[ad_1]
Can you deceive a deceiver? This is the question that computer scientists from Binghamton University and the New York State University have recently explored.
Guanhua Yan, an assistant professor of computer science, and Zhan Shu, a PhD student, are studying how to make cyber-fraud a more effective tool against malicious hackers.
Their study was inspired by the 2013 data breach by Target, which affected 41 million consumers and cost $ 18.5 million, and by the Equifax hacking in 2017, which revealed personal information of 147 , 7 million Americans. These two elements can be classified as Advanced Persistent Threats (APTs).
Yan and Shu wanted to improve the way hackers are countered when they try APTs, so they focused on refining existing cyber-deception tools.
Cyber-deception is a sensitive technique that places malicious hackers in a false environment as soon as the system detects ongoing hacking.
In the summary of the study, the researchers wrote that "the main objective of our work is to ensure the coherence of deception: when the attackers are trapped, they can only make observations consistent with what 'they have already seen so as not to be able to recognize deceptive environment'.
They found that focusing solely on showing the attackers what we had seen before increases the efficiency of the deception.
"The problem is that sometimes, cyber-fraud uses what are called" lies "that are easily recognizable by the attacker.Once the fraud is carried out, the attacker can s & rsquo; Adjust and bypass this form of protection, "Yan said.
Yan and Shu's Deception Consistency Method was tested on students who have recently completed a course on cybersecurity. Students have been asked to behave like malicious hackers, some in a deceptive environment.
The researchers found that because the deceptive environment was what students had seen before, most did not realize that they had gone into deception.
"It was clear that most students simply guessed whether or not they had entered the deceptive environment – they could not really tell the difference when we used our consistent pattern," Yan said.
While the consistency of deception may make it more difficult for ATP attackers to recognize the deception, the researchers made it clear that the proposed method was not a panacea for things like what is arrived at Target and Equifax.
"This may not stand up to more advanced attacks, but we will continue to improve the efficiency of deception-based methods against various attack scenarios," Yan said.
Yan and Shu have published "Ensuring Consistency of Deception for Enhanced FTP Services Against Persistent Advanced Threats" in the recent work of the 5th ACM Mobile Target Defense Workshop.
Source of the story:
Material provided by Binghamton University. Note: Content can be changed for style and length.
Source link