new tricks.
“It’s an endless game,” Khan said.
While DEEP-Dig aims to outsmart hackers, is it possible that hackers could have the last laugh if they realize they have entered a decoy site and try to deceive the program?
Maybe, Hamlen said. But that possibility does not worry him.
“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defense system just learns how hackers try to hide their tracks,” Hamlen said. “It’s an all-win situation — for us, that is.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- Cloudflare CEO: The future of democracy depends on cybersecurityon October 6, 2020 at 5:24 pm
Cloudflare CEO Matthew Prince discusses the cloud security firm's work with states and politicians on both sides of the aisle to thwart cyber attacks and help facilitate free elections.
- How to boost the effectiveness of your cybersecurity operationson October 6, 2020 at 9:52 am
If your organization follows the usual cybersecurity guidelines, you probably have a range of security products designed to protect your data, network, and other assets. Yet as we hear about one ...
- Raymond James Very Positive on 3 Cybersecurity Software Stocks Into Earningson October 6, 2020 at 9:09 am
While the whirlwind around the top cybersecurity stocks has slowed dramatically from five and six years ago, the need in corporate America increases every year. These top stocks offer investors solid ...
- Cybersecurity creator John McAfee arrested for tax evasionon October 6, 2020 at 8:15 am
John McAfee, founder of the anti-virus software company, has been arrested in Spain and is awaiting extradition back to the United States on charges of tax evasion and willful failure to file tax ...
- The Cybersecurity 202: Trump casts doubt on election integrity even from the hospitalon October 6, 2020 at 4:52 am
Before he was even released from the hospital yesterday, President Trump was back to attacking the integrity of November’s election, inviting supporters in a tweet to be “Trump Election Poll Watcher ...
Go deeper with Google Headlines on:
Go deeper with Bing News on:
- Global Businesses Hit by Cyberattacks and Challenges to Scaling Endpoint Security during COVID-19, finds Asavie Global CXO Study into Future of the Office Anywhereon October 6, 2020 at 9:01 pm
Asavie, a leader in secure Enterprise Mobility and IoT services, today announced the findings from a recently conducted Global CXO Study: The Future o ...
- DHS CISA Warns of Resurgence of Emotet Trojan Malware Cyberattackson October 6, 2020 at 11:52 am
The threat actors behind the notorious Emotet trojan malware variant have resumed their sophisticated, targeted cyberattacks. Its worm-like nature makes the virus tough to defend against and detect.
- The COVID-19 Pandemic Has Become a Catalyst for Cyberattackson October 6, 2020 at 8:30 am
While their viewpoints were varied, as would be expected, Helen Yu (@YuHelenYu), a C-Level Tech Executive, spoke for many when she said, “The COVID-19 pandemic has become a catalyst for cyberattacks.” ...
- Law firms in Asia at High Risk of Cyberattackson October 6, 2020 at 6:20 am
More lax regulatory regimes and an overall lack of cybersecurity risk awareness made firms based in the region more vulnerable to hacking.
- Telefónica Expands ‘Conexión Segura’ Security-as-a-Service Solution Powered by Allot to Protect Spanish SMBs from Cyberattackson October 5, 2020 at 2:22 am
Spanish telecom provider expands network-based cybersecurity service that provides recurring revenue and high double-digit service adoption rate. Hod Hasharon, Israel, Oct. 05, 2020 (GLOBE NEWSWIRE) - ...