via UT Dallas
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.
The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.
UT Dallas researchers presented a paper on their work, “Improving Intrusion Detectors by Crook-Sourcing,” at the annual Computer Security Applications Conference in December in Puerto Rico. They presented another paper, “Automating Cyberdeception Evaluation with Deep Learning,” in January at the Hawaii International Conference of System Sciences.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
There are criminals trying to attack our networks all the time, and normally we view that as a negative thing. Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like.”
Dr. Kevin Hamlen, Eugene McDermott Professor of computer science
The approach aims to solve a major challenge to using artificial intelligence for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, said Gbadebo Ayoade MS’14, PhD’19, who presented the findings at the recent conferences.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade, now a data scientist at Procter & Gamble Co. “We’re using deception to get better data.”
Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, Hamlen said. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation. The decoy site looks legitimate to intruders, said Dr. Latifur Khan, professor of computer science at UT Dallas.
“Attackers will feel they’re successful,” Khan said.
Governmental agencies, businesses, nonprofits and individuals face a constant threat from cyberattacks, which cost the U.S. economy more than $57 billion in 2016, according to a report to the White House from the Council of Economic Advisers.
As hackers’ tactics change, DEEP-Dig could help cybersecurity defense systems keep up with their new tricks.
“It’s an endless game,” Khan said.
While DEEP-Dig aims to outsmart hackers, is it possible that hackers could have the last laugh if they realize they have entered a decoy site and try to deceive the program?
Maybe, Hamlen said. But that possibility does not worry him.
“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defense system just learns how hackers try to hide their tracks,” Hamlen said. “It’s an all-win situation — for us, that is.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- How To Manage Your Social Media Footprint In A Cybersecurity Careeron November 20, 2020 at 4:40 am
The cybersecurity field is highly competitive, and your profiles tell a story about you. Make sure you control the story.
- The Cybersecurity 202: Conspiracy theories are all that’s left in Trump’s effort to overturn the electionon November 20, 2020 at 4:18 am
The Trump campaign’s latest effort to overturn the election results pits the allure of conspiracy theories against years of efforts to create the most secure and auditable election in U.S. history.
- Why Companies Should Outsource Cybersecurity During COVID and Beyondon November 19, 2020 at 11:04 pm
That’s why many enterprises today use–or are considering engaging with–managed detection and response (MDR) providers.
- Making a career in cybersecurity more than just a jobon November 19, 2020 at 9:00 pm
Many veterans have significant technical training and experience, ready to be hands-on and commit themselves to new roles. Yet, they are all too often an untapped talent pipeline.
- Trump Fires Top U.S. Cybersecurity Officialon November 19, 2020 at 2:45 pm
Anita Kumar, White House Correspondent and Associate Editor at Politico, joins 'Cheddar Politics' to discuss what the President's firing of Christopher Krebs means for his remaining days in the office ...
Go deeper with Google Headlines on:
Go deeper with Bing News on:
- Peters criticizes Trump for not taking action after cyberattacks on hospitals, COVID-19 researcherson November 20, 2020 at 12:06 pm
Sen. Gary Peters (D-Mich.) on Friday slammed President Trump for not taking action to defend the health sector against increasing cyberattacks during the COVID-19 pandemic.
- How Cyberattacks Workon November 20, 2020 at 7:14 am
Cyberattacks are run like military attacks, in four main phases: reconnaissance, attack, exfiltration, and maintaining position. Understanding this makes fighting back easier.
- State-sponsored cyberattacks one of the biggest threats in 2021: Reporton November 20, 2020 at 6:23 am
Cybersecurity experts are increasingly concerned about nation-state sponsored cyberattacks according to the 2020 CrowdStrike Global Security Attitude Survey, produced by independent research firm ...
- From fake contact tracing apps to attacks on vaccine makers, COVID-19 will define cyberattacks in 2021, experts say. Here's how businesses can prepare.on November 19, 2020 at 10:20 am
Kaspersky researchers told Business Insider that they predict that attackers will likely continue to use the pandemic to sow chaos for profit in 2021.
- Cybercriminals Batter Automakers With Ransomware, IP Theft Cyberattackson November 19, 2020 at 5:00 am
While the industry focus is on vehicle hacking, when it comes to the automotive industry cybercriminals are opting for less complex and sophisticated attacks – from phishing to ransomware.