IBM’s Watson Goes Cybersecurity
IBM Security has announced a new year-long research project through which it will partner with eight universities to help train its Watson artificial intelligence system to tackle cybercrime.
Knowledge about threats is often hidden in unstructured sources such as blogs, research reports and documentation, said Kevin Skapinetz, director of strategy for IBM Security.
“Let’s say tomorrow there’s an article about a new type of malware, then a bunch of follow-up blogs,” Skapinetz explained. “Essentially what we’re doing is training Watson not just to understand that those documents exist, but to add context and make connections between them.”
Over the past year, IBM Security’s own experts have been working to teach Watson the “language of cybersecurity,” he said. That’s been accomplished largely by feeding it thousands of documents annotated to help the system understand what a threat is, what it does and what indicators are related, for example.
“You go through the process of annotating documents not just for nouns and verbs, but also what it all means together,” Skapinetz said. “Then Watson can start making associations.”
Now IBM aims to accelerate the training process. This fall, it will begin working with students at universities including California State Polytechnic University at Pomona, Penn State, MIT, New York University and the University of Maryland at Baltimore County along with Canada’s universities of New Brunswick, Ottawa and Waterloo.
Over the course of a year, the program aims to feed up to 15,000 new documents into Watson every month, including threat intelligence reports, cybercrime strategies, threat databases and materials from IBM’s own X-Force research library. X-Force represents 20 years of security research, including details on 8 million spam and phishing attacks and more than 100,000 documented vulnerabilities.
Watson’s natural language processing capabilities will help it make sense of those reams of unstructured data. Its data-mining techniques will help detect outliers, and its graphical presentation tools will help find connections among related data points in different documents, IBM said.
Ultimately, the result will be a cloud service called Watson for Cyber Security that’s designed to provide insights into emerging threats as well as recommendations on how to stop them.
Source-http://www.thegurureview.net/computing-category/ibms-watson-to-get-schooled-on-cybersecurity.html
NSA Software Reengineered
Hackers have found a way to reverse engineer the technology of the United States National Security Agency (NSA) spy gadgets.
Thanks to documents leaked by fugitive former NSA contractor and whistleblower Edward Snowden, the group has built a copycat device able to gather private data from computer systems.
The Advanced Network Technology catalogue, leaked by Snowden, is the Argos book of the NSA showing a range of toys available to agents. One such device known has a “retro reflector” had eluded identification, beyond that it acted as a bug, keylogger and screengrabber.
Michael Ossman and his team from Great Scott Gadgets, a Colorado based hacking group, decided that the best defence against such devices was to create their own to understand what makes them tick.
It transpired that the key technology being used is called software defined radio (SDR), an approach that uses software to generate radio transmissions through signal processing, doing away with a lot of hardware circuitry.
“SDR lets you engineer a radio system of any type you like really quickly so you can research wireless security in any radio format,” Ossmann told New Scientist.
The technique can be used for almost any type of radio signal and therefore the devices are capable of tracking anything, from what you’re listening to through a Bluetooth headset to the binary signals of your internet traffic.
The group, which will demonstrate its work at the Defon hacking conference in Las Vegas, runs a website at NSAplayset.org that is a repository for all of the information it gathered.
Is The Internet Secure?
June 9, 2014 by admin
Filed under Around The Net
Comments Off on Is The Internet Secure?
Hacker blogger Quinn Norton is getting a lot of coverage with her blog claiming that the Internet is broken. She argues that every computer and every piece of software we use is vulnerable to hackers because of terrible security flaws. Norton blames these flaws on the fact that developers who face immense pressure to ship software quickly.
Norton says that those bugs may have been there for years unnoticed, leaving systems susceptible to attacks. One of her hacker mates accidentally took control of more than 50,000 computers in four hours after finding a security vulnerability. Another one of her colleagues accidentally shut down a factory for a day after sending a “malformed ping.”
She said that the NSA wasn’t, and isn’t, the great predator of the internet, it’s just the biggest scavenger around. It isn’t doing so well because they are all powerful math wizards of doom. The other problem is software is too complicated and the emphasis placed on security too light.
“The number of people whose job it is to make software secure can practically fit in a large bar, and I’ve watched them drink. It’s not comforting. It isn’t a matter of if you get owned, only a matter of when,” Norton said.
Remote Access Tools Threatens Smartphones
March 7, 2012 by admin
Filed under Smartphones
Comments Off on Remote Access Tools Threatens Smartphones
Malware tools that allow attackers to gain complete remote control of smartphones have become a major threat to owners around the world, security researchers say.
In a demonstration at the RSA Conference 2012 here Wednesday, former McAfee executives George Kurtz and Dmitri Alperovitch, who recently founded security firm CrowdStrike, installed a remote access tool on an Android 2.2-powered smartphone by taking advantage of an unpatched flaw in WebKit, the default browser in the OS.
The researchers showed an overflow audience how the malware can be delivered on a smartphone via an innocuous looking SMS message and then be used to intercept and record phone conversations, capture video, steal text messages, track dialed numbers and pinpoint a user’s physical location.
The tools used in the attack were obtained from easily available underground sources, Kurtz said. The WebKit bug, for instance, was one of 20 tools purchased from hackers for a collective $1,400.
The remote access Trojan used in the attack was a modified version of Nickispy a well-known Chinese malware tool.
Learning how to exploit the WebKit vulnerability and to modify the Trojan for the attack, was harder than expected, said Kurtz. He estimated that CrowdStrike spent about $14,000 in all to develop the attack.
But the key issue is that similar attacks are possible against any smartphone, not just those running Android, he said.
WebKit for instance, is widely used as a default browser in other mobile operating systems including Apple’s iOS and the BlackBerry Tablet OS. WebKit is also is used in Apple’s Safari and Google’s Chrome browsers.
Several mobile remote access Trojans are already openly available from companies pitching them as tools that can be used to surreptitiously keep tabs on others.
Mobile Security Threats Continue To Grow
October 15, 2011 by admin
Filed under Smartphones
Comments Off on Mobile Security Threats Continue To Grow
According to industry analysts, mobile device shipments will exceed a billion devices in 2015 and will rapidly outrun PC shipments. That’s great news for end user convenience, mobility, and work-anywhere productivity. But it also means that enterprises must prepare for the fact that the criminals will target these devices with attack exploits, spyware,
and rogue applications.
And while IBM’s IT security research team, X-Force, predicts a modest 33 software exploits targeting mobile devices in the year ahead, that’s roughly twice the number of such attack code released in the past year.
The group also sees a number of other troubling mobile security trends. First, when software flaws do surface, many mobile phone makers do not rapidly deploy software patches to devices; malicious apps are often distributed through third-party app markets. Another troubling trend is that some mobile malware can collect end user’s personal information for use in phishing attacks.
An example of vulnerabilities that would make such attacks possible are the two recent Android security flaws that were reported to affect popular handsets including the AT&T Samsung Galaxy SII and various HTC devices.
The security find announced by security researcher Trevor Eckhart, called HTClogger (logging tools introduced by handset maker HTC) that could leak email account information, user location, phone numbers, and messaging logs.
Handset maker HTC said, in a statement, that it is working to quickly issue an update to its customers. “HTC is working very diligently to quickly release a security update that will resolve the issue on affected devices. Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it. We urge all users to install the update promptly,” the company said.