1-MIN READ

Big Win for Cybersecurity: Scientists Are Using a 'New Tool' to Set Trap for Hackers

Big Win for Cybersecurity: Scientists Are Using a 'New Tool' to Set Trap for Hackers

DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers.

  • IANS
  • Last Updated: February 28, 2020, 6:29 PM IST
Share this:

Instead of blocking hackers, the researchers have created a new cybersecurity defence approach, which involves setting traps for hackers.

The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers' tactics. The information is then used to train the computer to recognise and stop future attacks.

DEEP-Dig advances a rapidly growing cybersecurity field known as deception technology, which involves setting traps for hackers.

"There are criminals trying to attack our networks all the time, and normally we view that as a negative thing, instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labour," said study researcher Kevin Hamlen from University of Texas in Dallas, US.

"They're providing us data about what malicious attacks look like. It's a free source of highly prised data," Hamlen added.

The approach aims to solve a major challenge to using artificial intelligence (AI) for cybersecurity: a shortage of data needed to train computers to detect intruders.

The lack of data is due to privacy concerns. Better data will mean better ability to detect attacks, the researchers said.

"We're using the data from hackers to train the machine to identify an attack, we're using deception to get better data," said study researcher Gbadebo Ayoade.

Hackers typically begin with their simplest tricks and then use increasingly sophisticated tactics, the researchers said.

But most cyberdefense programmes try to disrupt intruders before anyone can monitor the intruders' techniques. DEEP-Dig will give researchers a window into hackers' methods as they enter a decoy site stocked with disinformation.

The decoy site looks legitimate to intruders and attackers will feel they're successful, said study researcher Latifur Khan.

As hackers' tactics change, DEEP-Dig could help cybersecurity defence systems keep up with their new tricks.

According to the researchers, while DEEP-Dig aims to outsmart hackers, it might be possible that hackers could have the last laugh if they realise they have entered a decoy site and try to deceive the programme.

"So far, we've found this doesn't work. When an attacker tries to play along, the defence system just learns how hackers try to hide their tracks, it's an all-win situation -- for us, that is," Hamlen said.

The study was presented at the annual Computer Security Applications Conference in December in Puerto Rico.

Share this:
Next Story

India

  • Active Cases

    3,666

     
  • Total Confirmed

    4,067

     
  • Cured/Discharged

    291

     
  • Total DEATHS

    109

     
Data Source: Ministry of Health and Family Welfare, India
Updated: April 06 (09:00 AM)
Hospitals & Testing centres

World

  • Active Cases

    944,877

     
  • Total Confirmed

    1,287,381

     
  • Cured/Discharged

    271,950

     
  • Total DEATHS

    70,554

     
Data Source: Johns Hopkins University, U.S. (www.jhu.edu)
Hospitals & Testing centres