Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell...
-
Upload
percival-hensley -
Category
Documents
-
view
216 -
download
0
Transcript of Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell...
![Page 1: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/1.jpg)
Application of Machine Learning and Crowdsourcingto Detection of Cyber Threats
Jaime G.Carbonell
EugeneFink
MehrbodSharifi
![Page 2: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/2.jpg)
![Page 3: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/3.jpg)
Individual user differences• Security needs
- Data confidentiality- Data-loss tolerance- Recovery costs
• Usage patterns• Computer knowledge
Different users need different security tools.
![Page 4: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/4.jpg)
Problems
• “Advanced user” assumption- Complicated customization- Unclear security warnings
• Inflexible engineered solutionswith “too much security”- Too high security at high costs- Insufficient customization
![Page 5: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/5.jpg)
Population statistics
• Almost everyone uses a computer
• Most users are naïve, with limited technical knowledge
• Many security problems aredue to the user naïveté
![Page 6: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/6.jpg)
Long-term goalWe need an intelligent security assistant that... • Learns the user needs • Detects complex threats• Prevents human mistakes• Helps the user to apply available security tools
![Page 7: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/7.jpg)
![Page 8: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/8.jpg)
• Crowdsourcing architecture
• Identification of web scams
• Detection of cross-siterequest forgery
Initial results
![Page 9: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/9.jpg)
Crowdsourcing architectureGathering, sharing, and integration of opinions and warnings about web security threats.
![Page 10: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/10.jpg)
Crowdsourcing architecture
![Page 11: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/11.jpg)
Crowdsourcing architecture
Browser Extension
Web Browser MultipleUsers
Web Service
External DataSources
![Page 12: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/12.jpg)
Identification of web scamsA web scam is fraudulent or intentionally misleading information posted on the web (e.g. work at home and miracle cures).
![Page 13: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/13.jpg)
Identification of web scamsMachine learning approach:
• Collect data about websites, available from various public services
• Collect human opinions
• Apply machine learning (currently, logistic regression) to recognize scams based on the available data
Accuracy: 98%
![Page 14: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/14.jpg)
Detection of cross-site request forgeryA cross-site request forgery is an attack through a browser, in which a malicious website uses a trusted session to send unauthorized requests to a target site.
Malicious
Ads
News
Bank
……
… …
![Page 15: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/15.jpg)
Detection of cross-site request forgery
Machine learning approach:
• Learn patterns of legitimate requests
• Detect deviations from these patterns
• Warn the user about potentially malicious sites and requests
![Page 16: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/16.jpg)
![Page 17: Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.](https://reader035.fdocuments.in/reader035/viewer/2022070404/56649f355503460f94c538c1/html5/thumbnails/17.jpg)
Future research
• ... newly evolving threats, not yet addressed by the standard defenses
• ... cyber attacks by their observed “symptoms” in addition to using direct analysis of attacking code
• ... “nontraditional” threats that go beyond malware attacks, such as scams and other social engineering
Application of machine learning and crowdsourcing to detect...