Alexandru Balan Thesis

Alexandru Balan Thesis-62
Computers and mobile devices running rich operating systems have a plethora of security solutions and encryption protocols that can protect them against the multitude of threats they face as soon as they become connected to the Internet. Of the billions of Io T devices presently in use, a considerable percentage are sporting low-end processing power and storage capacity and don’t have the capability to become extended with security solutions.Yet they are connected to the Internet, nonetheless, which is an extremely hostile environment.“The way to address this in real time is to create a learning system that takes those outliers and solicits human feedback on them,” Veeramachaneni explains.

Computers and mobile devices running rich operating systems have a plethora of security solutions and encryption protocols that can protect them against the multitude of threats they face as soon as they become connected to the Internet. Of the billions of Io T devices presently in use, a considerable percentage are sporting low-end processing power and storage capacity and don’t have the capability to become extended with security solutions.

The system learns from the experience and makes more accurate decisions next time.

“This model helps improve threat detection accuracy and decrease the number of false positives dramatically over time,” Veeramachaneni says.

This idea was leveraged by startup tech company Dojo-Labs to create a smart-home Io T security solution.

“When it comes to Io T devices they were designed to do a very, very specific function,” says Yossi Atias, co-founder and CEO of the company.

It takes mere minutes for a malicious hacker to find thousands of vulnerable devices in the search engine Shodan, and compromised Io T devices frequently become beachheads for more serious hacks in networks.

The bottom line is that too many of our smart devices are inherently too dumb to protect themselves (and us) against cyberattacks.“So assuming we have a lot of users using the same camera or the same smart TV or the same smart alarm or smart lock, there is no real reason that one device will behave different from the other, because they’re all running the same software, which is not something the user can change.” Dojo-Labs’ method involves collecting metadata from different endpoints and defining the behavior range of each device type in order to be able to spot and block malicious behavior.As with all solutions involving machine learning, Dojo-Labs’ model improves as it collects more and more data from customers.Basically, it’s like going to the battlefield without armor.That’s why new Io T vulnerabilities are constantly surfacing, and countless Io T devices are falling victim to hacks, botnets and other evil deeds every day.The same mechanics can be employed in security-related use cases, such as determining safe device behavior and general usage patterns, which can subsequently help to spot and block abnormal activity and potentially harmful behavior.Already, several tech firms are drawing on this to offer solutions that enhance Io T security, especially in smart homes, where there are no defined security standards and practices.“Machine learning and behavioral analysis is one of the biggest trends in detecting anything and everything these days,” says Alexandru Balan, Chief Security Researcher at cybersecurity tech firm Bitdefender.However, he elaborates that machine learning still has a long way to go and there needs to be “a lot of research and innovation into developing, implementing and testing the algorithms.” Bitdefender’s approach is to aggregate into a cloud server data from all endpoints that rely on its products; the input is analyzed to determine patterns and spot malicious behavior.“You gather all the traffic,” says Balan, “sanitize and normalize it, learn from it, see what servers the devices talk to, what other devices they talk to, how they normally interact with the Internet and with each other, and you pick up on the abnormal traffic.” Bitdefender uses cloud-based intelligence and pattern recognition, along with local network analysis through its suite of endpoint security software and hardware, to control Internet traffic in home networks and block connections to malicious URLs, malware downloads and suspicious packets.Leveraging cloud services has enabled the company to bring enterprise-level intelligence and protection to the consumer space.

SHOW COMMENTS

Comments Alexandru Balan Thesis