via UT Dallas
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.
The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.
UT Dallas researchers presented a paper on their work, “Improving Intrusion Detectors by Crook-Sourcing,” at the annual Computer Security Applications Conference in December in Puerto Rico. They presented another paper, “Automating Cyberdeception Evaluation with Deep Learning,” in January at the Hawaii International Conference of System Sciences.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
There are criminals trying to attack our networks all the time, and normally we view that as a negative thing. Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like.”
Dr. Kevin Hamlen, Eugene McDermott Professor of computer science
The approach aims to solve a major challenge to using artificial intelligence for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, said Gbadebo Ayoade MS’14, PhD’19, who presented the findings at the recent conferences.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade, now a data scientist at Procter & Gamble Co. “We’re using deception to get better data.”
Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, Hamlen said. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation. The decoy site looks legitimate to intruders, said Dr. Latifur Khan, professor of computer science at UT Dallas.
“Attackers will feel they’re successful,” Khan said.
Governmental agencies, businesses, nonprofits and individuals face a constant threat from cyberattacks, which cost the U.S. economy more than $57 billion in 2016, according to a report to the White House from the Council of Economic Advisers.
As hackers’ tactics change, DEEP-Dig could help cybersecurity defense systems keep up with their new tricks.
“It’s an endless game,” Khan said.
While DEEP-Dig aims to outsmart hackers, is it possible that hackers could have the last laugh if they realize they have entered a decoy site and try to deceive the program?
Maybe, Hamlen said. But that possibility does not worry him.
“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defense system just learns how hackers try to hide their tracks,” Hamlen said. “It’s an all-win situation — for us, that is.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- Cybersecurity firm Cyvatar set up by Fareham entrepreneur revolutionises industry and pulls in more than $12m in funding in just eight monthson August 23, 2021 at 5:42 am
A TECH company is revolutionising the cybersecurity industry by offering monthly subscriptions – and it says protecting your business is as easy as signing up to Netflix.
- Singapore, US pledge deeper collaboration in cybersecurityon August 23, 2021 at 3:21 am
Both countries sign Memorandums of Understanding to deepen their collaboration in cybersecurity across several areas, including defence, financial, and research and development.
- Demand for Telos cybersecurity tools offsetting federal contract delayson August 23, 2021 at 2:00 am
Telos executives aren't revising their revenue guidance for FY 2021 despite delays on two major contracts. The growth behind a pair of its cybersecurity tools may be the reason why.
- GlobalData predicts future cybersecurity unicornson August 22, 2021 at 11:25 pm
Apoorva Bajaj, Practice Head of Financial Markets at GlobalData, says: 'As we are entering the Code War era, where every digital device, no matter how small, can be 'weaponized' and cyberattacks are ...
- UAH College of Business opens new cybersecurity labon August 22, 2021 at 6:40 pm
The University of Alabama in Huntsville’s (UAH) newest cybersecurity lab is open, just in time for the fall semester.
Go deeper with Google Headlines on:
Go deeper with Bing News on:
- NanoVMs Has Innovative Technology That Protects The World From Cyberattackson August 23, 2021 at 4:48 am
Recent cyber attacks are so successful because the current technology underpinning cloud platforms is outdated and leaving the world vulnerable. It needs to be replaced.
- How can education sector defend cyberattacks on academic institutions?on August 23, 2021 at 1:59 am
Hackers are increasing attack frequency and are launching smaller, more complex attacks that are harder to detect.
- Schools, colleges brace for cyberattacks as students returnon August 22, 2021 at 5:00 am
Hackers are ready to pounce on schools and universities as they attempt to restart classes 18 months into the coronavirus pandemic while already dealing with controversial subjects such as mask ...
- What the DOJ’s Involvement in Cyberattacks Means for the Future of Ransomwareon August 19, 2021 at 10:42 am
As businesses transitioned to remote work amid the COVID-19 pandemic, ransomware attacks became a key issue that business leaders were forced to increasingly prioritize. With ransomware attacks ...
- Education and research sector hit by highest number of cyberattacks in Julyon August 18, 2021 at 7:01 am
Facilities in the sector saw an average of 1,739 attacks per organization each week last month, according to Check Point Research.