Artificial intelligence and systems based on this technology are increasingly used in real life. Often, however, the scope of analysis is limited to large amounts of data or complex calculations. But why not apply the AI in it can say “natural habitat”? In the digital world? Perhaps something like this thought experts from the Massachusetts Institute of technology (MIT) and the University of California San Diego (UCSD) when you create an AI that will hunt for hackers.
How artificial intelligence will catch hackers?
Stealing IP addresses is becoming a more popular form of cyber attacks. This is done for a number of reasons, from spam and malware to steal cryptocurrency and payment card data. By some estimates, only in 2017, similar incidents have affected more than 10 percent of all domains in the world. Hurt even the big players like Amazon and Google. What can we say about smaller companies.
Protective measures to prevent interceptions of IP addresses is usually made already when the attack occurred. But what if these events could be predicted and subsequently to track criminals? Guided by this thesis, the team analyzed the methods used by the “serial burglars” and trained his neural network to calculate a suspicious activity. In the end, she was able to identify approximately 800 suspicious networks and found that some of them were systematically captured IP addresses for many years.
To transfer data between various gateways that use a dynamic routing Protocol (BGP). However, it has two major drawbacks: no authentication and basic verification of the source. This makes it accessible to hacker attacks. Giving AI the algorithm with information about past attacks, we have trained an artificial intelligence model to identify the key characteristics of the work of hackers. Such as, for example, multiple blocking IP addresses. says lead author Cecilia Testart.
A little explain how to operate the hackers. And how do I capture the IP address. The capture BGP the attacker, roughly speaking, “convinces” nearby networks that the best way to achieve a particular IP address- through their hacking network. Flowing through its network, this data, hackers can intercept and redirect traffic to their own purposes. The developers of the algorithm give the following analogy: it’s like trying to call someone on the landline. You can say that to enroll in the nearest institution for a particular number. If you don’t know what these institutions are and much closer to your location.
See also: Hackers bypassed one of the most complex security systems
In order to better define the tactics of attacks, a group of scientists first extracted data on the performance of network operators over the past few years. On this basis, they were able to infer a correlation between the breaking address and bursts of Internet activity of hackers. Then he had merely “feed” this data to the system of machine learning and “train” the AI. By the way, if you are interested in the subject of AI, and all that it involves, we recommend you subscribe to our page in Yandex.Zen. There are regularly published various materials on this topic.
The work of the team of scientists is the first step in creating an automatic system for the prevention of cybercrime. In the future, the algorithm will only improve. A full progress report and demonstration of a functioning AI to find the hackers, the scientists plan to submit later this October at the International IT-conference in Amsterdam. Later they also promise to put on the GitHub list they discovered suspicious networks.