Cyber Defense eMagazine January 2020 Edition
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
72<br />
ways that are difficult if not impossible to simulate. Authentication happens inadvertently, as users simply<br />
act like—and are—themselves.<br />
Generalizing Behavioral Biometrics to Anomaly Detection<br />
At Plurilock we’ve long considered behavioral biometrics to be our core competency, yet recently we’ve<br />
been increasingly engaged in research and development on machine-to-machine security models for the<br />
Internet of Things and in new ways to detect and stop malware.<br />
It’s rapidly becoming clear that all of these are cases in which stronger, more efficient, and more costeffective<br />
security can be achieved using a group of very similar anomaly detection technologies.<br />
The claim that "identity is the new perimeter" has been making the rounds over the last year or two, and<br />
we don't disagree with it for human users. But this claim is actually a specialized instance of a more<br />
general claim that will shape cybersecurity in the decades to come. After all, identity is exactly the<br />
problem—and more and more, anomaly detection methods are the best way to establish it. So it’s not<br />
identity that is the new perimeter—it's anomaly.<br />
Securing User Accounts, Things, and Environments<br />
But how does anomaly detection address the other problems I just mentioned?<br />
Recall that behavioral biometrics enables us to recognize real users. It does this not with lists of static<br />
facts like credentials or fingerprints—that are in fact themselves vulnerabilities—but through the ability to<br />
recognize, without biographical data or physical markers, whether someone is “being themselves” or not.<br />
It’s fundamentally about detecting user anomalies.<br />
Because users are human beings, we’ve long called this a biometric technology. But the same<br />
approach—using machine learning for anomaly detection—is now proving to be effective in other areas<br />
of cybersecurity as well. Devices are more and more like individuals in our era of highly complex things—<br />
individual in timings, characteristics, and tendencies. This is especially true as machine learning and<br />
automation—and the unique ways in which these affect memory, process, and latency characteristics—<br />
take hold across more and more devices.<br />
In the realm of malware, too, the Spy vs. Spy game of signature library updates versus new threat<br />
"strains" in the wild will soon be supplantable by anomaly detection through machine learning. Computing<br />
environments, process tables, and schedulers are now deep and nuanced enough to offer—once again—<br />
rich signal environments that enable the recognition of both normal and anomalous states. The result is<br />
software security without signature scanning.<br />
Rather than relying on static policies—which credentials grant access, which don’t, which MAC<br />
addresses and keys are in, which are out, which code fragments are allowed, and which aren’t—it's time<br />
for the cybersecurity industry to begin to think in terms of recognition and anomaly detection, just as<br />
behavioral-biometric solutions now do with human users.<br />
72