Cyber Defense eMagazine January 2020 Edition

More documents

Recommendations

Info

72 ways that are difficult if not impossible to simulate. Authentication happens inadvertently, as users simply act like—and are—themselves. Generalizing Behavioral Biometrics to Anomaly Detection At Plurilock we’ve long considered behavioral biometrics to be our core competency, yet recently we’ve been increasingly engaged in research and development on machine-to-machine security models for the Internet of Things and in new ways to detect and stop malware. It’s rapidly becoming clear that all of these are cases in which stronger, more efficient, and more costeffective security can be achieved using a group of very similar anomaly detection technologies. The claim that "identity is the new perimeter" has been making the rounds over the last year or two, and we don't disagree with it for human users. But this claim is actually a specialized instance of a more general claim that will shape cybersecurity in the decades to come. After all, identity is exactly the problem—and more and more, anomaly detection methods are the best way to establish it. So it’s not identity that is the new perimeter—it's anomaly. Securing User Accounts, Things, and Environments But how does anomaly detection address the other problems I just mentioned? Recall that behavioral biometrics enables us to recognize real users. It does this not with lists of static facts like credentials or fingerprints—that are in fact themselves vulnerabilities—but through the ability to recognize, without biographical data or physical markers, whether someone is “being themselves” or not. It’s fundamentally about detecting user anomalies. Because users are human beings, we’ve long called this a biometric technology. But the same approach—using machine learning for anomaly detection—is now proving to be effective in other areas of cybersecurity as well. Devices are more and more like individuals in our era of highly complex things— individual in timings, characteristics, and tendencies. This is especially true as machine learning and automation—and the unique ways in which these affect memory, process, and latency characteristics— take hold across more and more devices. In the realm of malware, too, the Spy vs. Spy game of signature library updates versus new threat "strains" in the wild will soon be supplantable by anomaly detection through machine learning. Computing environments, process tables, and schedulers are now deep and nuanced enough to offer—once again— rich signal environments that enable the recognition of both normal and anomalous states. The result is software security without signature scanning. Rather than relying on static policies—which credentials grant access, which don’t, which MAC addresses and keys are in, which are out, which code fragments are allowed, and which aren’t—it's time for the cybersecurity industry to begin to think in terms of recognition and anomaly detection, just as behavioral-biometric solutions now do with human users. 72
73 Making the Transition The shift from list-based and credential-based forms of cybersecurity isn't one that can or will happen overnight, but it's one that needs urgently to happen nonetheless—and one that will happen simply because the traditional paradigm can’t be sustained much longer. It’s just too expensive, complex, and ineffective at this point. The old, static methods for securing data, accounts, and cyber-systems haven't kept pace with the threat landscape—and the gap is now growing exponentially. For corporate officers and security professionals tasked with protecting users, systems, and data, it's time to reorient thinking toward anomaly detection technologies as tomorrow’s keys to cybersecurity. It’s time to stop thinking about how to keep our many lists obscure—and to start considering technologies that make list-based cybersecurity (and its vulnerabilities) obsolete. About the Author Aron Hsiao is the Director of Marketing and Insights at Plurilock Security Solutions, Inc. One of a number of PhDs on Plurilock’s senior team, Aron’s research background is in the analysis of human-computer interaction systems. Aron previously worked at big data startup Terapeak, at e-commerce giant eBay, Inc., and as an instructor at NYU, CUNY, and The New School for Social Research. In addition to his academic work and work at Plurilock, Aron is also the author of a number of books on Linux, cybersecurity, and open source technologies. Aron can be reached online at aron.hsiao@plurilock.com and at http://www.plurilock.com/. 73
Page 1 and 2:
1 Best Practices for Building A Com
Page 3 and 4:
3 CONTENTS Welcome to This Very Spe
Page 5 and 6:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 7 and 8:
7 7
Page 9 and 10:
9 9
Page 11 and 12:
11 11
Page 13 and 14:
13 Your website could be vulnerable
Page 15 and 16:
15 15
Page 17 and 18:
17 17
Page 19 and 20:
19 19
Page 21 and 22: 21 A further challenge arises from
Page 23 and 24: 23 About the Author Haythem Hammour
Page 25 and 26: 25 Focus on detection Although prev
Page 27 and 28: 27 What’s the Security Misconfigu
Page 29 and 30: 29 As more and more businesses begi
Page 31 and 32: 31 Industries under threat Accordin
Page 33 and 34: 33 How to Know If Someone Is Watchi
Page 35 and 36: 35 you are running in the backgroun
Page 37 and 38: 37 These stats make it clear why sm
Page 39 and 40: 39 · Provide staff especially thos
Page 41 and 42: 41 The current state of insecurity
Page 43 and 44: 43 3. Support heterogeneous network
Page 45 and 46: 45 • Enables troubleshooting of i
Page 47 and 48: 47 It’s not just medical research
Page 49 and 50: 49 Europe Cybersecurity Market Size
Page 51 and 52: 51 Some of the key vendors in the E
Page 53 and 54: 53 Iot Security and Privacy Securit
Page 55 and 56: 55 information such as DNA informat
Page 57 and 58: 57 Lessons Learned Unlike newer pro
Page 59 and 60: 59 Seven Security Predictions For 2
Page 61 and 62: 61 will target state and local vote
Page 63 and 64: 63 7) Attackers Will Find New Vulne
Page 65 and 66: 65 Certification Programs There are
Page 67 and 68: 67 Fraud: A Look Back At 2019 And W
Page 69 and 70: 69 technologies. They’re also col
Page 71: 71 • A list of valid credentials
Page 75 and 76: 75 to get a view on the entire IT e
Page 77 and 78: 77 The Decade Ahead for Cybersecuri
Page 79 and 80: 79 About the Author Matthew Gyde is
Page 81 and 82: 81 datacenters before heading out t
Page 83 and 84: 83 About the Author Paul Martini is
Page 85 and 86: 85 85
Page 87 and 88: 87 87
Page 89 and 90: 89 89
Page 91 and 92: 91 91
Page 93 and 94: 93 93
Page 95 and 96: 95 95
Page 97 and 98: 97 97
Page 99 and 100: 99 99
Page 101 and 102: 101 101
Page 103 and 104: 103 You asked, and it’s finally h
Page 105 and 106: 105 TRILLIONS ARE AT STAKE No 1 INT
Page 107 and 108: 107 107
Page 109 and 110: 109 109
Page 111 and 112: 111 111
show all

Cyber Defense eMagazine January 2020 Edition

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?