A New and More Accurate Approach to Cyber Attack Prediction

A New and More Accurate Approach to Cyber Attack Prediction

Prediction, during a data breach or cyber attack would be extremely beneficial if security defenders knew their attacker’s next move. Armed with such information, administrators could take proactive measures to protect sensitive data, patch or update vulnerable software, bolster security settings, and block the attacker’s access and progress.

cyber attack prediction akin to chess game strategy

Unfortunately, cyberattack prediction is not easy to achieve. Previous attack prediction technologies have all but failed, providing only a limited amount of useful information and suffering from complexities that don’t scale adequately in real-world scenarios.

However, after years of research, Lastline founders Dr. Christopher Kruegel and Dr. Giovanni Vigna, the company’s CEO and CTO, along with several colleagues, have developed a new and more accurate approach to cyber attack prediction.

Machine learning is in

The method uses machine learning (ML) techniques to discover the historical behavior of attackers. It then leverages this knowledge during an actual data breach to predict the likely future actions of the attackers. After developing a set of sophisticated analytics algorithms and technologies, the team created a prototype of the system and tested its accuracy during a hacking competition.

The results of the prototype tests are very promising. The system achieved a 94% accuracy rating in predicting the next action of the attackers. Equally important, the system runs in real-time for instant prediction of the attacker’s next move. As an added benefit, the tests showed that the system requires only modest computational resources, and will run in standard, inexpensive hardware.

Although more work and additional tests are yet to come, it’s already clear that the new approach is a significant improvement over previous attempts at attack prediction. The system is accurate, easily scales, and due to its machine learning capabilities, will readily adapt to new types of cyber vulnerabilities and threats.

With growing volumes of available attack data, cheap computational processing power, and affordable data storage, machine learning will continue on its course to solve additional security challenges like attack prediction. Machine learning makes it possible to quickly and automatically produce models that can analyze bigger and more complex data, and deliver faster, more accurate results.

“Effective attack prediction requires accurate and efficient processing of vast amounts of data. Unfortunately, early attempts at attack prediction have been rather disappointing. Both the amount and quality of available data and our ability to analyze big data has its limitations without the use of advanced security tools.” —Bert Rankin, Lastline

Cyberattack prediction via machine learning will no doubt become a huge benefit to security personnel as they combat the ever-growing number of assaults on their networks.

Continual innovation

“The infosec community is moving towards a game of machine versus machine, and for this technology to stand any chance of becoming the savior of cyber security, businesses need to make sure AI applications learn to defend much faster than they learn to attack,” says Nick Ismail, a reporter at Information Age. “Continual innovation and industry collaboration will be critical for this technology to identify anomalous behavior, adapt to a changing risk environment, and get ahead of the cyber criminals.”

Read the datasheet, to learn more about how Lastline Enterprise delivers complete visibility into advanced malware, enabling you to respond rapidly to malicious activity before it results in a damaging data breach.

Brian Laing

Brian Laing

For more than 20 years, Brian Laing has shared his strategic business vision and technical leadership with a range of start-ups and established companies in various executive level roles. The author of “APT for Dummies,” he was previously vice president of AhnLab, where he directed the US operations of the internationally known security and software leader. Brian previously founded Hive Media where he served as CEO. He co-founded RedSeal Systems, where he conceived the overall design and features of the product and was granted two patents related to network security. He was also founder and CEO of self-funded Blade Software, who released the industry’s first commercial IPS/FW testing tool.
Brian Laing