Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

Tech Guides - Security

59 Articles
article-image-hackers-are-our-societys-immune-system-keren-elazari-on-the-future-of-cybersecurity
Amrata Joshi
15 Dec 2018
9 min read
Save for later

Hackers are our society’s immune system - Keren Elazari on the future of Cybersecurity

Amrata Joshi
15 Dec 2018
9 min read
Keren Elazari, a world renowned cybersecurity analyst and senior researcher at the Tel Aviv University Interdisciplinary Cyber Research Center, author and speaker spoke earlier this year at Six, about the future of cybersecurity and a range of real world attacks in recent years. She also dived into the consequences as well as possible motivations behind such attacks. The Six event covers various press conferences and hackathons. The Six event organizes around one billion security events on a daily basis. The cybersecurity events organized by Six has international experts who answer various questions and give insights on various topics. This article highlights few insights from this year’s Six on Cybersecurity talk by Keren Elazari on The Future of Cybersecurity from a hacker’s perspective. How hackers used Starbucks’ free WiFi to use customer CPU resources for crypto mining “What if I told you that in 10 seconds I could take over your computer, generate thousands of dollars worth of cryptocurrencies all while you are drinking your morning coffee? You might think it’s impossible, by this is exactly what happened in Argentina earlier this year.” - Keren Elazari Earlier this year, the Starbucks customers  at Argentina experienced a slight delay of 10 seconds after logging into the website for free Wi-Fi. So what exactly happened? A security researcher discovered that the computer was running Coinhive, a type of distributed cryptocurrency mining software for those ten seconds. It was running on all the machines in Argentinian Starbucks that logged in for free Wi-Fi and the software generated a lot of  monero, the cryptocurrency (money). The hacker didn’t even have to code a JavaScript for this attack as he just had to buy the code from Coinhive. The business model of the company behind Coinhive allows anyone to monetize the user’s CPU. Cyber criminals can earn a lot of money from technologies like Coinhive. There are actually some news sites in the US that are looking at using such coinhiving solution as an alternative to paying for the news. This is an example of how creative technologies made by cybercriminals can even generate completely new business models. IoT brings a whole new set of vulnerabilities to your ecosystem “According to the Munich security conference report, they are expecting this year double the amount of devices than there are humans on this planet. This is not going to change. We definitely need an immune system for new digital universe because it is expanding without a stop.”   Devices like cameras, CCTVs, webcams etc could be used by potential hackers to spy of users. But even if measures such as blocking its vision with tape is taken, web cams can be hacked, not with an intention to steal pictures but to hack of other devices. How the Mirai DDoS attack used webcams to bring down the likes of Airbnb and Amazon This is what happened 2 years ago, when the massive internet DDoS attack - Mirai took place. Over the course of a weekend it took down websites all over the world. Websites like Amazon, Airbnb, and large news sites etc were down, due to which these companies faced losses. This attack was supercharged by the numerous devices in people’s homes. These devices where for DDoS attack because they were using basic internet protocols such as DNS which can be easily subverted. Even worse, many of the devices used default username password combinations. It’s important to change the passwords for the newly purchased devices. With shodan, a search engine, one can check the internet connected devices in their organizations or at home. This is helpful as it improves protection for the organizations from getting hacked. How hackers used a smart fish tank to steal data from a casino and an AI caught it “Hackers have found very creative, very fast automatic ways to identify devices that they can use and they will utilize any resource online. It would just become a part of their digital army. Speaking of which even an aquarium, a fish tank was hacked recently.” Recently, a smart fish tank in a US Casino was hacked. It had smart sensors that would check the temperature and the feeding schedule of the fish and the salinity of the water. While, hacking a fish tank does not appear to have any monetary incentive to a hacker, its connection to the internet make it a valuable access point.. The hackers, who already had access to the casino network, used the outgoing internet connection of the aquarium to send out 10 gigabytes of data from the casino. As the data was going of this connection, there was no firewall and it got noticed by none. The suspicious activity was flaggedby a self learning algorithm which realized that there was something fishy as the outgoing connection had no relation with the fish tank setup. How WannaCry used Ransomware attacks to target organizations “I don’t think we should shame organizations for having to deal with ransomware because it is a little bit like a flu in a sense that these attacks are designed to propagate and infect as many computers as they can.”- Keren Elazari In May 2017, the WannaCry ransomware attack by the WannaCry ransomware cryptoworm, affected the computers running the Microsoft Windows operating system by encrypting data and the criminals demanded ransom payments in the Bitcoin cryptocurrency. This attack affected the UK National Health Service the most as according to NHS, 30% of that national health services were not functioning. 80 out of the 236 trusts got affected in England. As per the UK government, North Korea was behind this attack as they are need of money because they are under sanctions. The Lazarus Group, a cybercrime group from North Korea attacked the Swift infrastructure and also attacked the central bank of Bangladesh last year. NotPetya - The Wiper attack “Whoever was hacking the tax company in the Ukraine wanted to create an effective virus that would destroy the evidence of everything they have been doing for two years in a bunch of Ukrainian companies. It might have been an accident that it infected so many other companies in the world.” In June, 2017, NotPetya, a wiper attack affected enterprise networks across Europe. The Ukrainian companies got highly affected. This attack appeared like a ransomware attack as it demanded some payment but it actually was a wiper attack. This attack affected the data and wiped off the data stored for two years. Maersk, the world's largest container shipping company got highly affected by this attack. The company faced a heavy loss of amount $300 million and was a collateral damage. Out-of-life operation systems were most affected by this virus. The software vulnerability used in both of these attacks, ransomware and wiper was a code named, EternalBlue, a cyber weapon which was discovered and developed by National Security Agency (NSA). The NSA couldn’t keep a track of EternalBlue and the criminals took advantage of this and attacked using using this cyber weapon. Earlier this year, a cyber attack was made on the German government IT network. This attack affected the defence and interior ministries' private networks. Why might motivate nation state actors back cyber-attacks? “The story is never simple when it comes to cyber attackers. Sometimes the motivations of a nation or nation state actors can be hidden behind what seems like a financial or criminal activity.” One of the reasons behind a nation or state backing a cyber-attack could be the the financial aspect, they might be under sanctions and need money for developing nuclear weapons. Another reason could be that the state or country is in a state of chaos or confusion and it is trying to create a dynamic from which they could benefit. Lastly, it could be an accident, where the cyber attack sometimes gets more effective than what the state has ever imagined of. What can organizations do to safeguard themselves from such cyberattacks? Consider making hundreds of security decisions everyday while putting personal details like credit card on a website, downloading a software that cause trouble to the system, etc. Instead of using a recycled password, go for a new one. Educating employees in the organizations about penetration testing. Sharing details of the past experience with regards to hacking, will help in working towards it. Developing a cybersecurity culture in the organization will bring change. Invite a Red team to the organizations to review the system. Encourage Bug Bounty Programs for reporting bugs in organization. Security professionals can work in collaboration with programs like Mayhem. Mayhem is an automated system that helps in finding the bugs in a system. It won the hacking challenge in 2016 but beaten by humans the next year. “Just imagine you are in a big ball room and you are looking at the hacking competition between completely automated supercomputers  and this (Mayhem) ladies and gentlemen is the winner and I think is also the future.” Just two years ago, Mayhem, a machine won in a hacking competition organized by United  States Defense Advanced Research Projects Agency (DARPA), Las Vegas, where seven machines (supercomputers) competed against each other. Mayhem is the first non-human to win a hacking competition. In 2017, Mayhem competed against humans, though humans won it. But we can still imagine how smart are smart computers. What does the Future of Cybersecurity look like? “In the years to come, automation, machine learning, algorithms, AI will be an integral part, not just of every aspect of society, but [also an] integral part of cybersecurity. That’s why I believe we need more such technologies and more humans that know how to work alongside and together with these automated creatures. If you like me think that friendly hackers, technology, and building  an ecosystem will a good way to create a safer society, I hope you take the red pill and wake up to this reality,” concludes Elazari. As 2018 comes to a close plagued with security breaches across industries, Keren’s insightful talk on cybersecurity is a must watch for everyone entering 2019. Packt has put together a new cybersecurity bundle for Humble Bundle 5 lessons public wi-fi can teach us about cybersecurity Blackberry is acquiring AI & cybersecurity startup, Cylance, to expand its next-gen endpoint solutions like its autonomous cars’ software
Read more
  • 0
  • 0
  • 4292

article-image-dark-web-phishing-kits-cheap-plentiful-and-ready-to-trick-you
Guest Contributor
07 Dec 2018
6 min read
Save for later

Dark Web Phishing Kits: Cheap, plentiful and ready to trick you

Guest Contributor
07 Dec 2018
6 min read
Spam email is a part of daily life on the internet. Even the best junk mail filters will still allow through certain suspicious looking messages. If an illegitimate email tries to persuade you to click a link and enter personal information, then it is classified as a phishing attack. Phishing attackers send out email blasts to large groups of people with the messages designed to look like they come from a reputable company, such as Google, Apple, or a banking or credit card firm. The emails will typically try to warn you about an error with your account and then urge you to click a link and log in with your credentials. Doing so will bring you to an imitation website where the attacker will attempt to steal your password, social security number, or other private data. These days phishing attacks are becoming more widespread. One of the primary reasons is because of easy access to cybercrime kits on the dark web. With the hacker community growing, internet users need to take privacy seriously and remain vigilant against spam and other threats. Read on to learn more about this trend and how to protect yourself. Dark Web Basics The dark web, sometimes referred to as the deep web, operates as a separate environment on the internet. Normal web browsers, like Google Chrome or Mozilla Firefox, connect to the world wide web using the HTTP protocol. The dark web requires a special browser tool known as the TOR browser, which is fully encrypted and anonymous. Image courtesy of Medium.com Sites on the dark web cannot be indexed by search engines, so you'll never stumble on that content through Google. When you connect through the TOR browser, all of your browsing traffic is sent through a global overlay network so that your location and identity cannot be tracked. Even IP addresses are masked on the dark web. Hacker Markets Much of what takes place in this cyber underworld is illegal or unethical in nature, and that includes the marketplaces that exist there. Think of these sites as blackmarket versions of eBay, where anonymous individuals can buy and sell illegal goods and services. Recently, dark web markets have seen a surge in demands for cybercrime tools and utilities. Entire phishing kits are sold to buyers, which include spoofed pages that imitate real companies and full guides on how to launch an email phishing scam. Image courtesy of Medium.com When a spam email is sent out as part of a phishing scam, the messages are typically delivered through dark web servers that make it hard for junk filters to identify. In addition, the "From" address in the emails may look legitimate and use a valid domain like @gmail.com. Phishing kits can be found for as less as two dollars, meaning that inexperienced hackers can launch a cybercrime effort with little funding or training. It’s interesting to note that personal data prices at the Dark Web supermarket range from a single dollar (Social Security card) to thousands (medical records). Cryptocurrency Scandal You should be on the lookout for phishing scandals related to any company or industry, but in particular, banking and financial attacks can be the most dangerous. If a hacker gains access to your credit card numbers or online banking password, then can commit fraud or even steal your identity. The growing popularity of cryptocurrencies like Bitcoin and Ether have revolutionized the financial industry, but as a negative result of the trend, cybercriminals are now targeting these digital money systems. MyEtherWallet website, which allows users to store blockchain currency in a central location, has been victim to a number of phishing scams in recent months. Image courtesy ofMyEtherWallet.com Because cryptocurrencies do not operate with a central bank or financial authority, you may not know what a legitimate email alert for one looks like. Phishing messages for MyEtherWallet will usually claim that there is an issue with your cryptocurrency account, or sometimes even suggest that you have a payment pending that needs to be verified. Clicking on the link in the phishing email will launch your web browser and navigate to a spoofed page that looks like it is part of myetherwallet.com. However, the page is actually hosted on the hacker's network and will feed directly into their illegitimate database. If you enter your private wallet address, which is a unique string of letters and numbers, the hacker can gain access to all of the funds in your account. Preventative Measures Phishing attacks are a type of cybercrime that targets individuals, so it's up to you to be on guard for these messages and react appropriately. The first line of defense against phishing is to be skeptical of all emails that enter your inbox. Dark web hackers are getting better and better at imitating real companies with their spam and spoofing pages, so you need to look closely when examining the content. Always check the full URL of the links in email messages before you click one. If you do get tricked and end up navigating to a spoofed page in your web browser, you still have a chance to protect yourself. All browsers support secure sockets layer (SSL) functionality and will display a lock icon or a green status bar at the top of the window when a website has been confirmed as legitimate. If you navigate to a webpage from an email that does not have a valid SSL certificate, you should close the browser immediately and permanently delete the email message. The Bottom Line Keep this in mind. As prices for phishing kits drop and supply increases, the allure of engaging in this kind of bad behavior will be too much to resist for an increasing number of people. Expect incidents of phishing attempts will increase. The general internet-browsing public should stay on high alert at all times when navigating their email inbox. Think first, then click. Author Bio Gary Stevens is a front-end developer. He’s a full-time blockchain geek and a volunteer working for the Ethereum foundation as well as an active Github contributor. Packt has put together a new cybersecurity bundle for Humble Bundle Malicious code in npm ‘event-stream’ package targets a bitcoin wallet and causes 8 million downloads in two months Why scepticism is important in computer security: Watch James Mickens at USENIX 2018 argue for thinking over blindly shipping code
Read more
  • 0
  • 0
  • 10562

article-image-5-lessons-public-wi-fi-can-teach-us-about-cybersecurity
Guest Contributor
30 Nov 2018
7 min read
Save for later

5 lessons public wi-fi can teach us about cybersecurity

Guest Contributor
30 Nov 2018
7 min read
Free, public Wi-Fi is now crucial in ensuring people stay connected where a secure network is absent or mobile data is unavailable. While the advantages of flexible internet access are obvious, the dangers are often less clear. By now, most of us are aware that these networks can pose a risk, but few can articulate exactly what these risks are and how we can protect ourselves. Follow the advice below to find out exactly what dangers lurk within. The perils of public wi-fi When you join a public hotspot without protection and begin to access the internet, the packets of data that go from your device to the router are public and open for anyone to intercept. While that sounds scary, technology like SSL/TLS has ensured the danger here isn’t as bad as it was a few years ago. That being said, all a cybercriminal needs to snoop on your connection is some relatively simple Linux software that’s accessible online. This leaves you vulnerable to a variety of attacks. Let's take a look at some of them now. Data monitoring Typically, a wi-fi adapter will be set on “managed” mode. This means it acts as a standalone client connecting to a single router for access to the internet. The interface will ignore all data packets except those that are explicitly addressed to it. However, some adapters can be configured into other modes. In “monitor” mode, an adapter will capture all the wireless traffic in a certain channel, regardless of the source or intended recipient. In this mode, the adapter can even capture data packets without being connected to a router – meaning it can sniff and snoop on all the data it gets its hands on. Not all commercial wi-fi adapters are capable of this, as it’s cheaper for manufacturers to make those that only handle “managed” mode. Still, if someone gets their hands on one and pairs it with some simple Linux software, they can see which URLs you are loading and all of the data you’re entering on any website not using HTTPS – including names, addresses, and financial accounts. Fake hotspots Catching unencrypted data packets out of the air isn’t the only risk of public wi-fi. When you connect to an unprotected router, you are implicitly trusting the supplier of that connection. Usually this trust is well-founded – it’s unlikely your local café is interested in your private data. However, the carelessness with which we now connect to public routers means that cybercriminals can easily set up a fake network to bait you in. Once an illegitimate hotspot has been created, all of the data flowing through it can be captured, analysed, and manipulated. One of the most common forms of manipulation is simply redirecting your traffic to an imitation of a popular website. The sole purpose of this clone site will be to capture your personal information and card details – the same strategy used in phishing scams. ARP spoofing Unfortunately, cybercriminals don’t even need a fake hotspot to interfere with your traffic. Every wi-fi and Ethernet network has a unique MAC address – an identifying code used to ensure data packets travel to the correct destination. The way that routers – and all other devices – discover this information is using ARP (Address Resolution Protocol). For example, your smartphone might send out a request asking which device on the network is associated with a certain IP address. The requested device responds with its MAC address, ensuring the data packets are physically directed to the correct location. The issue with ARP is that it can be faked. Your smartphone might send a request for the address of the public wi-fi router, and a different device will answer with a false address. Providing the signal of the false device is stronger than the legitimate one, your smartphone will be fooled. Again, this can be done with simple Linux software. Once the spoofing has taken place, all of your data will be sent to the false router, which can subsequently manipulate the traffic however it likes. Man-in-the-Middle (MitM) attacks A man-in-the-middle attack (MITM) refers to any malicious action in which the attacker secretly relays or alters the communication between two parties. On an unprotected connection, a cybercriminal can modify key parts of the network traffic, redirect this traffic elsewhere, or inject content into an existing packet. This could mean displaying a fake login form or website, changing links, text, pictures, or more. This is relatively straightforward to execute; an attacker within reception range of an unencrypted wi-fi point could insert themselves easily. How to secure your connection The prevalence and simplicity of these attacks only serves to highlight the importance of basic cybersecurity best practices. Following these foundational rules of cybersecurity should serve to counteract the vast majority of public wi-fi threats. Firewalls An effective firewall will monitor and block any suspicious traffic flowing to and from your device. It’s a given that you should always have a firewall in place and your virus definitions updated to protect your device from upcoming threats. Though properly configured firewalls can effectively block some attacks, they’re not infallible, and do not exempt you from danger. They primarily help protect against malicious traffic, not malicious programs, and may not protect you if you inadvertently run malware. Firewalls should always be used in conjunction with other protective measures such as antivirus software. Software updates Not to be underestimated, software and system updates are imperative and should be installed as soon as they’re offered. Staying up to date with the latest security patches is the simplest step in protecting yourself against existing and easily-exploited system vulnerabilities. Use a VPN Whether you’re a regular user of public Wi-Fi or not, A VPN is an essential security tool worth having. This software works by generating an encrypted tunnel that all of your traffic travels through, ensuring your data is secure regardless of the safety of the network you’re on. This is paramount for anyone concerned about their security online, and is arguably the best safeguard against the risks of open networks. That being said, there are dozens of available VPN services, many of which are unreliable or even dangerous. Free VPN providers have been known to monitor and sell users’ data to third parties. It’s important you choose a service provider with a strong reputation and a strict no-logging policy. It’s a crowded market, but most review websites recommend ExpressVPN and NordVPN as reliable options. Use common sense If you find yourself with no option but to use public Wi-Fi without a VPN, the majority of attacks can be avoided with old-school safe computing practices. Avoid making purchases or visiting sensitive websites like online banking. It’s best to stay away from any website that doesn’t use HTTPS. Luckily, popular browser extensions like HTTPS everywhere can help extend your reach. The majority of modern browsers have in-built security features that can identify threats and notify you if they encounter a malicious website. While it’s sensible to heed these warnings, these browsers are not failsafe and are much less likely to spot local interference by an unknown third party. Simple solutions are often the strongest in cybersecurity With the rising use of HTTPS and TLS, it’s become much harder for data to be intercepted and exploited. That being said, with a laptop, free Linux software, and a cheap Wi-Fi adapter, you’d be surprised how much damage can be done. Public Wi-Fi is now a staple of modern life. Despite its ubiquity, it’s still exploited with relative ease, and many are oblivious to exactly what these risks entail. Clearly cybersecurity still has a long way to go at the consumer level; for now, old lessons still ring true – the simplest solutions are often the strongest. William Chalk is a writer and researcher at Top10VPN, a cybersecurity research group and the world’s largest VPN (Virtual Private Network) review site. As well as recommending the best VPN services, they publish independent research to help raise awareness of digital privacy and security risks.  
Read more
  • 0
  • 0
  • 5291

article-image-tim-berners-lees-solid-trick-or-treat
Natasha Mathur
31 Oct 2018
2 min read
Save for later

Tim Berners-Lee’s Solid - Trick or Treat?

Natasha Mathur
31 Oct 2018
2 min read
Solid is a set of conventions and tools developed by Tim Berners-Lee. It aims to build decentralized social applications based on Linked Data principles. It is modular, extensible and it relies as much as possible on existing W3C standards and protocols. This open-source project was launched earlier this month for “personal empowerment through data”. Why are people excited about Solid? Solid aims to radically transform the way Web applications work today, resulting in true data ownership as well as improved privacy. It hopes to empower individuals, developers, and businesses across the globe with completely new ways to build innovative and trusted applications. It gives users the freedom to choose where their data resides and who is allowed to access it. Solid collects all the data into a “Solid POD,” a personal online data repository, that you want to share with advertisers or apps. You get to decide which app gets your data and which does not.  Best thing is that you don’t need to enter any data in apps that support Solid. You can just allow or disallow access to the Solid POD, and the app will take care of the rest on its own. Moreover, Solid also offers every user a choice regarding where their data gets stored, and which specific people or groups can access the select elements in a data. Additionally, you can link to and share the data with anyone, be it your family, friends or colleagues. Is Solid a trick or a treat? That being said, a majority of the companies on the web are extremely sensitive when it comes to their data and might not be interested in losing control over that data. Hence, wide adoption seems to be a hurdle as of now. Also, since its only launched this month, there isn’t enough community support around it. However, Solid is surely taking us a step ahead, to a more free and open Internet, and seems to be a solid TREAT (pun intended) for all of us. For more information on Solid, check out the official Inrupt blog.
Read more
  • 0
  • 0
  • 2393

article-image-machine-generated-videos-like-deepfakes-trick-or-treat
Natasha Mathur
30 Oct 2018
3 min read
Save for later

Machine generated videos like Deepfakes - Trick or Treat?

Natasha Mathur
30 Oct 2018
3 min read
A Reddit user named “DeepFakes” had posted real-looking explicit videos of celebrities last year. He made use of deep learning techniques to insert celebrities’ faces into the adult movies. Since then the term “Deepfakes” has been used to describe deep learning techniques that help create realistic looking fake videos or images. Video tampering is usually done using generative adversarial networks. Why is everyone afraid of deepfakes? Deepfakes are problematic as they make it very hard to differentiate between the fake and real videos or images. This gives people the liberty to use deepfakes for promoting harassment and illegal activities. The most common use of deepfakes is found in revenge porn, fake celebrities videos and political abuse. For instance, people create face-swap porn videos of ex-girlfriends, classmates, politicians, celebrities, and teachers. This not only counts as cyberbullying but poses major threat overall as one can create a fake video showing world leaders declaring war on a country. Moreover, given that deepfakes seem so real, its victims often suffer through feelings of embarrassment and shame. Deepfakes also cause major reputational harm. One such example is of a 24-year-old, Noelle Martin, whose battle with deepfake pornography started six years ago. Anonymous predators stole her non-sexual images online and then doctored them into pornographic videos. Martin says she faces harassment from people till this day. Other victims of deepfakes pornography include celebrities such as Michelle Obama, Emma Watson, Natalie Portman, Ivanka Trump, Kate Middleton, and so forth. But, Deepfakes isn’t just limited to pornography and has made its way to many other spheres. Deepfakes can also be used as a weapon of misinformation since they can be used to maliciously hoax governments, populations and cause internal conflict. From destroying careers by creating fake evidence of them doing something inappropriate to showing soldiers killing innocent civilians, deepfakes have been wreaking havoc. In defense of deepfakes Just as any tool can be used for good and bad, deepfakes is just an effective machine learning tool that creates realistic videos. Even though deepfakes are majorly used for inappropriate activities, some have put it to good use. For instance, GANs or generative adversarial networks (which help create deepfakes) can create realistic images of skin lesions and create examples of liver lesions, which plays a major role in medical research. Other examples include filmmakers using deepfakes for making great videos with swapped in backgrounds, snapchat face swap photo filters, and face swap e-cards (eg; jib jab app) among others.   Are deepfakes trick or treat? If we make pros and cons list for deepfakes, cons seem to outweigh the pros as of today. Although it has its potential good applications, it is majorly used as a tool for harassing and misinforming people. There is a long way to go till deepfakes achieves itself a good rep and right now, it is mostly fake videos, fake images, false danger warnings, and revenge porn. Trick or treat? I spy a total TRICK!
Read more
  • 0
  • 0
  • 4368

article-image-how-artificial-intelligence-can-improve-pentesting
Melisha Dsouza
21 Oct 2018
8 min read
Save for later

How artificial intelligence can improve pentesting

Melisha Dsouza
21 Oct 2018
8 min read
686 cybersecurity breaches were reported in the first three months of 2018 alone, with unauthorized intrusion accounting for 38.9% of incidents. And with high-profile data breaches dominating headlines, it’s clear that while modern, complex software architecture might be more adaptable and data-intensive than ever, securing that software is proving a real challenge. Penetration testing (or pentesting) is a vital component within the cybersecurity toolkit. In theory, it should be at the forefront of any robust security strategy. But it isn’t as simple as just rolling something out with a few emails and new software - it demands people with great skills, as well a culture where stress testing and hacking your own system is viewed as a necessity, not an optional extra. This is where artificial intelligence comes in - the automation that you can achieve through artificial intelligence could well help make pentesting much easier to do consistently and at scale. In turn, this would help organizations tackle both issues of skills and culture, and get serious about their cybersecurity strategies. But before we dive deeper into artificial intelligence and pentesting, let’s take a look at where we are now, and the shortcomings of established pentesting methods. The shortcomings of established methods of pentesting Typically, pentesting is carried out in 5 stages: Source: Incapsula Every one of these stages, when carried out by humans, opens up the chance of error. Yes, software is important, but contextual awareness and decisions are required.. This process, then, provides plenty of opportunities for error. From misinterpreting data - like thinking a system is secure, when actually it isn’t - to taking care of evidence and thoroughly and clearly recording the results of pentests, even the most experienced pentester will get things wrong. But even if you don’t make any mistakes, this whole process is hard to do well at scale. It requires a significant amount of time and energy to test a piece of software, which, given the pace of change created by modern processes, makes it much harder to maintain the levels of rigor you ultimately want from pentesting. This is where artificial intelligence comes in. The pentesting areas that artificial intelligence can impact Let’s dive into the different stages of pentesting that AI can impact. #1 Reconnaissance Stage The most important stage in pentesting is the Reconnaissance or information gathering stage. As rightly said by many in cybersecurity, "The more information gathered, the higher the likelihood of success." Therefore, a significant amount of time should be spent obtaining as much information as possible about the target. Using AI to automate this stage would provide accurate results as well as save a lot of time invested. Using a combination of Natural Language Processing, Computer Vision, and Artificial Intelligence, experts can identify a wide variety of details that can be used to build a profile of the company, its employees, the security posture, and even the software/hardware components of the network and computers. #2 Scanning Stage Comprehensive coverage is needed In the scanning phase. Manually scanning through thousands if systems in an organization is not ideal. NNor is it ideal to interpret the results returned by scanning tools. AI can be used to tweak the code of the scanning tools to scan systems as well as interpret the results of the scan. It can help save pentesters time and help in the overall efficiency of the pentesting process. AI can focus on test management and the creation of test cases automatically that will check if a particular program can be tagged having security flaw. They can also be used to check how a target system responds to an intrusion. #3 Gaining and Maintaining access stage Gaining access phase involves taking control of one or more network devices in order to either extract data from the target, or to use that device to then launch attacks on other targets. Once a system is scanned for vulnerabilities, the pentesters need to ensure that the system does not have any loopholes that attackers can exploit to get into the network devices. They need to check that the network devices are safely protected with strong passwords and other necessary credentials. AI-based algorithms can try out different combinations of passwords to check if the system is susceptible for a break-in. The algorithms can be trained to observe user data, look for trends or patterns to make inferences about possible passwords used. Maintaining access focuses on establishing other entry points to the target. This phase is expected to trigger mechanisms, to ensure that the penetration tester’s security when accessing the network. AI-based algorithms should be run at equal intervals to time to guarantee that the primary path to the device is closed. The algorithms should be able to discover backdoors, new administrator accounts, encrypted channels, new network access channels, and so on. #4 Covering Tracks And Reporting The last stage tests whether an attacker can actually remove all traces of his attack on the system. Evidence is most often stored in user logs, existing access channels, and in error messages caused by the infiltration process. AI-powered tools can assist in the discovery of hidden backdoors and multiple access points that haven't been left open on the target network; All of these findings should be automatically stored in a report with a proper timeline associated with every attack done. A great example of a tool that efficiently performs all these stages of pentesting is CloudSEK’s X-Vigil. This tool leverages AI to extract data, derive analysis and discover vulnerabilities in time to protect an organization from data breach. Manual vs automated vs AI-enabled pentesting Now that you have gone through the shortcomings of manual pen testing and the advantages of AI-based pentesting, let’s do a quick side-by-side comparison to understand the difference between the two.   Manual Testing Automated Testing AI enabled pentesting Manual testing is not accurate at all times due to human error This is more likely to return false positives AI enabled pentesting is accurate as compared to automated testing Manual testing is time-consuming and takes up human resources.   Automated testing is executed by software tools, so it is significantly faster than a manual approach.   AI enabled testing does not consume much time. The algorithms can be deployed for thousands of systems at a single instance. Investment is required for human resources.   Investment is required for testing tools. AI will save the investment for human resources in pentesting. Rather, the same employees can be used to perform less repetitive and more efficient tasks Manual testing is only practical when the test cases are run once or twice, and frequent repetition is not required..   Automated testing is practical when tools find test vulnerabilities out of programmable bounds AI-based pentesting is practical in organizations with thousands of systems that need to be tested at once to save time and resources.   AI-based pentesting tools Pentoma is an AI-powered penetration testing solution that allows software developers to conduct smart hacking attacks and efficiently pinpoint security vulnerabilities in web apps and servers. It identifies holes in web application security before hackers do, helping prevent any potential security damages. Pentoma analyzes web-based applications and servers to find unknown security risks.In Pentoma, with each hacking attempt, machine learning algorithms incorporate new vulnerability discoveries, thus continuously improving and expanding threat detection capability. Wallarm Security Testing is another AI based testing tool that discovers network assets, scans for common vulnerabilities, and monitors application responses for abnormal patterns. It discovers application-specific vulnerabilities via Automated Threat Verification. The content of a blocked malicious request is used to create a sanitized test with the same attack vector to see how the application or its copy in a sandbox would respond. With such AI based pentesting tools, pentesters can focus on the development process itself, confident that applications are secured against the latest hacking and reverse engineering attempts, thereby helping to streamline a product’s time to market. Perhaps it is the increase in the number of costly data breaches or the continually expanding attack and proliferation of sensitive data and the attempt to secure them with increasingly complex security technologies that businesses lack in-house expertise to properly manage. Whatever be the reason, more organizations are waking up to the fact that if vulnerabilities are not caught in time can be catastrophic for the business. These weaknesses, which can range from poorly coded web applications, to unpatched databases to exploitable passwords to an uneducated user population, can enable sophisticated adversaries to run amok across your business.  It would be interesting to see the growth of AI in this field to overcome all the aforementioned shortcomings. 5 ways artificial intelligence is upgrading software engineering Intelligent Edge Analytics: 7 ways machine learning is driving edge computing adoption in 2018 8 ways Artificial Intelligence can improve DevOps
Read more
  • 0
  • 0
  • 13232
Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at $19.99/month. Cancel anytime
article-image-why-uber-created-hudi-an-open-source-incremental-processing-framework-on-apache-hadoop
Bhagyashree R
19 Oct 2018
3 min read
Save for later

Why did Uber created Hudi, an open source incremental processing framework on Apache Hadoop?

Bhagyashree R
19 Oct 2018
3 min read
In the process of rebuilding its Big Data platform, Uber created an open-source Spark library named Hadoop Upserts anD Incremental (Hudi). This library permits users to perform operations such as update, insert, and delete on existing Parquet data in Hadoop. It also allows data users to incrementally pull only the changed data, which significantly improves query efficiency. It is horizontally scalable, can be used from any Spark job, and the best part is that it only relies on HDFS to operate. Why is Hudi introduced? Uber studied its current data content, data access patterns, and user-specific requirements to identify problem areas. This research revealed the following four limitations: Scalability limitation in HDFS Many companies who use HDFS to scale their Big Data infrastructure face this issue. Storing large numbers of small files can affect the performance significantly as HDFS is bottlenecked by its NameNode capacity. This becomes a major issue when the data size grows above 50-100 petabytes. Need for faster data delivery in Hadoop Since Uber operates in real time, there was a need for providing services the latest data. It was important to make the data delivery much faster, as the 24-hour data latency was way too slow for many of their use cases. No direct support for updates and deletes for existing data Uber used snapshot-based ingestion of data, which means a fresh copy of source data was ingested every 24 hours. As Uber requires the latest data for its business, there was a need for a solution which supports update and delete operations for existing data. However, since their Big Data is stored in HDFS and Parquet, direct support for update operations on existing data is not available. Faster ETL and modeling ETL and modeling jobs were also snapshot-based, requiring their platform to rebuild derived tables in every run. ETL jobs also needed to become incremental to reduce data latency. How Hudi solves the aforementioned limitations? The following diagram shows Uber's Big Data platform after the incorporation of Hudi: Source: Uber Regardless of whether the data updates are new records added to recent date partitions or updates to older data, Hudi allows users to pass on their latest checkpoint timestamp and retrieve all the records that have been updated since. This data retrieval happens without running an expensive query that scans the entire source table. Using this library Uber has moved to an incremental ingestion model leaving behind the snapshot-based ingestion. As a result, the data latency was reduced from 24 hrs to less than one hour. To know about Hudi in detail, check out Uber’s official announcement. How can Artificial Intelligence support your Big Data architecture? Big data as a service (BDaaS) solutions: comparing IaaS, PaaS and SaaS Uber’s Marmaray, an Open Source Data Ingestion and Dispersal Framework for Apache Hadoop
Read more
  • 0
  • 0
  • 11408

article-image-6-common-use-cases-of-reverse-proxy-scenarios
Guest Contributor
05 Oct 2018
6 min read
Save for later

6 common use cases of Reverse Proxy scenarios

Guest Contributor
05 Oct 2018
6 min read
Proxy servers are used as intermediaries between a client and a website or online service. By routing traffic through a proxy server, users can disguise their geographic location and their IP address. Reverse proxies, in particular, can be configured to provide a greater level of control and abstraction, thereby ensuring the flow of traffic between clients and servers remains smooth. This makes them a popular tool for individuals who want to stay hidden online, but they are also widely used in enterprise settings, where they can improve security, allow tasks to be carried out anonymously, and control the way employees are able to use the internet. What is a Reverse Proxy? A reverse proxy server is a type of proxy server that usually exists behind the firewall of a private network. It directs any client requests to the appropriate server on the backend. Reverse proxies are also used as a means of caching common content and compressing inbound and outbound data, resulting in a faster and smoother flow of traffic between clients and servers. Furthermore, the reverse proxy can handle other tasks, such as SSL encryption, further reducing the load on web servers. There is a multitude of scenarios and use cases in which having a reverse proxy can make all the difference to the speed and security of your corporate network. By providing you with a point at which you can inspect traffic and route it to the appropriate server, or even transform the request, a reverse proxy can be used to achieve a variety of different goals. Load Balancing to route incoming HTTP requests This is probably the most familiar use of reverse proxies for many users. Load balancing involves the proxy server being configured to route incoming HTTP requests to a set of identical servers. By spreading incoming requests across these servers, the reverse proxies are able to balance out the load, therefore sharing it amongst them equally. The most common scenario in which load balancing is employed is when you have a website that requires multiple servers. This happens due to the volume of requests, which are too much for one server to handle efficiently. By balancing the load across multiple servers, you can also move away from an architecture that features a single point of failure. Usually, the servers will all be hosting the same content, but there are also situations in which the reverse proxy will also be retrieving specific information from one of a number of different servers. Provide security by monitoring and logging traffic By acting as the mediator between clients and your system’s backend, a reverse proxy server can hide the overall structure of your backend servers. This is because the reverse proxy will capture any requests that would otherwise go to those servers and handle them securely. A reverse proxy can also improve security by providing businesses with a point at which they can monitor and log traffic flowing through their network. A common use case in which a reverse proxy is used to bolster the security of a network would be the use of a reverse proxy as an SSL gateway. This allows you to communicate using HTTP behind the firewall without compromising your security. It also saves you the trouble of having to configure security for each server behind the firewall individually. A rotating residential proxy, also known as a backconnect proxy, is a type of proxy that frequently changes the IP addresses and connections that the user uses. This allows users to hide their identity and generate a large number of requests without setting alarms off. A reverse rotating residential proxy can be used to improve the security of a corporate network or website. This is because the servers in question will display the information for the proxy server while keeping their own information hidden from potential attackers. No need to install certificates on your backend servers with SSL Termination SSL termination process occurs when an SSL connection server ends, or when the traffic shifts between encrypted and unencrypted requests. By using a reverse proxy to handle any incoming HTTPS connections, you can have the proxy server decrypt the request, and then pass on the unencrypted request to the appropriate server. Taking this approach offers practical benefits. For example, it eliminates the need to install certificates on your backend servers. It also provides you with a single configuration point for managing SSL/TLS. Removing the need for your web servers to undertake this decryption means that you are also reducing the processing load on the server. Serve static content on behalf of backend servers Some reverse proxy servers can be configured to also act as web servers. Websites contain a mixture of dynamic content, which changes over time, and static content, which always remains the same. If you can configure your reverse proxy server to serve up static content on behalf of backend servers, you can greatly reduce the load, freeing up more power for dynamic content rendering. Alternatively, a reverse proxy can be configured to behave like a cache. This allows it to store and serve content that is frequently requested, thereby further reducing the load on backend servers. URL Rewriting before they go on to the backend servers Anything that a business can do to easily to improve their SEO score is worth considering. Without an investment in your SEO, your business or website will remain invisible to search engine users. With URL rewriting, you can compensate for any legacy systems you use, which produce URLs that are less than ideal for SEO. With a reverse proxy server, the URLs can be automatically reformatted before they are passed on to the backend servers. Combine Different Websites into a Single URL Space It is often desirable for a business to adopt a distributed architecture whereby different functions are handled by different components. With a reverse proxy, it is easy to route a single URL to a multitude of components. To anyone who uses your URL, it will simply appear as if they are moving to another page on the website. In fact, each page within that URL might actually be connecting to a completely different backend service. This is an approach that is widely used for web service APIs. To sum up, the primary function of a reverse proxy is load balancing, ensuring that no individual backend server becomes inundated with more traffic or requests than it can handle. However, there are a number of other scenarios in which a reverse proxy can potentially offer enormous benefits. About the author Harold Kilpatrick is a cybersecurity consultant and a freelance blogger. He's currently working on a cybersecurity campaign to raise awareness around the threats that businesses can face online. Read Next HAProxy introduces stick tables for server persistence, threat detection, and collecting metrics How to Configure Squid Proxy Server Acting as a proxy (HttpProxyModule)
Read more
  • 0
  • 0
  • 26889

article-image-defending-your-business-from-the-next-wave-of-cyberwar-iot-threats
Guest Contributor
15 Sep 2018
6 min read
Save for later

Defending your business from the next wave of cyberwar: IoT Threats

Guest Contributor
15 Sep 2018
6 min read
There’s no other word for the destabilization of another nation through state action other than war -- even if it’s done with ones and zeros. Recent indictments of thirteen Russians and three Russian companies tampering with US elections is a stark reminder. Without hyperbole it is safe to say that we are in the throes of an international cyber war and the damage is spreading massively over the corporate economy. Reports have reached a fever pitch and the costs globally are astronomical. According to Cybersecurity Ventures, damage related to cybercrime in general is projected to hit $6 trillion annually by 2021. Over the past year, journalists for many news agencies have reported credible studies regarding the epidemic of state sponsored cyber attacks. Wired and The Washington Post among many others have outlined threats that have reached the US energy grid and other elements of US infrastructure. However, the cost to businesses is just as devastating. While many attacks have been government targeted, businesses are increasingly at risk from state sponsored cyber campaigns. A recent worldwide threat assessment from the US Department of Justice discusses several examples of state-sponsored cyber attacks that affect commercial entities including diminishing trust from consumers, ransomware proliferation, IoT threats, the collateral damage from disruptions of critical infrastructure, and the disruption of shipping lanes. How Cyberwar Affects Us on a Personal Level An outcome of cyberwarfare that isn’t usually considered, but a large amount of damage is reflected in human capital. This can be found in the undermining of consumer and employee confidence in the ability of a company to protect data. According to a recent study examining how Americans feel about internet privacy in 2018, 51% of respondents said their main concern was online threats stealing their information, and over a quarter listed that they were particularly concerned about companies collecting/sharing their personal data. This kind of consumer fear is justified by a seeming lack of ability of companies to protect the data of individuals. Computing and quantitative business expert Dr. Benjamin Silverstone points out that recent cyber-attacks focus on the information of consumers (rather than other confidential documentation or state secrets which may have greater protection). Silverstone says, “Rather than blaming the faceless cyber-criminals, consumers will increasingly turn to the company that is being impersonated to ask how this sort of thing could happen in the first place. The readiness to share details online, even with legitimate companies, is being affected and this will damage their business in the long term.” So, how can businesses help restore consumer confidence? You should: Increase your budget toward better cybercrime solutions and tell your consumers about it liberally. Proven methods include investing in firewalls with intrusion prevention tools, teaching staff how to detect and avoid malware software, and enforcing strict password protocols to bolster security. Invest in two-factor authorization so that consumers feel safer when accessing your product Educate your consumer base -- it is equally important that everyone be more aware when it comes to cyber attack. Give your consumers regular updates about suspected scams and send tips and tricks on password safety. Ransomware and Malware Attacks CSO Online reports that ransomware damage costs exceeded $5 billion in 2017, 15 times the cost in 2015. Accordingly, Cybersecurity Ventures says that costs from ransomware attacks will rise to $11.5 billion next year. In 2019, they posit, a business will fall victim to a ransomware attack every 14 seconds. But is This International Warfare? The North Korean government’s botnet has been shown to be able to pull off DDoS attacks and is linked to the wannacry ransomware attack. In 2017, over 400,000 machines were infected by the wannacry virus, costing companies  over $4 Billion in over 150 countries. To protect yourself from ransomware attacks: Back up your data often and store in non-networked spaces or on the cloud. Ransomware only works if there is a great deal of data that is at risk. Encrypt whatever you can and keep firewalls/two-factor authorization in place wherever possible. Keep what cyber experts call the  “crown jewels” (the top 5% most important and confidential documents) on a dedicated computer with very limited access. The Next Wave of Threat - IoT IoT devices make mundane tasks like scheduling or coordination more convenient. However, proliferation of these devices create cybersecurity risk. Companies are bringing in devices like printers and coffee makers that are avenues for hackers to enter a network.   Many experts point to IoT as their primary concern. A study from shared assessment found that 97% of IT respondents felt that unsecured IoT devices could cause catastrophic levels of damage to their company. However, less than a third of the companies represented reported thorough monitoring of the risks associated with third-party technology. Here’s a list of how to protect yourself from IoT threats: Evaluate what data IoT devices are accumulating and limit raw storage. Create policies regarding anonymizing user data as much as possible. Apply security patches to any installed IoT device. This can be as simple as making sure you change the default password. Vet your devices - make sure you are buying from sources that (you believe) will be around a long time. If the business you purchase your IoT device from goes under, they will stop updating safety protocols. Make a diversified plan, just in case major components of your software set up are compromised. While we may not be soldiers, a war is currently on that affects us all and everyone must be vigilant. Ultimately, communication is key. Consumers rely on businesses to protect them from individual attack. These are individuals who are more likely to remain your customers if you can demonstrate how you are maneuvering to respond to global threats. About the author           Zach is a freelance writer who likes to cover all things tech. In particular, he enjoys writing about the influence of emerging technologies on both businesses and consumers. When he's not blogging or reading up on the latest tech trend, you can find him in a quiet corner reading a good book, or out on the track enjoying a run. New cybersecurity threats posed by artificial intelligence Top 5 cybersecurity trends you should be aware of in 2018 Top 5 cybersecurity myths debunked  
Read more
  • 0
  • 0
  • 3979

article-image-new-cybersecurity-threats-posed-by-artificial-intelligence
Savia Lobo
05 Sep 2018
6 min read
Save for later

New cybersecurity threats posed by artificial intelligence

Savia Lobo
05 Sep 2018
6 min read
In 2017, the cybersecurity firm Darktrace reported a novel attack that used machine learning to observe and learn normal user behavior patterns inside a network. The malignant software began to mimic normal behavior thus blending it into the background and become difficult for security tools to spot. Many organizations are exploring the use of AI and machine learning to secure their systems against malware or cyber attacks. However, given their nature for self-learning, these AI systems have now reached a level where they can be trained to be a threat to systems i.e., go on the offensive. This brings us to a point where we should be aware of different threats that AI poses on cybersecurity and how we should be careful while dealing with it. What cybersecurity threats does AI pose? Hackers use AI as an effective weapon to intrude into organizations AI not only helps in defending against cyber attacks but can also facilitate cyber attacks. These AI-powered attacks can even bypass traditional means of countering attacks. Steve Grobman, chief technology officer at McAfee said, “AI, unfortunately, gives attackers the tools to get a much greater return on their investment.” A simple example where hackers are using AI to launch an attack is via spear phishing. AI systems with the help of machine learning models can easily mimic humans by crafting convincing fake messages. Using this art, hackers can use them to carry out increased phish attacks. Attackers can also use AI to create a malware for fooling sandboxes or programs that try to spot rogue code before it is deployed in companies' systems Machine learning poisoning Attackers can learn how the machine learning workflow processes function and once they spot any vulnerability, they can try to confuse these ML models. This is known as Machine learning poisoning. This process is simple. The attacker just needs to poison the data pool from which the algorithm is learning. Till date, we have trusted CNNs in areas such as image recognition and classification. Autonomous vehicles too use CNNs to interpret the street designs. The CNNs depend on training resources (which can come from cloud or third parties) to effectively function. Attackers can poison these sources by setting up backdoor images or via a man-in-the-middle attack where the attacker intercepts the data sent to the Cloud GPU service. Such cyber attacks are difficult to detect and can evade into the standard validation testing. Bot cyber-criminals We enjoy talking to chatbots without even realizing how much we are sharing with them. Also, chatbots can be programmed to keep up conversations with users in a way to sway them into revealing their personal or financial info, attachments and so on. A Facebook bot, in 2016, represented itself as a friend and tricked 10,000 Facebook users into installing a malware. Once the malware was compromised, it hijacked the victims’ Facebook account. AI-enabled botnets can exhaust human resources via online portals and phone support. Most of us using AI conversational bots such as Google Assistant or Amazon’s Alexa do not realize how much they know about us. Being an IoT driven tech, they have the ability to always listen, even the private conversations happening around them. Moreover, some chatbots are ill-equipped for secure data transmissions such as HTTPS protocols or Transport Level Authentication (TLA) and can be easily used by cybercriminals. Cybersecurity in the age of AI attacks As machine driven cyber threats are ever evolving, policymakers should closely work with technical researchers to investigate, prevent, and mitigate potential malicious uses of AI. Conducting deliberate red team exercises in the AI/cybersecurity domain similar to the DARPA Cyber Grand Challenge but across a wider range of attacks (e.g. including social engineering, and vulnerability exploitation beyond memory attacks). This will help to better understand the skill levels required to carry out certain attacks and defenses and to understand how well they work in practice. Disclosing AI zero-day vulnerabilities: These software vulnerabilities are the ones that have not been made publicly known (and thus defenders have zero days to prepare for an attack making use of them). It is good to disclose these vulnerabilities to affected parties before publishing widely about them, in order to provide an opportunity for a patch to be developed. Testing security tools: Software development and deployment tools have evolved to include an increasing array of security-related capabilities (testing, fuzzing, anomaly detection, etc.). Researchers can envision tools to test and improve the security of AI components and systems integrated with AI components during development and deployment so that they are less amenable to attack. Use of central access licensing model: This model has been adopted in the industry for AI-based services such as sentiment analysis and image recognition. It can also place limits on the malicious use of the underlying AI technologies. For instance, it can impose limitations on the speed of use, and prevent some large-scale harmful applications. It also contains certain terms and conditions that can explicitly prohibit the malicious use, thus allowing clear legal recourse. Using Deep Machine learning systems to detect patterns of abnormal activity. By using these patterns, AI and Machine learning can be trained to track information and deliver predictive analysis. Self- learning AI systems or reinforcement learning systems can be used to learn the behavioral pattern of the opponent AI systems and adapt themselves in a way to combat malicious intrusion. Transfer learning can be applied to any new AI system which is to be trained to defend against AI. Here, the system can be used to detect novel cyber attacks by training it on the knowledge or data obtained from other labelled and unlabelled data sets, which contain different types of attacks and feed the representation to a supervised classifier. Conclusion AI is being used by hackers on a large scale and can soon turn unstoppable given its potential for finding patterns, a key to finding systemic vulnerabilities. Cybersecurity is such a domain where the availability of data is vast; be it personal, financial, or public data, all of which is easily accessible. Hackers find ways and means to obtain this information secretly. This threat can quickly escalate as an advanced AI can easily educate itself, learn the ways adopted by hackers and can, in turn, come back with a much devastating way of hacking. Skepticism welcomes Germany’s DARPA-like cybersecurity agency – The federal agency tasked with creating cutting-edge defense technology 6 artificial intelligence cybersecurity tools you need to know Defending Democracy Program: How Microsoft is taking steps to curb increasing cybersecurity threats to democracy  
Read more
  • 0
  • 0
  • 8166
article-image-how-to-beat-cyber-interference-in-an-election-process
Guest Contributor
05 Sep 2018
6 min read
Save for later

How to beat Cyber Interference in an Election process

Guest Contributor
05 Sep 2018
6 min read
The battle for political influence and power is transcending all boundaries and borders. There are many interests at stake, and some parties, organizations, and groups are willing to pull out the “big guns” in order to get what they want. “Hacktivists” are gaining steam and prominence these days. However, governmental surveillance and even criminal (or, at the very least, morally questionable) activity can happen, too, and when it does, the scandal rises to the most relevant headlines in the world’s most influential papers. That was the case in the United States’ presidential election of 2016 and in France’s most recent process. Speaking of the former, the Congress and the Department of Investigations revealed horrifying details about Russian espionage activity in the heat of the battle between Democrat Hillary Clinton and Republican Donald Trump, who ended up taking the honors. As for the latter, the French had better luck in their quest to prevent the Russians to wreak havoc in the digital world. In fact, it wasn’t luck: it was due diligence, a sense of responsibility, and a clever way of using past experiences (such as what happened to the Americans) to learn and adjust. Russia’s objective was to influence the outcome of the process by publishing top secret and compromising conversations between high ranked officials. In their attempt to intervene the American elections, they managed to get in networks and systems controlled by the state to publish fake news, buy Facebook ads, and employ bots to spread the fake news pieces. How to stop cyber interference during elections Everything should start with awareness about how to avoid hacking attacks, as well as a smoother communication and integration between security layers. Since the foundation of it all is the law, each country needs to continually make upgrades to have all systems ready to avoid and fight cyber interference in the election and in all facets of life. Diplomatic relationships need to understand just how far a nation state can go in the case of defending their sovereignty against such crimes. Pundits and experts in the matter state that until the system is hacking-proof and can offer reliability, every state needs to gather and count hand votes as a backup to digital votes. Regarding this, some advocates recently told the Congress that the United States should implement paper ballots that are prepared to provide physical evidence of every vote, effectively replacing the unreliable and vulnerable machines currently used. According to J. Alex Halderman, who is a computer science teacher, this ballot might look “low tech” to the average eye, but they represent a “reliable and cost-effective defense.” Paying due attention to every detail Government authorities need to pay better attention to propaganda (especially Russian propaganda), because it may show patterns about the nation’s intentions. By now, we all know what the Russians are capable of, and figuring out their intentions would go a long way in helping the country prepare to future attacks in a better way. The American government may also require Russian media and social platforms to register under the FARA, which is the Foreign Agents Registration Act. That way, there will be a more efficient database about who is a foreign agent of influence. One of the most critical corrective measures to be taken in the future is prohibiting the chance of buying advertising that directly influences the outcome of certain processes and elections. Handing diplomatic sanctions just isn’t enough Lately, the US Congress, approved by president Trump, has been handing sanctions to people involved in the 2016 cyber attack. However, a far more effective measure to take would be enhancing cyber defense, because it can offer immediate detection of threats and is well-equipped to bring to an end any network intrusions. According to scientist Thomas Schelling, the fear of the consequences of any given situation can be a powerful motivator, but it can be difficult to deter individuals or organizations that can’t be easily tracked and identified, and act behind irrational national ideologies and political goals. Instead, adopting cyber defense can stop any intrusion in time and offer more efficient punishments. Active defense is legally viable and a very capable solution because it can disrupt the perpetrators outside networks. Enabling the “hack back” approach can allow countries to take justice into their own hands in case of any cyber attack attempt. The next step would be working on lowering the required threshold to enable this kind of response. Cyber defense is the way to go Cyber defense measures can be very versatile and have proven effectiveness. Take the example of France: in the most recent elections, French intelligence watched Russian cyber activity for the duration of the election campaign of Emmanuel Macron. Some strategies include letting the hackers steal fake files and documents, misleading them and making them waste their time. The cyber defense can also ensure to embed beacons that can disclose the attackers’ current location or mess with their networks. There is even a possibility of erasing stolen information. In the case of France, cyber defense specialists were one step ahead of the Russians: they made false email accounts and introduced numerous fake documents and files that discouraged the Russians. Known systems, networks, and platforms The automated capabilities of cyber defense can trump any malicious attempt or digital threat. For example, the LightCyber Magna platform can perceive big amounts of information. Such a system may have been able to stop Russian hackers from installing malware on the DMC (Democratic National Committee). Another cyber defense tool, the Palo Alto Network Traps, are known to block malware as strong as the WannaCry ransomware attack that encrypted more than 200,000 computers in almost a hundred countries. Numerous people lost their data or had to pay thousands of dollars to recover it. VPN: an efficient cybersecurity tool Another perfectly usable cyber defense tools are Virtual Private Networks. VPNs such as Surfshark can encrypt all traffic shared online, as well as the user’s IP address. They effectively provide anonymous browsing as well as privacy. Cyber defense isn’t just a luxury that just a handful of countries can afford: it is a necessity as a tool that helps combat cyber interference not only in elections but in every facet of life and international relationships. Author Bio Harold is a cybersecurity consultant and a freelance blogger. He's currently working on a cybersecurity campaign to raise awareness around the threats that businesses can face online. Top 5 cybersecurity myths debunked Skepticism welcomes Germany’s DARPA-like cybersecurity agency – The federal agency tasked with creating cutting-edge defense technology How cybersecurity can help us secure cyberspace
Read more
  • 0
  • 0
  • 2619

article-image-6-artificial-intelligence-cybersecurity-tools-you-need-to-know
Savia Lobo
25 Aug 2018
7 min read
Save for later

6 artificial intelligence cybersecurity tools you need to know

Savia Lobo
25 Aug 2018
7 min read
Recently, most of the organizations experienced severe downfall due to an undetected malware, Deeplocker, which secretly evaded even the stringent cyber security mechanisms. Deeplocker leverages the AI model to attack the target host by using indicators such as facial recognition, geolocation and voice recognition. This incidence speaks volumes about the big role AI plays in the cybersecurity domain. In fact, some may even go on to say that AI for cybersecurity is no longer a nice to have tech rather a necessity. Large and small organizations and even startups are hugely investing in building AI systems to analyze the huge data trove and in turn, help their cybersecurity professionals to identify possible threats and take precautions or immediate actions to solve it. If AI can be used in getting the systems protected, it can also harm it. How? The hackers and intruders can also use it to launch an attack--this would be a much smarter attack--which would be difficult to combat. Phishing, one of the most common and simple social engineering cyber attack is now easy for attackers to master. There are a plethora of tools on the dark web that can help anyone to get their hands on phishing. In such trying conditions, it is only imperative that organizations take necessary precautions to guard their information castles. What better than AI? How 6 tools are using artificial intelligence for cybersecurity Symantec’s Targeted attack analytics (TAA) tool This tool was developed by Symantec and is used to uncover stealthy and targeted attacks. It applies AI and machine learning on the processes, knowledge, and capabilities of the Symantec’s security experts and researchers. The TAA tool was used by Symantec to counter the Dragonfly 2.0 attack last year. This attack targeted multiple energy companies and tried to gain access to operational networks. Eric Chein, Technical Director of Symantec Security says, “ With TAA, we’re taking the intelligence generated from our leading research teams and uniting it with the power of advanced machine learning to help customers automatically identify these dangerous threats and take action.” The TAA tools analyze incidents within the network against the incidents found in their Symantec threat data lake. TAA unveils suspicious activity in individual endpoints and collates that information to determine whether each action indicate hidden malicious activity. The TAA tools are now available for Symantec Advanced Threat Protection (ATP) customers. Sophos’ Intercept X tool Sophos is a British security software and hardware company. Its tool, Intercept X, uses a deep learning neural network that works similar to a human brain. In 2010, the US Defense Advanced Research Projects Agency (DARPA) created their first Cyber Genome Program to uncover the ‘DNA’ of malware and other cyber threats, which led to the creation of algorithm present in the Intercept X. Before a file executes, the Intercept X is able to extract millions of features from a file, conduct a deep analysis, and determine if a file is benign or malicious in 20 milliseconds. The model is trained on real-world feedback and bi-directional sharing of threat intelligence via an access to millions of samples provided by the data scientists. This results in high accuracy rate for both existing and zero-day malware, and a lower false positive rate. Intercept X utilizes behavioral analysis to restrict new ransomware and boot-record attacks.  The Intercept X has been tested on several third parties such as NSS labs and received high-scores. It is also proven on VirusTotal since August of 2016. Maik Morgenstern, CTO, AV-TEST said, “One of the best performance scores we have ever seen in our tests.” Darktrace Antigena Darktrace Antigena is Darktrace’s active self-defense product. Antigena expands Darktrace’s core capabilities to detect and replicate the function of digital antibodies that identify and neutralize threats and viruses. Antigena makes use of Darktrace’s Enterprise Immune System to identify suspicious activity and responds to them in real-time, depending on the severity of the threat. With the help of underlying machine learning technology, Darktrace Antigena identifies and protects against unknown threats as they develop. It does this without the need for human intervention, prior knowledge of attacks, rules or signatures. With such automated response capability, organizations can respond to threats quickly, without disrupting the normal pattern of business activity. Darktrace Antigena modules help to regulate user and machine access to the internet, message protocols and machine and network connectivity via various products such as Antigena Internet, Antigena Communication, and Antigena network. IBM QRadar Advisor IBM’s QRadar Advisor uses the IBM Watson technology to fight against cyber attacks. It uses AI to auto-investigate indicators of any compromise or exploit. QRadar Advisor uses cognitive reasoning to give critical insights and further accelerates the response cycle. With the help of IBM’s QRadar Advisor, security analysts can assess threat incidents and reduce the risk of missing them. Features of the IBM QRadar Advisor Automatic investigations of incidents QRadar Advisor with Watson investigates threat incidents by mining local data using observables in the incident to gather broader local context. It later quickly assesses the threats regarding whether they have bypassed layered defenses or were blocked. Provides Intelligent reasoning QRadar identifies the likely threat by applying cognitive reasoning. It connects threat entities related to the original incident such as malicious files, suspicious IP addresses, and rogue entities to draw relationships among these entities. Identifies high priority risks With this tool, one can get critical insights on an incident, such as whether or not a malware has executed, with supporting evidence to focus your time on the higher risk threats. Then make a decision quickly on the best response method for your business. Key insights on users and critical assets IBM’s QRadar can detect suspicious behavior from insiders through integration with the User Behavior Analytics (UBA) App and understands how certain activities or profiles impact systems. Vectra’s Cognito Vectra’s Cognito platform uses AI to detect attackers in real-time. It automates threat detection and hunts for covert attackers. Cognito uses behavioral detection algorithms to collect network metadata, logs and cloud events. It further analyzes these events and stores them to reveal hidden attackers in workloads and user/IoT devices. Cognito platform consists of Cognito Detect and Cognito Recall. Cognito Detect reveals hidden attackers in real time using machine learning, data science, and behavioral analytics. It automatically triggers responses from existing security enforcement points by driving dynamic incident response rules. Cognito Recall determines exploits that exist in historical data. It further speeds up detection of incident investigations with actionable context about compromised devices and workloads over time. It’s a quick and easy fix to find all devices or workloads accessed by compromised accounts and identify files involved in exfiltration. Just as diamond cuts diamond, AI cuts AI. By using AI to attack and to prevent on either side, AI systems will learn different and newer patterns and also identify unique deviations to security analysts. This provides organizations to resolve an attack on the way much before it reaches to the core. Given the rate at which AI and machine learning are expanding, the days when AI will redefine the entire cybersecurity ecosystem are not that far. DeepMind AI can spot over 50 sight-threatening eye diseases with expert accuracy IBM’s DeepLocker: The Artificial Intelligence powered sneaky new breed of Malware 7 Black Hat USA 2018 conference cybersecurity training highlights Top 5 cybersecurity trends you should be aware of in 2018  
Read more
  • 0
  • 0
  • 16657

article-image-what-the-future-holds-for-privacy-its-got-artificial-intelligence
Guest Contributor
21 Aug 2018
8 min read
Save for later

Do you want to know what the future holds for privacy? It’s got Artificial Intelligence on both sides.

Guest Contributor
21 Aug 2018
8 min read
AI and machine learning are quickly becoming integral parts of modern society. They’ve become common personal and household objects in this era of the Internet of Things. No longer are they relegated to the inner workings of gigantic global corporations or military entities. AI is taking center stage in our very lives and there’s little we can do about it. Tech giants like Google and Amazon have made it very easy for anyone to get their hands on AI-based technology in the form of AI assistants and a plethora of MLaaS (machine-learning-as-a-service) offerings. These AI-powered devices can do anything like telling you the weather, finding you a recipe for your favorite pasta dish, and even letting you know your friend Brad is at the door- and opening that door for you. What’s more, democratized AI tools make it easy for anyone (even without coding experience) to try their hands on building machine learning based apps. Needless to say, a future filled with AI is a future filled with convenience. If Disney’s film “Wall-e” was any hint, we could spend our whole lives a chair while letting self-learning machines do everything we need to do for us (even raising our kids). However, the AI of today could paint an entirely different picture of the future for our privacy. The price of convenience Today’s AI is hungry for your personal information. Of course, this isn’t really surprising seeing as they were birthed by companies like Google that makes most of its yearly income from ad revenue. In one article written by Gizmodo, a privacy flaw was found in Google’s then newest AI creation. The AI assistant would be built into every Google Pixel phone and would run on their messenger app “Allo”. Users could simply ask the assistant questions like “what’s the weather like tomorrow” or “how do I get to Brad’s house”. Therein lies the problem. In order for an AI assistant to adjust according to your own personal preferences, it has to first learn and remember all of your personal information. Every intimate detail that makes you, you. It does this by raking in all the information stored in your device (like your contacts list, photos, messages, location). This poses a huge privacy issue since it means you’re sharing all your personal information with Google (or whichever company manufactures your AI-driven assistant). In the end, no one will know you better than yourself- except Google. Another problem with this AI is that it can only work if your message is unencrypted. You can either opt for more privacy by choosing to use the built-in end-to-end encrypted mode or opt for more convenience by turning off encrypted mode and letting the AI read/listen to your conversations. There is no middle ground yet. Why is this such a big problem? Two reasons: Companies, like Google, use or sell your private information to third parties to make their money; and Google isn’t exactly the most trustworthy with users’ secrets. If your AI manufacturer behaves like Google, that privacy policy that you’re relying on will mean nothing once the government starts knocking on their door. VPNs vs AI How AI learns from your personal information is just the tip of the iceberg. There’s a deeper privacy threat looming just behind the curtain: bad actors waiting to use AI for their own nefarious purposes. One study compared human hackers with artificial hackers to see who could get more Twitter users to click on malicious phishing links. The results showed that artificial hackers substantially outperformed their human counterparts. The artificial hacker pumped out more spear-phishing tweets that resulted in more conversions. This shows how powerful AI can be once it’s weaponized by hackers. Hackers may already be using AI right now- though it’s still hard to tell. Users are not without means to defend themselves, though. VPNs have long been used as a countermeasure against hackers. The VPN industry has even grown due to the recent problems regarding user data and personal information like the Facebook-Cambridge Analytica scandal and how the EU’s GDPR effectively drove many websites to block IPs from the EU. A VPN (Virtual Private Network) protects your privacy by masking your IP. It also routes your internet traffic through secure tunnels where it is encrypted. Most VPNs on the market currently use military-grade 256-bit AES to encrypt your data along with a multitude of various security features. The problem is that anyone with the time and resources can still break through your VPN’s defense- especially if you’re a high profile target. This can either be done by getting the key through some nefarious means or by exploiting known vulnerabilities to break into the VPN’s encryption. Breaking a VPN’s encryption is no easy task as it will take lots of computation and time- we’re talking years here. However, with the rise of AI, the process of breaking a VPN’s encryption may have become easier. Just 2 years ago, DARPA, the US government agency that commissions research for the US Department of Defense, funded the Cyber Grand Challenge. Here, computers were pitted against each other to find and fix bugs in their systems. The winner, a computer named “Mayhem” created by a team named “ForAllSecure”, took home the $2 million prize. It achieved its goal by not only patching any holes it found in its own system but also by finding and exploiting holes in its opponents’ software before they could be patched. Although the whole point of the challenge was to speed up the development of AI to defend against hackers, it also showed just how powerful an artificial hacker can be. A machine that could quickly process heaps and heaps of data while developing more ways to defend/attack from its own processes is a double-edged sword. This is why some VPN companies have started incorporating AI to defend against hackers- human or otherwise. The future of VPNs is AI augmented “If you can’t beat them, join them.” One VPN that has started using AI as part of their VPN service is Perfect Privacy. Their AI takes the form of Neuro routing (AI-based routing). With this, the AI makes a connection based on where the user is connecting to. The AI chooses the closest server to the destination server and does so separately for all connections. This means that if you’re in Romania but you’re connecting to a website hosted in New York, the VPN will choose a New York-based location as an exit server. This not only reduces latency but also ensures that all traffic remains in the VPN for as long as possible. This also makes the user appear to have different IPs on different sites which only bolsters privacy even more. Also, because the AI is dynamic in its approach, it frequently changes its route to be the shortest route possible. This makes its routes nigh impossible to predict. If you’d like a more detailed look at Perfect Privacy and its AI-based routing, check out this Perfect Privacy review. Some experts believe that someday in the future, we may just let AI handle our security in the Internet of Things for us. Just recently this year, a wireless VPN router called “Fortigis” was released and touted AI-based defenses. The router uses self-learning AI to keep your connection safe by learning from attack attempts made on any Fortigis router. All devices are then updated to defend against such attacks thereby ensuring up-to-date security. It also allows you to control who can connect to your home network, alarms you when someone is connecting and informs you of all the devices connected to your home network. These are just some of the ways the VPN industry is keeping up with the security needs of the times. Who knows what else the future could bring just around the corner. Whatever it is, one thing is for sure: Artificial intelligence will be a big part of it. About Author Dana Jackson, an U.S. expat living in Germany and the founder of PrivacyHub. She loves all things related to security and privacy. She holds a degree in Political Science, and loves to call herself a scientist. Dana also loves morning coffee and her dog Paw.   10 great tools to stay completely anonymous online Guide to safe cryptocurrency trading
Read more
  • 0
  • 0
  • 2138
article-image-multi-factor-authentication-system-good-idea-for-an-app
Mehul Rajput
20 Aug 2018
7 min read
Save for later

Multi-Factor Authentication System – Is it a Good Idea for an App?

Mehul Rajput
20 Aug 2018
7 min read
With cyber-attacks on the rise, strong passwords no longer guarantee enough protection to keep your online profiles safe from hackers. In fact, other security features such as antivirus software, encryption technology, firewall deployment, etc. are also susceptible to being bypassed by hackers when targeted explicitly and dedicatedly. A multi-factor authentication (MFA) system adds another layer of app security to ensure enhanced data safety. According to a survey, hackers use weak or stolen user credentials in a staggering 95% of all web application attacks. MFA implementation can prevent unauthorized access to your personal accounts, even if someone manages to steal your sign-in details. It has  low complexity, and the application does not require significant amount of time or resources. What is Multi-Factor Authentication? Multi-factor Authentication emerged as a reaction to the vulnerability and susceptibility of the existing security systems. It is a method that confirms the users’ identity multiple times, before granting them access. These pieces of evidence validating a user’s identity include: Knowledge factor: something you know (for e.g. a username, password, security question) Possession factor: something you have (for e.g. a registered phone number, hardware or software token that generate authentication code, smartcard) Inherence factor: something you are (biometric information such as a finger, face, or voice recognition, retina scans) When a system utilizes two or more verification mechanisms, it is known as a multi-factor authentication (MFA). The ultimate idea behind MFA is that the more number of steps a user has to take to access sensitive information, the harder it becomes for the hacker to breach the security. One of the most common methods of authentication is a password coupled with a verification code of unique string of numbers sent via SMS or email. This method is commonly used by Google, Twitter, and other popular services. iPhone X’s Face ID and Windows Hello use the latest innovations in advanced biometric scanners for fingerprints, retinas, or faces, that are built-in the devices. Moreover, you can also use a specialized app on your phone called an “authenticator”. The app is pre-set to work for a service and receives the codes that can be used whenever needed. Popular authentication apps include Google Authenticator, DuoMobile, and Twilio Authy. The authentication apps are more secure when compared to receiving codes via SMS. This is primarily because text messages can be intercepted and phone numbers can be hijacked. On the other hand, authentication apps do not rely on your service carriers. In fact, they function even in the absence of cell service. Importance of Multi-factor Authentication System Is MFA worth the hassle of additional verification? Yes, it absolutely is. The extra layer of security can save valuable and sensitive personal information from falling into the wrong hands. Password theft is constantly evolving. Hackers employ numerous methods including phishing, pharming, brute force, and keylogging to break into online accounts. Moreover, anti-virus systems and advanced firewalls are often incompetent and inefficient without user authentication. According to a Gemalto report, more than 2.5 billion data records were lost, stolen, or exposed worldwide in 2017, an 88% increase from 2016. Furthermore, cyber-attacks rake up huge financial losses to the compromised organization and even mere individuals; basically anyone connected to the internet. It is estimated that by 2021, cyber-crime will cause global financial damages of around $6 trillion annually. Despite the alarming statistics, only 38% of the global organizations are prepared to combat a cyber-attack. MFA implementation can mitigate cyber-attacks considerably. Organizations with multi-fold authentication in place can strengthen their access security. It not only will help them safeguard the personal assets of their employees and customers, but also protect the company’s integrity and reputation. Why Multi-factor Authentication System in Apps is good Numerous variables are taken into consideration during the app development process. You want the app to have a friendly user interface that provides a seamless experience. An appealing graphical design and innovative features are also top priorities. Furthermore, apps undergo rigorous testing to make them bug-free before releasing into the market. However, security breaches can taint the reputation of your app, especially if it holds sensitive information about the users. Here is why MFA is a good idea for your app: Intensified security As mentioned earlier, MFA can bolster the protection and reduce the risk associated with only password-protected apps. Additional means of authentication not only challenges the users to prove their identity, it can also provide the security team with broader visibility into a possible identity theft. Moreover, it is not necessary to prompt the user for MFA every time they log into the app. You can use data analytics to trigger MFA for a risk-based approach. Take into account the user’s geographical location, IP address, device in use, etc. before challenging the user’s identity and asking for additional authentication. High-risk scenarios that justify MFA include logging in from an unknown device or new location, accessing the app from a new IP address, or attempting to gain admission into a highly sensitive resource for the first time. Opt for risk-based approach only if your app holds valuable and intimate information about your client that can cause irrevocable personal damage to the user if divulged. Otherwise, such an approach requires complex data analytics, machine learning, and contextual recognition that can be difficult and time-consuming to program. Simplified login process You may consider MFA implementation as complicated and cumbersome. However, if you have multiple apps under your helm, you can offer more advanced login solutions like single sign-on. Once the user identity is validated, they can access multiple apps covered under the single sign-on. This practice provides practicality to the MFA process as the users are saved from the fatigue and stress of repeated logins. Increased customer satisfaction A customer’s satisfaction and trust is one of the biggest driving factors for any organization. When you offer MFA to your users, it builds a sense of trustworthiness amongst them and they are more at ease when sharing personal details. Compliance with standards In addition to the benefits to the users, there are certain compliance standards, mandated by state, federal or other authorities, which specify that companies should implement MFA in explicit situations. Moreover, there are fixed guidelines from the National Institute of Standards and Technology (NIST) that help you choose the right verification methods. Therefore, it is imperative that you do not only comply with the regulations but also implement the recommended MFA methods. The key is to deploy an MFA system that is not too laborious but offers optimal steps of authentication. Given the sheer number of methods available for MFA, choose the most appropriate options based on: Sensitivity of the data and assets being protected Convenience and ease of usability for the customers Compliance with the specific regulations Expediting implementation and management for IT department Summary MFA can strengthen the security of sensitive data and protect the user’s identity. It adds another layer of shield to safeguard the client’s online accounts, obstructing the efforts of dedicated hacking. Moreover, it allows you to comply with the standard guidelines proposed by the authorized officials. However, individual MFA implementation across different user environments and cloud services can be inconvenient to the users. Deploy single sign-on or adopt risk-based approach to eliminate security vulnerability while facilitating user access. Author Bio Mehul Rajput is a CEO and co-founder of Mindinventory which specializes in Android and iOS app development and provide web and mobile app solutions from startup to enterprise level businesses. He is an avid blogger and writes on mobile technologies, mobile app, app marketing, app development, startup and business. 5 application development tools that will matter in 2018 Implement an API Design-first approach for building APIs [Tutorial] Access application data with Entity Framework in .NET Core [Tutorial]
Read more
  • 0
  • 10
  • 8370

article-image-top-4-facebook-patents-to-battle-fake-news-and-improve-its-news-feed
Sugandha Lahoti
18 Aug 2018
7 min read
Save for later

Four 2018 Facebook patents to battle fake news and improve news feed

Sugandha Lahoti
18 Aug 2018
7 min read
The past few months saw Facebook struggling to maintain its integrity considering the number of fake news and data scandals linked to it - Alex Jones, accusations of discriminatory advertising and more. Not to mention, Facebook Stocks fell $120 billion in market value after Q2 2018 earnings call. Amidst these allegations of providing fake news and allowing discriminatory content on its news feed, Facebook patented its news feed filter tool last week to provide more relevant news to its users. In the past also, Facebook has made several interesting patents to enhance their news feed algorithm in order to curb fake news. This made us look into what other recent patents that Facebook have been granted around news feeds and fake news. Facebook’s News Feed has always been one of its signature features. The news feed is generated algorithmically (instead of chronologically), with a mix of status updates, page updates, and app updates that Facebook believes are interesting and relevant to you. Officially Facebook, successfully patented its News Feed in 2012, after filing for it in 2006. The patent gave the company a stronghold on the ability to let users see status messages, pictures, and links to videos of online friends, but also the actions those friends take. [box type="shadow" align="" class="" width=""]Note: According to United States Patent and Trademark Office (USPTO), Patent is an exclusive right to invention and “the right to exclude others from making, using, offering for sale, or selling the invention in the United States or “importing” the invention into the United States”.[/box] Here are four Facebook patents in 2018 pertaining to news feeds that we found interesting. Dynamically providing a feed of stories Date of Patent: April 10, 2018 Filed: December 10, 2015 Features: Facebook filed this patent to present their news feed in a more dynamic manner suiting to a particular person. Facebook’s News feed automatically generates a display that contains information relevant to a user about another user. This patent is titled Dynamically providing a feed of stories about a user of a social networking system. As per the patent application, recently, social networking websites have developed systems for tailoring connections between various users. Typically, however, these news items are disparate and disorganized. The proposed method generates news items regarding activities associated with a user. It attaches an informational link associated with at least one of the activities, to at least one of the news items. The method limits access to the news items to a predetermined set of viewers and assigns an order to the news items. Source: USPTO This patent is a viable solution to limit access to the news items which a particular section of users may find obscene. For instance, Facebook users below the age of 18, may be restricted from viewing graphic content. The patent received criticism with people ridiculing the patent for seeming to go against everything that the patent system is supposed to do. They say that such automatically generated news feeds are found in all sorts of systems and social networks these days. But now Facebook may have the right to prevent others from doing, what other social networks are inherently supposed to do. Generating a feed of content items from multiple sources Date of Patent: July 3, 2018 Filed: June 6, 2014 Features:  Facebook filed a patent allowing a feed of content items associated with a topic to be generated from multiple content sources. Per the Facebook patent, their newsfeed generation system receives content items from one or more content sources. It matches the content items to topics based on a measure of the affinity of each content item for one or more objects. These objects form a database that is associated with various topics. The feed associated with the topic is communicated to a user, allowing the user to readily identify content items associated with the topic. Source: USPTO Let us consider the example of sports. A sports database will contain an ontology defining relationships between objects such as teams, athletes, and coaches. The news feed system for a particular user interested in sports (an athlete or a coach or a player) will cover all content items associated with sports. Selecting organic content and advertisements based on user engagement Date of Patent: July 3, 2018 Filed: June 6, 2014 Features: Facebook wants to dynamically adjust its organic content items and advertisements, generated to a user by modifying a ranking. Partial engagement scores will be generated for organic content items based on an expected amount of user interaction with each organic content item. Advertisements scores will be generated based on expected user interaction and bid amounts associated with each organic content item. These advertisement and partial engagement scores are next used to determine two separator engagement scores measuring the user's estimated interaction with a content feed. One engagement score is of organic content items with advertisements and one without them. A difference between both these scores will modify a conversion factor used to combine expected user interaction and bid amounts to generate advertisement scores. This mechanism has been patented by Facebook as Selecting organic content and advertisements for presentation to social networking system users based on user engagement. For example, if a large number of advertisements are presented to a user, the user may become frustrated with the increased difficulty in viewing stories and interact less with the social networking system. However, advertisements also generate additional revenue for the social networking system. A balance is necessary. So, if the engagement score is greater than the additional engagement score by at least a threshold amount, the conversion factor is modified (e.g., decreased) to increase the number of organic content items included in the feed. If the engagement score is greater than the additional engagement score but less than the threshold amount, the conversion factor is modified (e.g., increased) to decrease the number of organic content items included in the feed. Source: USPTO Displaying news ticker content in a social networking system Date of Patent: January 9, 2018 Filed: February 10, 2016 Features: Facebook has also patented, Displaying news ticker content in a social networking system. This Facebook patent describes a system that displays stories about a user’s friends in a news ticker, as friends perform actions. The system monitors in real time for actions associated with users connected with the target user. The news ticker is updated such that stories including the identified actions and the associated connected users are displayed within a news ticker interface. The news ticker interface may be a dedicated portion of the website’s interface, for example in a column next to a newsfeed. Additional information related to the selected story may be displayed in a separate interface. Source: USPTO For example, a user may select a story displayed in the news ticker; let’s say movies. In response, additional information associated with movies (such as actors, director, songs etc) may be displayed, in an additional interface. The additional information can also depend on the movies liked by the friends of the target user. These patents talk lengths of how Facebook is trying to repair its image and make amendments to its news feed algorithms to curb fake and biased news. The dynamic algorithm may restrict content, the news ticket content and multiple source extractions will keep the feed relevant, and the balance between organic content and advertisements could lure users to stay on the site. As such there are no details currently on when or if these features will hit the Facebook feed, but once implemented could bring Zuckerberg’s vision of “bringing the world close together”, closer to reality. Read Next Four IBM facial recognition patents in 2018, we found intriguing Facebook patents its news feed filter tool to provide more relevant news to its users Four interesting Amazon patents in 2018 that use machine learning, AR, and robotics
Read more
  • 0
  • 0
  • 2737