A New and More Accurate Approach to Cyber Attack Prediction
Prediction, during a data breach or cyber attack would be extremely beneficial if security defenders knew their attacker’s next move. Armed with such information, administrators could take proactive measures to protect sensitive data, patch or update vulnerable software, bolster security settings, and block the attacker’s access and progress.
Unfortunately, cyberattack prediction is not easy to achieve. Previous attack prediction technologies have all but failed, providing only a limited amount of useful information and suffering from complexities that don’t scale adequately in real-world scenarios.
However, after years of research, Lastline founders Dr. Christopher Kruegel and Dr. Giovanni Vigna, the company’s CEO and CTO, along with several colleagues, have developed a new and more accurate approach to cyber attack prediction.
Machine learning is in
The method uses machine learning (ML) techniques to discover the historical behavior of attackers. It then leverages this knowledge during an actual data breach to predict the likely future actions of the attackers. After developing a set of sophisticated analytics algorithms and technologies, the team created a prototype of the system and tested its accuracy during a hacking competition.
The results of the prototype tests are very promising. The system achieved a 94% accuracy rating in predicting the next action of the attackers. Equally important, the system runs in real-time for instant prediction of the attacker’s next move. As an added benefit, the tests showed that the system requires only modest computational resources, and will run in standard, inexpensive hardware.
Although more work and additional tests are yet to come, it’s already clear that the new approach is a significant improvement over previous attempts at attack prediction. The system is accurate, easily scales, and due to its machine learning capabilities, will readily adapt to new types of cyber vulnerabilities and threats.
With growing volumes of available attack data, cheap computational processing power, and affordable data storage, machine learning will continue on its course to solve additional security challenges like attack prediction. Machine learning makes it possible to quickly and automatically produce models that can analyze bigger and more complex data, and deliver faster, more accurate results.
“Effective attack prediction requires accurate and efficient processing of vast amounts of data. Unfortunately, early attempts at attack prediction have been rather disappointing. Both the amount and quality of available data and our ability to analyze big data has its limitations without the use of advanced security tools.” —Bert Rankin, Lastline
Cyberattack prediction via machine learning will no doubt become a huge benefit to security personnel as they combat the ever-growing number of assaults on their networks.
“The infosec community is moving towards a game of machine versus machine, and for this technology to stand any chance of becoming the savior of cyber security, businesses need to make sure AI applications learn to defend much faster than they learn to attack,” says Nick Ismail, a reporter at Information Age. “Continual innovation and industry collaboration will be critical for this technology to identify anomalous behavior, adapt to a changing risk environment, and get ahead of the cyber criminals.”
Read the datasheet, to learn more about how Lastline Enterprise delivers complete visibility into advanced malware, enabling you to respond rapidly to malicious activity before it results in a damaging data breach.
Latest posts by Brian Laing (see all)
- Protection from Malicious Links - September 22, 2017
- Drive-By Downloads and How to Prevent Them - September 21, 2017
- Combining Lastline and Carbon Black for End-to-End Malware Analysis - September 14, 2017