via UT Dallas
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.
The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.
UT Dallas researchers presented a paper on their work, “Improving Intrusion Detectors by Crook-Sourcing,” at the annual Computer Security Applications Conference in December in Puerto Rico. They presented another paper, “Automating Cyberdeception Evaluation with Deep Learning,” in January at the Hawaii International Conference of System Sciences.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
There are criminals trying to attack our networks all the time, and normally we view that as a negative thing. Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like.”
Dr. Kevin Hamlen, Eugene McDermott Professor of computer science
The approach aims to solve a major challenge to using artificial intelligence for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, said Gbadebo Ayoade MS’14, PhD’19, who presented the findings at the recent conferences.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade, now a data scientist at Procter & Gamble Co. “We’re using deception to get better data.”
Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, Hamlen said. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation. The decoy site looks legitimate to intruders, said Dr. Latifur Khan, professor of computer science at UT Dallas.
“Attackers will feel they’re successful,” Khan said.
Governmental agencies, businesses, nonprofits and individuals face a constant threat from cyberattacks, which cost the U.S. economy more than $57 billion in 2016, according to a report to the White House from the Council of Economic Advisers.
As hackers’ tactics change, DEEP-Dig could help cybersecurity defense systems keep up with their new tricks.
“It’s an endless game,” Khan said.
While DEEP-Dig aims to outsmart hackers, is it possible that hackers could have the last laugh if they realize they have entered a decoy site and try to deceive the program?
Maybe, Hamlen said. But that possibility does not worry him.
“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defense system just learns how hackers try to hide their tracks,” Hamlen said. “It’s an all-win situation — for us, that is.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
Cybersecurity
- Cybersecurity SOC As A Service Scalable Affordable Business Protection Launchedon March 5, 2021 at 11:01 pm
SubRosa has updated its SOC as a service cybersecurity solution to help businesses implement a remote team to monitor their systems to reduce expenses without compromising on security.Hudson, United ...
- Okta CEO defends move to acquire rival cybersecurity firm Auth0on March 5, 2021 at 10:28 pm
Okta CEO Todd McKinnon explained why the identity and access management company dished out $6.5 billion for Auth0, an identity management platform for app developers.
- CEOs on Okta's $6.5 billion deal for rival cybersecurity outfit Auth0on March 5, 2021 at 9:31 pm
Okta CEO Todd McKinnon and Auth0 CEO Eugenio Pace joined Jim Cramer on "Mad Money" to break down the details behind the tie-up between the cybersecurity companies.
- 80% of senior IT leaders see cybersecurity protection deficitson March 5, 2021 at 10:44 am
A lack of confidence in companies' defenses is prompting 91% of organizations to boost 2021 budgets, according to a new IDG/Insight Enterprises study.
- Address cybersecurity challenges before rolling out robotic process automationon March 5, 2021 at 10:08 am
The security aspect of RPA isn’t implemented in the early stages of development — leaving organizations vulnerable to cybercriminals.
Go deeper with Google Headlines on:
Cybersecurity
Go deeper with Bing News on:
Cyberattacks
- Massive increase in cyberattacks on higher educationon March 6, 2021 at 8:53 am
The past twelve months have seen a growing number of ransomware attacks aimed at the education and healthcare sectors. With education, the university sector has seen the greatest number of targeted ...
- New Cost to Paying Ransom on Cyberattackson March 5, 2021 at 3:59 am
Evolving threats, new guidance add to need for healthcare cybersecurity. This article was originally published March 2, 2021 on PSQH by Megan Headley. As if the COVID-19 pandemic ...
- How to Cope with Disruptive Shifts in Cyberattackson March 4, 2021 at 10:34 am
The best cybersecurity defense requires agility, so security teams, strategies, and solutions all need to be adaptable.
- Solarwinds hack reveals the vulnerability of New Yorkers to cyberattackson March 3, 2021 at 6:56 am
This is the same mentality New Yorkers need to have regarding cybersecurity, and the recent SolarWinds hack has made this abundantly clear. New Yorkers need to be educated on how they can and should ...
- Investors are the next target of large-scale cyberattackson March 3, 2021 at 6:53 am
Business email compromise (BEC) scammers are utilizing a new type of attack targeting investors that could leverage payouts seven times greater than average.