via UT Dallas
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.
The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.
UT Dallas researchers presented a paper on their work, “Improving Intrusion Detectors by Crook-Sourcing,” at the annual Computer Security Applications Conference in December in Puerto Rico. They presented another paper, “Automating Cyberdeception Evaluation with Deep Learning,” in January at the Hawaii International Conference of System Sciences.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
There are criminals trying to attack our networks all the time, and normally we view that as a negative thing. Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like.”
Dr. Kevin Hamlen, Eugene McDermott Professor of computer science
The approach aims to solve a major challenge to using artificial intelligence for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, said Gbadebo Ayoade MS’14, PhD’19, who presented the findings at the recent conferences.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade, now a data scientist at Procter & Gamble Co. “We’re using deception to get better data.”
Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, Hamlen said. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation. The decoy site looks legitimate to intruders, said Dr. Latifur Khan, professor of computer science at UT Dallas.
“Attackers will feel they’re successful,” Khan said.
Governmental agencies, businesses, nonprofits and individuals face a constant threat from cyberattacks, which cost the U.S. economy more than $57 billion in 2016, according to a report to the White House from the Council of Economic Advisers.
As hackers’ tactics change, DEEP-Dig could help cybersecurity defense systems keep up with their new tricks.
“It’s an endless game,” Khan said.
While DEEP-Dig aims to outsmart hackers, is it possible that hackers could have the last laugh if they realize they have entered a decoy site and try to deceive the program?
Maybe, Hamlen said. But that possibility does not worry him.
“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defense system just learns how hackers try to hide their tracks,” Hamlen said. “It’s an all-win situation — for us, that is.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- Humble cybersecurity expert warns against threats to online medical records
Cybersecurity expert David Finn, vice president of the College of Healthcare Information Management Executives (CHIME), is warning against sharing so much personal information onl ...
- ISASecure Announces Site Assessment Program for OT Cybersecurity
The first-of-its-kind program aims to demonstrate operating site compliance with the international standard ISA/IEC 62443.
- The 7 Best Cybersecurity Stocks to Buy for February 2023
There is no better time than now to invest in some of the best cybersecurity stocks. We’re all increasingly vulnerable to cyberattacks – from small businesses to large corporations, schools, hospitals ...
- Industrial Cybersecurity Innovator Opscura Receives $9.4M in Series A Funding as Critical Operations Transform
Opscura Inc., an innovator in industrial control system (ICS) cybersecurity, announced today it has received $9.4M in Series A funding as it scales to engage further U.S. partners and customers ...
- TechCrunch+ roundup: Generative AI for proptech, cloud vendor shopping, cybersecurity fairy tales
Generative AI reminds me of ball bearings: the technology is relatively inexpensive, highly adaptable and a proven way to reduce friction. TechCrunch+ roundup: Generative AI for proptech, cloud vendor ...
Go deeper with Google Headlines on:
[google_news title=”” keyword=”cybersecurity” num_posts=”5″ blurb_length=”0″ show_thumb=”left”]
Go deeper with Bing News on:
- The Last of Us fans warned of scam cyberattacks
Hackers are always tapping into the latest trends in hopes of stealing data and money, and with the craze surrounding The Last of Us, it’s no different.The Last of Us is HBO’s TV adaptation of the ...
- Riot prepares your team against highly sophisticated cyberattacks
French startup Riot has raised a $12 million Series A round to iterate on its all-in-one cybersecurity awareness platform for businesses and their employees. While it is still quite difficult to raise ...
- Outlook on the Cyber Security Consulting Services Global Market to 2027 - Growth in the Number of Cyberattacks is Expected to Drive Growth
Cyber Security Consulting Services Market Cyber Security Consulting Services Market Dublin, Feb. 07, 2023 (GLOBE NEWSWIRE) -- The "Cyber Security Consulting Services Market - Forecasts from 2022 to ...
- Financial Institutions Are Suffering From Increasingly Sophisticated Cyberattacks, According to Contrast Security
Authored by Contrast's Senior Vice President of Cyber Strategy Tom Kellermann, the report is a warning to global financial institutions (FIs) that security must be a top-of-mind issue amid rising ...
- NETSCOUT Arbor Cloud Expands Global Network and Capabilities to Help Customers Quickly Mitigate DDoS Cyberattacks
WESTFORD, Mass., February 07, 2023--NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT), a leading provider of performance management, cybersecurity, and DDoS protection solutions, today announced that it has ...
Go deeper with Google Headlines on:
[google_news title=”” keyword=”cyberattacks” num_posts=”5″ blurb_length=”0″ show_thumb=”left”]