fbpx
Connect with us

Tech

Computer vision and deep learning provide new ways to detect cyber threats

Published

on

Computer vision and deep learning provide new ways to detect cyber threats

The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now!


The last decade’s growing interest in deep learning was triggered by the proven capacity of neural networks in computer vision tasks. If you train a neural network with enough labeled photos of cats and dogs, it will be able to find recurring patterns in each category and classify unseen images with decent accuracy.

What else can you do with an image classifier?

In 2019, a group of cybersecurity researchers wondered if they could treat security threat detection as an image classification problem. Their intuition proved to be well-placed, and they were able to create a machine learning model that could detect malware based on images created from the content of application files. A year later, the same technique was used to develop a machine learning system that detects phishing websites.

The combination of binary visualization and machine learning is a powerful technique that can provide new solutions to old problems. It is showing promise in cybersecurity, but it could also be applied to other domains.

Detecting malware with deep learning

The traditional way to detect malware is to search files for known signatures of malicious payloads. Malware detectors maintain a database of virus definitions which include opcode sequences or code snippets, and they search new files for the presence of these signatures. Unfortunately, malware developers can easily circumvent such detection methods using different techniques such as obfuscating their code or using polymorphism techniques to mutate their code at runtime.

Dynamic analysis tools try to detect malicious behavior during runtime, but they are slow and require the setup of a sandbox environment to test suspicious programs.

In recent years, researchers have also tried a range of machine learning techniques to detect malware. These ML models have managed to make progress on some of the challenges of malware detection, including code obfuscation. But they present new challenges, including the need to learn too many features and a virtual environment to analyze the target samples.

Binary visualization can redefine malware detection by turning it into a computer vision problem. In this methodology, files are run through algorithms that transform binary and ASCII values to color codes.

In a paper published in 2019, researchers at the University of Plymouth and the University of Peloponnese showed that when benign and malicious files were visualized using this method, new patterns emerge that separate malicious and safe files. These differences would have gone unnoticed using classic malware detection methods.

malware binary visualizationartificial neural network to tell the difference between malicious and safe files. The researchers created a dataset of visualized binary files that included both benign and malign files. The dataset contained a variety of malicious payloads (viruses, worms, trojans, rootkits, etc.) and file types (.exe, .doc, .pdf, .txt, etc.).

The researchers then used the images to train a classifier neural network. The architecture they used is the self-organizing incremental neural network (SOINN), which is fast and is especially good at dealing with noisy data. They also used an image preprocessing technique to shrink the binary images into 1,024-dimension feature vectors, which makes it much easier and compute-efficient to learn patterns in the input data.

malware detection with deep learning architectureransomware attacks. The researchers suggested that the model’s performance can be improved if it is adjusted to take the filetype as one of its learning dimensions. Overall, the algorithm achieved an average detection rate of around 74 percent.

Detecting phishing websites with deep learning

Phishing attacks are becoming a growing problem for organizations and individuals. Many phishing attacks trick the victims into clicking on a link to a malicious website that poses as a legitimate service, where they end up entering sensitive information such as credentials or financial information.

Traditional approaches for detecting phishing websites revolve around blacklisting malicious domains or whitelisting safe domains. The former method misses new phishing websites until someone falls victim, and the latter is too restrictive and requires extensive efforts to provide access to all safe domains.

Other detection methods rely on heuristics. These methods are more accurate than blacklists, but they still fall short of providing optimal detection.

In 2020, a group of researchers at the University of Plymouth and the University of Portsmouth used binary visualization and deep learning to develop a novel method for detecting phishing websites.

The technique uses binary visualization libraries to transform website markup and source code into color values.

html-to-color

As is the case with benign and malign application files, when visualizing websites, unique patterns emerge that separate safe and malicious websites. The researchers write, “The legitimate site has a more detailed RGB value because it would be constructed from additional characters sourced from licenses, hyperlinks, and detailed data entry forms. Whereas the phishing counterpart would generally contain a single or no CSS reference, multiple images rather than forms and a single login form with no security scripts. This would create a smaller data input string when scraped.”

The example below shows the visual representation of the code of the legitimate PayPal login compared to a fake phishing PayPal website.

fake vs legitimate paypal login page

The researchers created a dataset of images representing the code of legitimate and malicious websites and used it to train a classification machine learning model.

The architecture they used is MobileNet, a lightweight convolutional neural network (CNN) that is optimized to run on user devices instead of high-capacity cloud servers. CNNs are especially suited for computer vision tasks including image classification and object detection.

Once the model is trained, it is plugged into a phishing detection tool. When the user stumbles on a new website, it first checks whether the URL is included in its database of malicious domains. If it’s a new domain, then it is transformed through the visualization algorithm and run through the neural network to check if it has the patterns of malicious websites. This two-step architecture makes sure the system uses the speed of blacklist databases and the smart detection of the neural network–based phishing detection technique.

The researchers’ experiments showed that the technique could detect phishing websites with 94 percent accuracy. “Using visual representation techniques allows to obtain an insight into the structural differences between legitimate and phishing web pages. From our initial experimental results, the method seems promising and being able to fast detection of phishing attacker with high accuracy. Moreover, the method learns from the misclassifications and improves its efficiency,” the researchers wrote.

website phishing detection machine learning architectureIoT networks.

As machine learning continues to make progress, it will provide scientists new tools to address cybersecurity challenges. Binary visualization shows that with enough creativity and rigor, we can find novel solutions to old problems.

This story originally appeared on Bdtechtalks.com. Copyright 2021

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Go to Source

Click to comment

Leave a Reply

Tech

Leaked Alder Lake prices strike at Ryzen’s CPU dominance

Published

on

Leaked Alder Lake prices strike at Ryzen’s CPU dominance

Here’s what leaked retailer pricing tells us about the performance of Intel’s upcoming Alder Lake S CPUs.

6core vs 8core cpus

Intel / AMD / janniwet / Shutterstock

Today’s Best Tech Deals

Picked by PCWorld’s Editors

Top Deals On Great Products

Picked by Techconnect’s Editors

Intel’s 12th-gen Alder Lake processors aren’t upon us yet, but another price leak indicates they might indeed compete with AMD’s best CPUs, unlike current top-end Core offerings.

The latest oopsie comes from retail IT vendor Provantage, which puts the top-end Core i9-12900K at $605. The IT vendor also lists the Core i7-12700K at $420, as well as a Core i5-12600K for $283.

After news reports of the part numbers and prices surfaced, Provantage removed the listings. The latest leak follows reports two weeks ago—supposedly from European retailers—that placed the Core i9-12900K at $705, the Core i7-12700K at $495, and the Core i5-12600 at $343.

Before you jump to any conclusions, we want to point out that as reliable as a leaked retail price might seem, they can very unreliable too. Often times stores prep for impending launches by using placeholder prices and specs. Those listings are then updated when the stores receive the final information.

The leaked info itself from Provantage would indicate it’s not quite baked yet. For example, we know the top-end Alder Lake S chip will feature 8 performance cores and 8 efficient cores (Intel’s Alder Lake chips feature a radical new mixture of big and little cores), yet the listing at Provantage lists the top-end chip as an 8-core design. 

alder lake provantage Provantage via Hothardware.com

Hothardware.com snapped this image of Intel’s 12th gen Alder Lake CPUs at retailer Provantage. that has since been removed.

Still, both combined retail leaks reinforce what we’ve already come to conclude so far: Intel’s 12th-gen Alder Lake S will at least suit up with the intent to take on AMD’s 16-core Ryzen 9 5950X.

That’s a marked change from the $550 8-core 11th gen Rocket Lake CPU, which lost badly to AMD’s $550 12-core Ryzen 9 5900X chip. With the 11th-gen desktop chips, Intel didn’t even try to field a CPU against AMD’s $750 Ryzen 9 5950X.

With its increased core efficiency, newer manufacturing process, and physically more cores than previous Intel consumer desktop CPUs, it’s entirely possible Intel’s 12th Core i9 will actually end up being somewhere between $604 and $705 when it comes out.

intel alder lake performance core benchmark Intel

Intel is touting a marked increase in core efficiency with its 12th gen Alder Lake CPUs.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.

One of founding fathers of hardcore tech reporting, Gordon has been covering PCs and components since 1998.

Go to Source

Continue Reading

Tech

The best Windows backup software

Published

on

The best Windows backup software

Updated

The best programs for keeping your data and Windows safely backed up.

Rob Schultz/IDG

Today’s Best Tech Deals

Picked by PCWorld’s Editors

Top Deals On Great Products

Picked by Techconnect’s Editors

Table of Contents

Show More

We need backup software for our PCs because our storage drives won’t last forever. Backup software ensures we’re covered when the day comes that our primary drive up and dies.

It would be nice if Microsoft itself provided Windows users with something like Apple’s Time Machine: an effective, set-it-and-forget-it, total system recovery and backup solution that requires little interaction or thought on the user’s part. 

Instead, Microsoft delivers a mishmash of restore points, recovery discs, file backup, and even the un-retired System Backup (Windows 7), which was probably originally put out to pasture for its propensity to choke on dissimilar hardware. Online backup services are another option, but desktop clients tend to offer far more flexibility. 

Plenty of vendors have stepped in with worthy alternatives, and while none are quite as slick or transparent as Time Machine, some come darn close—and many are free. Read on for our top picks. 

Updated on 9/15/21 to include our review of the newest version of Aomei Backupper 6. It remains our favorite free backup software for Windows because it provides a near-total backup solution, with a generous number of features. As a paid program, however, there are better options. Read more about it below. And scroll to the bottom of this article to see links to all our backup software reviews.

Best overall backup software

There’s a reason True Image is renowned in the world of backup software. It’s capable, flexible, and rock-solid reliable. Indeed, it’s easily the most comprehensive data safety package on the planet.

Besides offering unparalleled backup functionality that’s both robust and easy to navigate, True Image integrates security apps as well, which protect against malware, malicious websites, and other threats using real-time monitoring. Read our full review.

Best free backup software

Among the free programs we tested, Backupper Standard wins primarily because it has the most features, including imaging, file backup, disk cloning, and plain file syncing, plus multiple scheduling options (see our full review). This was the case with Backupper 4, and the latest version has only added more options, making it a surprisingly well-rounded free offering. We hit a few performance snags with less-conventional system setups, but for the average user, it should perform as expected.

What to look for in backup software

As with most things—don’t over-buy. Features you don’t need add complexity and may slow down your system. Additionally, if you intend to back up to a newly purchased external hard drive, check out the software that ships with it. Seagate, WD, and others provide backup utilities that are adequate for the average user.

File backup: If you want to back up only your data (operating systems and programs can be reinstalled, though it’s mildly time- and effort-consuming), a program that backs up just the files you select is a major time-saver. Some programs automatically select the appropriate files if you use the Windows library folders (Documents, Photos, Videos, etc.).

Image backup/Imaging: Images are byte-for-byte snapshots of your entire hard drive (normally without the empty sectors) or partition, and can be used to restore both the operating system and data. Imaging is the most convenient to restore in case of a system crash, and also ensures you don’t miss anything important.

Boot media:  Should your system crash completely, you need an alternate way to boot and run the recovery software. Any backup program should be able to create a bootable optical disc or USB thumb drive. Some will also create a restore partition on your hard drive, which can be used instead if the hard drive is still operational.

Scheduling: If you’re going to back up effectively, you need to do it on a regular basis. Any backup program worth its salt allows you to schedule backups.

Versioning: If you’re overwriting previous files, that’s not backup, it’s one-way syncing or mirroring. Any backup program you use should allow you to retain several previous backups, or with file backup, previous versions of the file. The better software will retain and cull older backups according to criteria you establish.

Optical support: Every backup program supports hard drives, but as obsolescent as they may seem, DVDs and Blu-Ray discs are great archive media. If you’re worried about optical media’s reliability, M-Disc claims its discs are reliable for a thousand years, claims that are backed up by Department of Defense testing.

Online support: An offsite copy of your data is a hedge against physical disasters such as flood, fire, and power surges. Online storage services are a great way to maintain an offsite copy of your data. Backup to Dropbox and the like is a nice feature to have.

FTP and SMB/AFP: Backing up to other computers or NAS boxes on your network or in remote locations (say, your parent’s house) is another way of physically safeguarding your data with an offsite, or at least physically discrete copy. FTP can be used for offsite, while SMB (Windows and most OS’s) and AFP (Apple) are good for other PCs or NAS on your local network.

Real time: Real-time backup means that files are backed up whenever they change, usually upon creation or save. It’s also called mirroring and is handy for keeping an immediately available copy of rapidly changing data sets. For less volatile data sets, the payoff doesn’t compensate for the drain on system resources. Instead, scheduling should be used.

Continuous backup: In this case, ‘continuous’ simply means backing up on a tight schedule, generally every 5 to 15 minutes, instead of every day or weekly. Use continuous backup for rapidly changing data sets where transfer rates are too slow, or computing power is too precious for real-time backup.

Performance: Most backups proceed in the background or during dead time, so performance isn’t a huge issue in the consumer space. However, if you’re backing up multiple machines or to multiple destinations, or dealing with very large data sets, speed is a consideration.

How we test

We run each program through the various types of backups it’s capable of. This is largely to test reliability and hardware compatibility, but we time two: an approximately 115GB system image (two partitions), and a roughly 50GB image created from a set of smaller files and folders. We then mount the images and test their integrity via the program’s restore functions. We also test the USB boot drives created by the programs.

All of our reviews

If you’d like to learn more about our top picks as well as other options, you can find links below to all of our backup software reviews. We’ll keep evaluating new programs and re-evaluating existing software on a regular basis, so be sure to check back for our current impressions.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.

Jon is a Juilliard-trained musician, former x86/6800 programmer, and long-time (late 70s) computer enthusiast living in the San Francisco bay area. [email protected]

Go to Source

Continue Reading

Tech

Razer just made gamer thimbles

Published

on

Razer just made gamer thimbles

Or maybe they’re yoga pants for your thumbs?

Today’s Best Tech Deals

Picked by PCWorld’s Editors

Top Deals On Great Products

Picked by Techconnect’s Editors

Razer has never been afraid to take a shot on products that seem unusual at first glance. Witness its RGB-infused N95 mask, the now-defunct Razer Game Store with its own zVault currency, or the first-gen Firefly mousepad, which has evolved into something special but originally prompted us to review it against a ripped-up piece of cardboard. The company’s latest offering might just take the cake though. This week, Razer introduced gamer thimbles.

Yes, thimbles. You know, like the Monopoly piece (or the sewing accessory for more worldly folks out there). Seriously.

Well, not quite. If you simply can’t abide sweaty palms and greasy fingerprints interfering with your marathon mobile Fortnite sessions, the new Razer gaming finger sleeve may be up your alley. “Slip on and never slip up with Razer Gaming Finger Sleeve that will seal your mobile victory,” Razer’s site breathlessly boasts.  “Woven with high-sensitivity silver fiber for enhanced aim and control, our breathable sleeves keep your fingers deadly cool in the heat of battle, so you’ll always have a grip on the game.”

Razer says the 0.8mm-thick sleeves are sweat absorbent, and that they’re made from nylon and spandex. So maybe they’re more like gamer yoga pants? But you know, for your fingers?

Either way it’s ludicrous. And unlike most of Razer’s gear, the gamer thimbles understandably (yet sadly) lack RGB lighting. But if you want to wear your dedication to the Cult of Razer on your slee…thumb, or maybe just look snazzier when you’re passing Go and collecting $200, you can pick up a pair of Razer gaming finger sleeves on the company’s website for $10. The truly dedicated can double down to look especially gamer:

razer gamer thimbles 2 Razer

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.

Go to Source

Continue Reading
Home | Latest News | Tech | Computer vision and deep learning provide new ways to detect cyber threats

Market

Trending