IBM’s Watson Goes Cybersecurity
IBM Security has announced a new year-long research project through which it will partner with eight universities to help train its Watson artificial intelligence system to tackle cybercrime.
Knowledge about threats is often hidden in unstructured sources such as blogs, research reports and documentation, said Kevin Skapinetz, director of strategy for IBM Security.
“Let’s say tomorrow there’s an article about a new type of malware, then a bunch of follow-up blogs,” Skapinetz explained. “Essentially what we’re doing is training Watson not just to understand that those documents exist, but to add context and make connections between them.”
Over the past year, IBM Security’s own experts have been working to teach Watson the “language of cybersecurity,” he said. That’s been accomplished largely by feeding it thousands of documents annotated to help the system understand what a threat is, what it does and what indicators are related, for example.
“You go through the process of annotating documents not just for nouns and verbs, but also what it all means together,” Skapinetz said. “Then Watson can start making associations.”
Now IBM aims to accelerate the training process. This fall, it will begin working with students at universities including California State Polytechnic University at Pomona, Penn State, MIT, New York University and the University of Maryland at Baltimore County along with Canada’s universities of New Brunswick, Ottawa and Waterloo.
Over the course of a year, the program aims to feed up to 15,000 new documents into Watson every month, including threat intelligence reports, cybercrime strategies, threat databases and materials from IBM’s own X-Force research library. X-Force represents 20 years of security research, including details on 8 million spam and phishing attacks and more than 100,000 documented vulnerabilities.
Watson’s natural language processing capabilities will help it make sense of those reams of unstructured data. Its data-mining techniques will help detect outliers, and its graphical presentation tools will help find connections among related data points in different documents, IBM said.
Ultimately, the result will be a cloud service called Watson for Cyber Security that’s designed to provide insights into emerging threats as well as recommendations on how to stop them.
Source-http://www.thegurureview.net/computing-category/ibms-watson-to-get-schooled-on-cybersecurity.html
Developers Hack Dropbox
Two developers have penetrated Dropbox’s security, even intercepting SSL data from its servers and bypassing the cloud storage provider’s two-factor authentication, according to a paper they published at USENIX 2013.
“These techniques are generic enough and we believe would aid in future software development, testing and security research,” the paper says in its abstract.
Dropbox, which claims more than 100 million users upload more than a billion files daily, said the research didn’t actually represent a vulnerability in its servers.
“We appreciate the contributions of these researchers and everyone who helps keep Dropbox safe,” a spokesperson said in an email to Computerworld. “In the case outlined here, the user’s computer would first need to have been compromised in such a way that it would leave the entire computer, not just the user’s Dropbox, open to attacks across the board.”
The two developers, Dhiru Kholia, with the Openwall open source project , and Przemyslaw Wegrzyn, with CodePainters, said they reverse-engineered Dropbox, an application written in Python.
“Our work reveals the internal API used by Dropbox client and makes it straightforward to write a portable open-source Dropbox client,” the paper states. “Additionally, we show how to bypass Dropbox’s two-factor authentication and gain access to users’ data.”
The paper presents “new and generic techniques to reverse engineer frozen Python applications, which are not limited to just the Dropbox world,” the developers wrote.
The researchers described in detail how they were able to unpack, decrypt and decompile Dropbox from scratch. And, once someone has de-compiled its source code, how “it is possible to study how Dropbox works in detail.
“We describe a method to bypass Dropbox’s two-factor authentication and hijack Dropbox accounts. Additionally, generic techniques to intercept SSL data using code injection techniques and monkey patching are presented,” the developers wrote in the paper.
The process they used included various code injection techniques and monkey-patching to intercept SSL data in a Dropbox client. They also used the techniques successfully to snoop on SSL data in other commercial products as well, they said.
The developers are hoping their white hat hacking prompts Dropbox to open source its platform so that it is no longer a “black box.”