via UT Dallas
Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.
The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.
UT Dallas researchers presented a paper on their work, “Improving Intrusion Detectors by Crook-Sourcing,” at the annual Computer Security Applications Conference in December in Puerto Rico. They presented another paper, “Automating Cyberdeception Evaluation with Deep Learning,” in January at the Hawaii International Conference of System Sciences.
DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers. Researchers hope that the approach can be especially useful for defense organizations.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” said Dr. Kevin Hamlen, Eugene McDermott Professor of computer science. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
There are criminals trying to attack our networks all the time, and normally we view that as a negative thing. Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like.”
Dr. Kevin Hamlen, Eugene McDermott Professor of computer science
The approach aims to solve a major challenge to using artificial intelligence for cybersecurity: a shortage of data needed to train computers to detect intruders. The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, said Gbadebo Ayoade MS’14, PhD’19, who presented the findings at the recent conferences.
“We’re using the data from hackers to train the machine to identify an attack,” said Ayoade, now a data scientist at Procter & Gamble Co. “We’re using deception to get better data.”
Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, Hamlen said. But most cyberdefense programs try to disrupt intruders before anyone can monitor the intruders’ techniques. DEEP-Dig will give researchers a window into hackers’ methods as they enter a decoy site stocked with disinformation. The decoy site looks legitimate to intruders, said Dr. Latifur Khan, professor of computer science at UT Dallas.
“Attackers will feel they’re successful,” Khan said.
Governmental agencies, businesses, nonprofits and individuals face a constant threat from cyberattacks, which cost the U.S. economy more than $57 billion in 2016, according to a report to the White House from the Council of Economic Advisers.
As hackers’ tactics change, DEEP-Dig could help cybersecurity defense systems keep up with their new tricks.
“It’s an endless game,” Khan said.
While DEEP-Dig aims to outsmart hackers, is it possible that hackers could have the last laugh if they realize they have entered a decoy site and try to deceive the program?
Maybe, Hamlen said. But that possibility does not worry him.
“So far, we’ve found this doesn’t work. When an attacker tries to play along, the defense system just learns how hackers try to hide their tracks,” Hamlen said. “It’s an all-win situation — for us, that is.”
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
- As The Threat Of Cybercrime Grows, Canada's Largest Cybersecurity ETF Makes A Compelling Thesison January 17, 2021 at 7:43 am
In what is now a seemingly annual trend, 2020 looks to have been another record-setting year in the realm of cybercrime.
- We asked the CEO of cybersecurity unicorn Darktrace about the challenges of 2021: 'The old ways of doing things have gone out the window.'on January 17, 2021 at 5:00 am
When the world is moving fast around you, you have to be laser-focused on what's right in front of you." ...
- Why cybersecurity audits are essential for risk managementon January 17, 2021 at 1:47 am
Find out what your company could risk by not getting cybersecurity audits. TechRepublic contributing writer Lance Whitney reported in December 2020 that security firm McAfee estimated that cybercrime ...
- Cybersecurity: Same Threats, New Challengeson January 15, 2021 at 2:06 pm
Other threats were given new life, such as phishing attacks that exploited Covid’s chaos to trick beleaguered employees. And some threats were unique to cloud technology itself. To gather insight on ...
- Cybersecurity and Networking Staffing Company CIBR Warriors Launches Nationwideon January 15, 2021 at 1:02 pm
Firm aims to connect qualified candidates with essential positions to help fill 3.5 million cybersecurity jobs expected to go unfilled in 2021 ...
Go deeper with Google Headlines on:
Go deeper with Bing News on:
- US government warns of cyberattacks targeting cloud serviceson January 14, 2021 at 10:21 am
Organizations with remote workers who use cloud-based services are being warned of several recent successful cyberattacks against those services. SEE: Social engineering: A cheat sheet for ...
- Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?on January 14, 2021 at 8:52 am
It's a question that continues to engage debate, as the majority of new physical security devices being installed are now connected to a network. While this offers myriad benefits, it also raises the ...
- US government warns of cyberattacks targeting cloud serviceson January 14, 2021 at 12:57 am
Organizations with remote workers who use cloud-based services are being warned of several recent successful cyberattacks against those services. SEE: Social engineering: A cheat sheet for business ...
- Minimizing cyberattacks by managing the lifecycle of non-human workerson January 13, 2021 at 10:05 pm
Organizations must track and manage the lifecycle approach to non-human workers - otherwise, cybercriminals can launch cyberattacks.
- US issues warning over recent cyberattacks targeting cloud serviceson January 13, 2021 at 9:18 pm
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency today issued a warning concerning several recent cyberattacks targeting various cloud services. The report ...