via UT Dallas
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.
The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.
UT Dallas researchers presented a paper on their work, “Improving Intrusion Detectors by Crook-Sourcing,” at the annual Computer Security Applications Conference in December in Puerto Rico. They presented another paper, “Automating Cyberdeception Evaluation with Deep Learning,” in January at the Hawaii International Conference of System Sciences.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
There are criminals trying to attack our networks all the time, and normally we view that as a negative thing. Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like.”
Dr. Kevin Hamlen, Eugene McDermott Professor of computer science
The approach aims to solve a major challenge to using artificial intelligence for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, said Gbadebo Ayoade MS’14, PhD’19, who presented the findings at the recent conferences.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade, now a data scientist at Procter & Gamble Co. “We’re using deception to get better data.”
Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, Hamlen said. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation. The decoy site looks legitimate to intruders, said Dr. Latifur Khan, professor of computer science at UT Dallas.
“Attackers will feel they’re successful,” Khan said.
Governmental agencies, businesses, nonprofits and individuals face a constant threat from cyberattacks, which cost the U.S. economy more than $57 billion in 2016, according to a report to the White House from the Council of Economic Advisers.
As hackers’ tactics change, DEEP-Dig could help cybersecurity defense systems keep up with their new tricks.
“It’s an endless game,” Khan said.
While DEEP-Dig aims to outsmart hackers, is it possible that hackers could have the last laugh if they realize they have entered a decoy site and try to deceive the program?
Maybe, Hamlen said. But that possibility does not worry him.
“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defense system just learns how hackers try to hide their tracks,” Hamlen said. “It’s an all-win situation — for us, that is.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- Why Generative AI Threatens Hospital Cybersecurity — and How Digital Identity Can Be One of Its Greatest Defenses
A survey we conducted found that more than half of healthcare IT leaders report that their organization has faced a cybersecurity incident in 2021. Hospitals face legal, ethical, financial, and ...
- Why AI skills are the future of cybersecurity
Versa Network’s AI director Sridhar Iyer discusses cybersecurity in the age of AI and the skills required to handle future cyberthreats. Despite the escalating importance of cybersecurity, a dangerous ...
- Palo Alto Networks reaches a big milestone, and it's Jim Cramer's top cybersecurity stock
CNBC’s Jim Cramer on Thursday named Palo Alto Networks (PANW) his top cybersecurity stock pick after the company became the first in its group to reach a $100 billion market cap. “The winner and new ...
- 58% of companies in Saudi Arabia plan to outsource cybersecurity
Among measures to strengthen cybersecurity, overall up to 58% of respondents claimed that their companies plan to invest in different forms of outsourcing cybersecurity in the next 12 to 18 months ...
- Unlocking Tomorrow’s Cybersecurity: A Sneak Peek into ReadySetCyber
In the fast-paced world of cybersecurity, staying ahead of threats is essential. And while security is without a doubt a priority for businesses of all sizes, it is easy to feel overwhelmed by all the ...
Go deeper with Google Headlines on:
[google_news title=”” keyword=”cybersecurity” num_posts=”5″ blurb_length=”0″ show_thumb=”left”]
Go deeper with Bing News on:
- How to guard against rising cyberattacks on individual users
In today's digital world, hacker attacks are becoming a daily occurrence. These attacks occur on various scales and are not just confined to large corporations. Individual computer users frequently ...
- DICT: Cyberattacks to intensify in 2024
CYBERATTACKS will become more frequent and more severe next year, Department of Information and Communications Technology (DICT) Secretary Ivan John Uy warned on Thursday. Speaking during The Manila ...
- Google Says Cyberattacks On Taiwan Intensified
According to Google cybersecurity experts, there has been a ‘massive increase’ over the past six months in Government-sponsored attacks by China aimed at the Taiwanese government and its industries.
- China on the offensive, is ramping up cyberattacks against Taiwan, warns Google
Google's threat analysis division has noted a 'massive increase' in Chinese-sponsored hacking campaigns targeting Taiwan in the last 6 months, with hackers adopting new, intricate and innovative tacti ...
- Reducing cyberattacks on Canadian health systems
Preventing cyberattacks involves navigating trade-offs between keeping workflows efficient and reducing risk amid threats that are growing in frequency, severity and sophistication.” Cyberattacks ...
Go deeper with Google Headlines on:
[google_news title=”” keyword=”cyberattacks” num_posts=”5″ blurb_length=”0″ show_thumb=”left”]