via UT Dallas
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.
The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.
UT Dallas researchers presented a paper on their work, “Improving Intrusion Detectors by Crook-Sourcing,” at the annual Computer Security Applications Conference in December in Puerto Rico. They presented another paper, “Automating Cyberdeception Evaluation with Deep Learning,” in January at the Hawaii International Conference of System Sciences.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
There are criminals trying to attack our networks all the time, and normally we view that as a negative thing. Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like.”
Dr. Kevin Hamlen, Eugene McDermott Professor of computer science
The approach aims to solve a major challenge to using artificial intelligence for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, said Gbadebo Ayoade MS’14, PhD’19, who presented the findings at the recent conferences.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade, now a data scientist at Procter & Gamble Co. “We’re using deception to get better data.”
Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, Hamlen said. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation. The decoy site looks legitimate to intruders, said Dr. Latifur Khan, professor of computer science at UT Dallas.
“Attackers will feel they’re successful,” Khan said.
Governmental agencies, businesses, nonprofits and individuals face a constant threat from cyberattacks, which cost the U.S. economy more than $57 billion in 2016, according to a report to the White House from the Council of Economic Advisers.
As hackers’ tactics change, DEEP-Dig could help cybersecurity defense systems keep up with their new tricks.
“It’s an endless game,” Khan said.
While DEEP-Dig aims to outsmart hackers, is it possible that hackers could have the last laugh if they realize they have entered a decoy site and try to deceive the program?
Maybe, Hamlen said. But that possibility does not worry him.
“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defense system just learns how hackers try to hide their tracks,” Hamlen said. “It’s an all-win situation — for us, that is.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- Are Women Better At Cybersecurity Than Men? What A Study Showed About Password Security And Moreon May 10, 2020 at 4:25 am
Women are better at cybersecurity than men, more likely to create unique passwords to protect themselves online and more concerned about the potential harm from hacking, according ...
- Health Check: How Prudently Does Crossword Cybersecurity (LON:CCS) Use Debt?on May 10, 2020 at 1:27 am
Warren Buffett famously said, 'Volatility is far from synonymous with risk.' When we think about how risky a company is, we always like to look at its use of debt, since debt overload can lead to ruin ...
- The impact of COVID-19 on cybersecurityon May 9, 2020 at 11:36 pm
The COVID-19 outbreak has threatened to overload IT systems and the global economy. It's also having a powerful impact on the security of businesses and individuals alike. Analyst Myke Lyons explains ...
- E-book on cybersecurity amid Covid for downloadon May 9, 2020 at 9:02 am
Cybercrime is a bigger threat than before in the coronavirus disease 2019 (Covid-19) era, with more businesses suffering attacks and malicious cybercriminals taking advantage of the confusion, ...
- Companies Struggle for Effective Cybersecurityon May 8, 2020 at 2:05 pm
The money companies are spending on cybersecurity tools doesn't necessarily result in better security, a new survey shows.
Go deeper with Google Headlines on:
Go deeper with Bing News on:
- U.S. to Accuse China of Trying to Hack Vaccine Data, as Virus Redirects Cyberattackson May 10, 2020 at 5:11 pm
Iran and other nations are also looking to steal data and exploit the pandemic with attacks on infrastructure, officials say.
- An Unlikely Partner to Counter Cyberattackson May 10, 2020 at 6:00 am
To combat increasing ransomware attacks on U.S. cities, the National Guard needs help from Cybersecurity and Infrastructure Security Agency.
- How to combat cyberattacks that exploit Microsoft's Remote Desktop Protocolon May 7, 2020 at 7:36 am
Hackers who gain access to a remote system can launch malware, spread spam, and perform identity theft, according to McAfee.
- Jump in vulnerable RDP ports is leaving networks open to hacking and cyberattackson May 7, 2020 at 4:02 am
Analysis suggests there's been a huge rise in insecure internet-facing RDP ports just waiting for cyber criminals to exploit - but you can protect your employees by doing these things.
- U.S., U.K. officials warn of cyberattacks on hospitalson May 6, 2020 at 4:07 am
Two U.S. officials told NBC News that coronavirus patient information, as well as vaccine research, is sought after by hackers, including those working for China. Julia Ainsley discusses.