Home Tags By the Way

Tag: By the Way

What you should really expect from Samsung’s facial recognition

Biometrics like fingerprint readers, iris scanners, and facial recognition are either the solution to passwords’ unmanageability or a fool’s-gold technology that will compromise us all.

Both and neither are true.The forthcoming Samsung Galaxy S8 introduces facial recognition to unlock the smartphone, becoming the fourth unlock option for Samsung’s flagship device, in addition to fingerprint reading, iris scanning, and good ol’ manually entered passwords.

And mere days after its introduction, someone has already fooled the Galaxy S8’s facial recognition by showing the device a picture of the person.

That would be an easy way to unlock someone else’s phone without their permission. (An earlier Google facial-recognition technology in 2011’s Android 4.0 Ice Cream Sandwich had the same flaw, by the way.)To read this article in full or to leave a comment, please click here

Roam free: A history of open-world gaming

You know the violence, but there were text-adventures, skiing, space, and ants(!) too.

Google pulls virtual assistant ad after user outcry

Google Home users got a surprise on Thursday when their virtual assistants cheerily mentioned that the live-action remake of “Beauty and the Beast” is opening in theaters this weekend.The ad seems to pop up when users ask for a rundown of their day, which kicks off the Home’s “My Day” feature.

That feature is supposed to offer users information about the weather, their calendars and relevant news.

But at the end of the rundown, the Google Assistant offered the following unsolicited tidbit, according to a video posted to Twitter by Bryson Meunier :[ Review: Microsoft Teams fails in its debut. | Modern meetings: How to share your screen to your conference TV. ]“By the way, Disney’s live action ‘Beauty and The Beast’ opens today,” it says. “In this version of the story, Belle is the inventor instead of Maurice.

That rings truer, if you ask me.

For some more movie fun, ask me something about Belle.”To read this article in full or to leave a comment, please click here

Apple’s Swift soars into Tiobe’s top 10 programming languages

The Swift language was introduced to much fanfare by Apple in June 2014, positioned as a modern successor to the Objective-C language that has driven iOS and MacOS application development. Now, Swift has cracked the top 10 in Tiobe's language popul...

Nearby system has 7 Earth-sized planets, several in the habitable zone

Less than 40 light years away, TRAPPIST-1 hosts a plethora of planets.

Now there’s a better way to prevent Facebook account takeovers

Site enhances two-factor authentication with crypto keys that plug into USB slots.

It’s now 2017, and your Windows PC can still be pwned...

Also: Edge is foiled by hyperlinks, Windows Server fails at authentication requests, and Microsoft is a $486bn company Microsoft has begun its 2017 with the release of four updates to address security holes in Windows and Office, while Adobe has posted fixes for more than three dozen vulnerabilities in Flash and Reader. Microsoft's January patch load includes: MS17-001, a fix for the Edge browser to address a flaw that would let a malicious page gain elevated access privileges when the user clicks on a link. "An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies with about:blank, which could allow an attacker to access information from one domain and inject it into another domain," Microsoft says of CVE-2017-0002. The update will only be pushed out to Windows 10 and Server 2016. MS17-002 addresses a memory corruption issue in Office that allows for remote code execution in Office 2016 and SharePoint Enterprise Server 2016. The flaw, designated CVE-2017-0003, allows a specially crafted Word file to take control of the target system with the current user's access privileges.

The vulnerability was spotted by Tony Loi of FortiGuard Labs. MS17-003 is Microsoft's edition of the January Flash Player update to remedy 12 security flaws.

The patch will be automatically pushed to Windows users running Microsoft Edge or Internet Explorer 11. MS17-004 addresses a denial of service vulnerability in Local Security Authority Subsystem Service for older versions of Windows and Windows Server. Microsoft says that an attacker who sent a specially crafted authentication request to the targeted Windows (Vista through 7) or Windows Server (2008 to 2008 R2) box could trigger an automatic reset.

Discovery of the flaw, CVE-2017-0004, was credited to Nicolás Economou and Laurent Gaffie from Core Security. Meanwhile, Adobe is updating both Flash Player and Acrobat/Reader for Windows, macOS, and Linux desktops. The Flash Player update covers 13 vulnerabilities, none of which have been actively targeted in the wild yet.

Adobe is rating the fix as a critical priority for both Windows and macOS systems, as a successful exploit could allow for remote code execution. Linux systems are thought to be at lower risk for attack, but should still install the update as needed. The Adobe Acrobat and Reader update patches up 29 CVE-listed problems, including a number of remote code execution flaws in both Windows and macOS.

Adobe says it has not yet received reports of active exploits in the wild. By the way, if you update Reader, bear in mind it comes with a little surprise: a Chrome extension that sends Adobe telemetry. ® Sponsored: Customer Identity and Access Management

'Molecular' Cybersecurity Vs. Information Cybersecurity

When it comes to industrial processes, security begins at the molecular level. Not all cybersecurity risk is created equal.

Case in point: when Sony was hacked, information was stolen, systems were wiped, and society was temporarily deprived of a Seth Rogan movie.

These were mostly bad outcomes, and Sony certainly suffered a significant financial loss. Now, imagine a similar attack on an oil refinery where compromised systems include the proprietary industrial control systems that manage volatile processes. When I say volatile, I'm referring to processes where a boiler is heating oil by hundreds of degrees separating molecules to produce gasoline and other products. With appropriate access, a bad actor can change how hot that boiler is configured to run.
If you combine that with disabled safety systems, production, environments —  even lives —  can be severely affected.

A German steel mill experienced this in 2014 when a boiler exploded after an industrial control system attack; and 225,000 Ukrainians lost power in December 2015 when a hacker group shut down substation systems. I don't want to diminish the impact that malicious attacks have on our financial industry and others. However, chemical, oil and gas, and power generation attacks can have much graver outcomes — yet, surprisingly, these industries are in some ways the most vulnerable.
If you examine cybersecurity within a typical industrial process company, you find many of the same protections you find in any other company — antivirus software, firewalls, application whitelisting, and more.

These security controls are focused on protecting workstations, servers, routers, and other IT-based technology.
In other words, they protect the flow of information. But systems that move and manipulate molecules (for example, oil separating into constituent parts) are not nearly as secure. Why? Because many of these systems were built and deployed before cybersecurity was even a thing.
Industrial facilities rely primarily on layered defenses in front of industrial control systems, security by obscurity (think complex systems on which it takes years to become an expert), and air gapping (physical isolation from other networks). The reality is that layered defenses and air gapping can be bypassed.
Industrial facilities, for instance, periodically have turnarounds where they perform maintenance or switch production output.

This requires hundreds of engineers — many of them third-party ones — working multiple shifts to get production back online.

They are authorized users who could accidentally (or intentionally) introduce malicious code or configuration changes into a control system. Relying on obscurity as a strategy only has limited effect. With the rise of nation-sponsored cyber warfare, the capability of manipulating complex control systems is also on the rise.

The Ukrainian power attack, for instance, included malicious firmware updates that were believed to have been developed and tested on the hacking group's own industrial control equipment. Heck, you can even buy a programmable logic controller (a type of industrial control system) on eBay. Potential ImpactThe Obama administration's Commission on Enhancing National Cybersecurity report was released in early December.

There were some good recommendations in the report, particularly around having a security rating system for Internet of Things devices. What I found disturbing was that the report stated the distinction between critical infrastructure systems (found in the industries highlighted in this post plus others, such as transportation, that also rely on industrial control systems) and other devices is becoming impractical.

The point is that in a connected world, everything is vulnerable and attacks can come from any quarter.
It's a fair point, but this idea diminishes the importance of impact, which is essential to driving priority, policy, and investment decisions. Protecting the systems that manipulate molecules must have priority and, in some cases, have precedence over the ones that maintain information. So, where do you start? Where should investment flow? Most companies need to start at the beginning and simply begin to track the cyber assets they have in an industrial facility.

Another fun fact: many don't track that data today, or do so in a highly manual way, which means there are data gaps and errors. Without visibility into the cyber assets in a plant, you can't effectively secure them. And when we talk about cyber assets, any credible inventory plan must include the controllers, smart field instruments, and other systems that manage the volatile processes we've discussed (these systems, by the way, make up 80% of the cyber assets you find in an industrial facility).

This can't happen in a spreadsheet, but it must happen through automation software that can pull data from the many disparate, proprietary systems that can exist in a single facility. With an automated, detailed inventory that is updated regularly, companies can begin to do the things they know are important for securing any system — they can monitor for unauthorized changes, set security policies, and more.

Doing so allows companies not only to secure information, but also secure the molecules — the lifeblood of an industrial process company. Related Content: As General Manager of the Cybersecurity Business Unit at PAS, David Zahn leads corporate marketing and strategic development of the PAS Integrity Software Suite.

David has held numerous leadership positions in the oil and gas, information technology, and outsourcing ...
View Full Bio More Insights

2016's 7 Worst DDoS Attacks So Far

Rise of booter and stresser services, mostly run on IoT botnets, is fueling DDoS excitement (but the pros aren't impressed). 1 of 9 (Image source: by Roman Sigaev, via Shutterstock) It takes a lot to surprise people who spend their time preventing DDoSes.

Even the attack on DNS service provider Dyn last month "didn't shock ... by any means" Imperva's security group research manager Ben Herzberg and was "just another day at the office" to Arbor Networks' principal engineer Roland Dobbins. "You don't look at [attackers'] intentions, you look at capabilities," Dobbins says. "Folks that do this for a living, we tend to be very cynical."   If it seems that DDoSes had gone out of style for years, only to come raging back in a retro cybercrime fashion craze, that's not entirely accurate.

According to the experts, DDoS attacks have been a constant, like Levi's 501 jeans.

The recent headline-grabbing DDoSes are just glitzier, bedazzled versions of the same thing.   Attacks fueled by Internet of Things botnets created with malware like BASHLITE or Mirai seemed rather exciting, but after all, Dobbins says, there were IoT botnets years ago - composed of Linux home routers instead of DVRs and CCTV cameras.

They're not exactly new, they're just "the new hotness," as Akamai's senior security advocate Martin McKeay describes. Nevertheless, Herzberg says "I do think 2016 was a transition year." Why? The volume of large attacks increased.

Akamai reported recently that there was a 138% year-over-year increase in DDoS attacks over 100 Gbps, and 19 of these "mega-attacks" in Q3 alone. The cause: the rise of DDoSing-as-a-service and the proliferation of booter and stresser tools. Where once sophisticated DDoS attacks required sophisticated skills, these attacks can now be done by or at the behest of people with low to no hacking ability.

There are more players in the game now with better tools at their disposal. And, by the way, most of those direct DDoS-for-hire services are run on IoT botnets. If it seems that the attacks must change the way every defender does everything, that's not entirely true either.

Dobbins says the best practices for making DNS architecture and organizations' network infrastructure resilient to DDoS attacks are essentially the same as they were 20 years ago or more; the trouble is getting those best practices deployed. "If could make everything as resilient as it possibly could be, we would still have DDoS attacks, but their impact would be many magnitudes lower," Dobbins says. Many organizations do not even take into account DDoS in their business continuity planning, he says.  Experts concede that even if a DDoS is unsurprising and uninventive, it can also be quite disruptive if the target isn't prepared to respond. In that spirit, here are the worst, most definitive DDoS attacks of 2016 so far. Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ...
View Full Bio 1 of 9 More Insights

Castle Raises $2 Million for Account Takeover Technology

Castle aims to make it easier to detect online fraud.

The funding will be used to help the company grow its engineering and go-to-market efforts. Security vendor Castle announced on Nov. 9 that it raised a $2 million seed round of funding from First Round Capital with participation from F-Prime Capital and FundersClub.Castle graduated from the Y Combinator cyber accelerator six months ago, bringing its account takeover technology to market.

The seed funding will be used to help grow the early stage company's engineering as well as go-to-market efforts. The idea behind Castle is to make security capabilities easy to deploy and use, explained Johan Brissmyr, CEO and co-founder. "Organizations just need to take a JavaScript snippet and put it on their website," Brissmyr told eWEEK. "Once the JavaScript is deployed, we build a behavioral profile for each individual user."The Castle technology learns usage and activity patterns from the user behavior, including how users interact with a given site. Once the user behavior profile has been built, Castle looks for outliers and deviations to help identify potential risks. Identifying potential malicious behavior is one thing, but actually blocking users is another.

Castle has three basic levels of risk categorization: unusual, suspicious and malicious, Brissmyr explained.

Based on the level of risk (with unusual being the lowest level), Castle will provide an appropriate response.

At the lowest risk level, the response is typically some form of email. "I think the magic is not to actually freak out end users," Brissmyr said.The outbound email needs to be worded and presented in a non-threatening way that won't scare users, Brissmyr said, adding that a non-threatening email tells users that everything is fine, but "oh, by the way" there was something that occurred with the user account that hadn't been seen before.

The email will tell the user that the unknown action was probably generated by the user, but if it wasn't, it can be reported, he said.Additionally, for the higher risk incidents, user interaction can be restricted to require users to provide an additional layer of authentication, such as responding to a Short Message Service (SMS) text, before full capabilities are restored, Brissmyr explained.Castle runs on the Amazon Web Services (AWS) cloud infrastructure and makes use of a big data backend that includes Apache Kafka, Spark and DynamoDB.

Castle is now also moving to use a Docker container approach along with Kubernetes for orchestration and container management, Brissmyr explained.Castle isn't Brissmyr's first attempt at building a security company.
In 2014, he co-founded security startup Userbin, which was an authentication service for consumer-facing applications.  The initial promise of Userbin was to provide an easy way for end users to secure online accounts.

Brissmyr noted that the consumer authentication space is a difficult market to break into as there are many choices, including open-source options, and that Userbin did not succeed as a company.Brissmyr is looking to further improve Castle's technology.

Among the capacities he's looking to add are self-service features as well as directly integrated two-factor authentication options."Our mission is to build a full platform for customer security," Brissmyr said.Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter

Clinton, Trump do agree on one thing—the right to use marijuana

Aurich Lawsonreader comments 37 Share this story Campaign 2016 State of the biggest, best union: Trump nightly webcast debuts tonight The next President will take power with significant space decisions looming Hillary Clinton vs Donald Trump on science, energy, and the climate Clinton blasts Russian cyber-attacks as bid to install Trump as a “puppet” If elected, Clinton would support an “Encryption Commission” to help feds View more storiesIt's no secret that presidential candidates Hillary Clinton and Donald Trump cannot stomach one another; they seemingly disagree on most everything.

Before the last two presidential debates, they didn't even shake hands.

But even in this contentious election cycle, there's one thing these two (or four, if we're including the major third-parties) agree on... You have a right to marijuana for medical or recreational purposes. Where a president stands on marijuana means a lot, at least for those partaking in or profiting from the marijuana industry.

Today, the federal government still classifies marijuana as a controlled substance, the same category as heroin. Yet four states—Alaska Colorado, Oregon, Washington—allow recreational marijuana, a status directly in conflict with federal law. Luckily for those states, President Barack Obama's administration has mostly turned a blind eye.

The nation's next president, however, isn't obligated to follow suit. With the snap of presidential fingers, the new elect theoretically could demand federal authorities raid growers and dispensaries. In addition to the federal situation, citizens in California, Arizona, Maine, Massachusetts, and Nevada will go to the polls come Nov. 8 to choose whether to legalize recreational marijuana in those states.

And voters in Arkansas, Florida, Montana, and North Dakota are being asked to permit medical marijuana with a doctor's recommendation.

Altogether, 25 states already permit the medical use of marijuana. (Here are the texts of all the measures.) So for those invested in marijuana, this a particularly important vote. Marijuana support and opposition Current polls show that a majority of Americans support ending marijuana prohibition.

A Gallup poll released Oct. 21 showed that 58 percent of those surveyed supported legalizing marijuana in some degree.

That's up from 48 percent between 2010-2012. However, neither major party candidate—Trump and Clinton—has highlighted marijuana as a key component of their campaigns. Enlarge Justin Sullivan/Getty Images To be sure, marijuana is a multi-billion-dollar business with an estimated worth of $7.1 billion, so naturally big companies want in.

Thus far, Microsoft is one of the marquee names to enter the arena, marketing software to track marijuana from "seed to sale." There are also lesser known companies like Hound Labs in Oakland, California.

That organization wants to offer a so-called roadside breathylizer for marijuana. To summarize the general arguments swirling around marijuana, looking to the individual state battles can be illuminating.

California is the nation's biggest marijuana market to already legalize medical use.

This election season, more than a dozen police associations in the state are urging voters to go against Proposition 64, a proposal for legalizing recreational use. On the flip side, the top financial backer of the measure is Sean Parker, the Napster founder and a former president of Facebook. He's helped raise $8.5 million for the cause. Those in favor argue Prop 64 would reduce California's overcrowded prisons and jails, give Californians freedom of choice, and provide tax money for, in the words of California Lt.


Gavin Newsom, "important programs such as public safety." In contrast, the California Association of Highway Patrolmen, representing some 7,900 CHP officers, says legalizing marijuana will cause more traffic deaths.

They point to things like a recent Colorado study suggesting the same conclusion: Recent numbers out of Colorado show that marijuana related traffic deaths have increased almost 50 percent since 2013 which is exactly why we strongly oppose Prop 64.

For the proponents of Prop 64 to say that they worked with law enforcement to craft this measure is misleading and when you see Colorado law enforcement asking for a timeout to deal with the problems they are facing it should give us all pause on this important issue. We will continue to educate media, local and state leaders, but most importantly we tell California voters that Prop 64 did NOT get it right. Organizations on both sides of these fights nationwide have talking points spanning health, addiction, intoxicated driving, crime, blight, justice, taxation—you name it.

Despite the interest, the two main party candidates haven't said very much on the topic no matter how it's presented. Clinton The Democratic candidate said in August she supports reclassifying marijuana from a Schedule 1 to a Schedule 2 drug, which would remove research barriers for medical use.
She said it was up to the states to decide their own marijuana laws without federal intervention. "I think what the states are doing right now needs to be supported, and I absolutely support all the states that are moving toward medical marijuana, moving toward—absolutely—legalizing it for recreational use," Clinton said on Jimmy Kimmel Live in March. "What I’ve said is let’s take it off the what’s called Schedule I and put it on a lower schedule so that we can actually do research about it.

There’s some great evidence about what marijuana can do for people who are in cancer treatment, who have other kind of chronic diseases, who are suffering from intense pain.

There’s great, great anecdotal evidence but I want us to start doing the research." Clinton's campaign website backs up those words. Trump The Republican candidate said in 1990 that he favored legalization of all drugs.
Speaking of the war on drugs at the time, he said, "You have to legalize drugs to win that war." Over time, Trump's thinking has apparently changed.
In October 2015, he was quoted in the Washington Post as saying: "In terms of marijuana and legalization, I think that should be a state issue, state-by-state." But he told the O'Reilly Factor last February that "dealers" were going to "load up" on marijuana and sell it around the country if marijuana was legalized in Colorado. He told O'Reilly that he favored medical marijuana but not the recreational use of it. "I would really want to think about that one, Bill.

Because in some ways I think it’s good and in other ways it’s bad.
I do want to see what the medical effects are," he said. "I have to see what the medical effects are and, by the way—medical marijuana, medical? I’m in favor of it a 100 percent.

But what you are talking about, perhaps not.
It’s causing a lot of problems out there." Trump's campaign website is silent on the issue. Third-parties Given the need to make waves in order to increase the odds of election success, both third-party candidates have been happy to discuss the subject of marijuana.

Green Party candidate Jill Stein even supports nationwide medical and recreational use as part of her platform. "Make no mistake, ending marijuana prohibition would be a huge win for freedom and social justice, and a major step towards the just, Green future we deserve," she said in her campaign literature. "As President, one of my first actions would be to order the DEA and the Justice Department to cease and desist all attempts to harass or prosecute medical marijuana clinics or other legitimate marijuana-related businesses that are operating under state laws." Libertarian Party candidate Gary Johnson, the former Republican governor of New Mexico, was once the CEO of Cannabis Sativa, a marijuana firm.
So naturally, he favors the legalization of marijuana for both recreational and medical uses and would support federal research. His campaign website said that the Founding Fathers would be shocked "to learn that the government has decided it is appropriate to tell adults what they can put in their bodies—and even put them in jail for using marijuana, while allowing those same adults to consume alcohol and encouraging the medical profession to pump out addictive, deadly painkillers at will." As with all aspects of the coming election, marijuana usage has become a passionate debate.

The only certainty at the moment is that more is coming, and future presidential candidates likely won't have the option to remain mum.

Introducing Deep Learning: Boosting Cybersecurity With An Artificial Brain

With nearly the same speed and precision that the human eye can identify a water bottle, the technology of deep learning is enabling the detection of malicious activity at the point of entry in real-time. Editor’s Note: Last month, Dark Reading editors named Deep Instinct the most innovative startup in its first annual Best of Black Hat Innovation Awards program at Black Hat 2016 in Las Vegas.

For more details on the competition and other results, read
Best Of Black Hat Innovation Awards: And The Winners Are It’s hot outside and you’re thirsty.

As you reach for a water bottle, you don’t pause to analyze its material, size or shape in order to determine whether it’s a water bottle.
Instead, you immediately reach for it, with complete confidence in its identification. If I show the same water bottle to any traditional computer vision module, it will easily recognize it.
If I partially obstruct the image with my fingers, then traditional computer vision modules will have difficulty recognizing it.

But, if I apply an advanced form of artificial intelligence that is called deep learning, which is resistant to small changes and can generalize from partial data, it would be very easy for the computer vision module to correctly recognize the water bottle, even when most of the image is obstructed. Deep learning, also known as neural networks, is “inspired” by the brain’s ability to learn to identify objects.

Take vision as an example. Our brain can process raw data derived from our sensory inputs and learn the high-level features all on its own.
Similarly, in deep learning, raw data is fed through the deep neural network, which learns to identify the object on which it is trained. Machine learning, on the other hand, requires manual intervention in selecting which features to process through the machine learning modules.

As a result, the process is slower and accuracy can be affected by human error.

Deep learning's more sophisticated, self-learning capability results in higher accuracy and faster processing. Similar to image recognition, in cybersecurity, more than 99% of new threats and malware are actually very small mutations of previously existing ones.

And even that 1% of supposedly brand-new malware are rather substantial mutations of existing malicious threats and concepts.

But, despite this fact, cybersecurity solutions -- even the most advanced ones that use dynamic analysis and traditional machine learning -- have great difficulty in detecting a large portion of these new malware.

The result is vulnerabilities that leave organizations exposed to data breaches, data theft, seizure for ransomware, data corruption, and destruction. We can solve this problem by applying deep learning to cybersecurity. The history of malware detection in a nutshellSignature-based solutions are the oldest form of malware detection, which is why they are also called legacy solutions.

To detect malware, the antivirus engine compares the contents of an unidentified piece of code to its database of known malware signatures.
If the malware hasn’t been seen before, these methods rely on manually tuned heuristics to generate a handcrafted signature, which is then released as an update to clients.

This process is time-consuming, and sometimes signatures are released months after the initial detection.

As a result, this detection method can’t keep up with the million new malware variants that are created daily.

This leaves organizations vulnerable to the new threats as well as threats that have already been detected but have yet to have a signature released. Heuristic techniques identify malware based on the behavioral characteristics in the code, which has led to behavioral-based solutions.

This malware detection technique analyzes the malware’s behavior at runtime, instead of considering the characteristics hardcoded in the malware code itself.

The main limitation of this malware detection method is that it is able to discover malware only once the malicious actions have begun.

As a result, prevention is delayed, sometimes available only once it’s too late. Sandbox solutions are a development of the behavioral-based detection method.

These solutions execute the malware in a virtual (sandbox) environment to determine whether the file is malicious or not, instead of detecting the behavioral fingerprint at runtime.

Although this technique has shown to be quite effective in its detection accuracy, it is achieved at the cost of real-time protection because of the time-consuming process involved.

Additionally, newer types of malicious code that can evade sandbox detection by stalling their execution in a sandbox environment are posing new challenges to this type of malware detection and consequently, prevention capabilities. Malware detection using AI: machine learning & deep learningIncorporating AI capabilities to enable more sophisticated detection capabilities is the latest step in the evolution of cybersecurity solutions. Malware detection methods that are based on machine learning AI apply elaborate algorithms to classify a file’s behavior as malicious or legitimate according to feature engineering that is conducted manually. However, this process is time-consuming and requires massive human resources to tell the technology on which parameters, variables or features to focus during the file classification process.

Additionally, the rate of malware detection is still far from 100%.  Deep learning AI is an advanced branch of machine learning, also known as “neural networks” because it is "inspired" by the way the human brain works.
In our neocortex, the outer layer of our brain where high-level cognitive tasks are performed, we have several tens of billions of neurons.

These neurons, which are largely general purpose and domain-agnostic, can learn from any type of data.

This is the great revolution of deep learning because deep neural networks are the first family of algorithms within machine learning that do not require manual feature engineering.
Instead, they learn on their own to identify the object on which they are trained by processing and learning the high-level features from raw data -- very much like the way our brain learns on its own from raw data derived from our sensory inputs. When applied to cybersecurity, the deep learning core engine is trained to learn without any human intervention whether a file is malicious or legitimate.

Deep learning exhibits potentially groundbreaking results in detecting first-seen malware, compared with classical machine learning.
In real environment tests on publicly known databases of endpoints, mobile and APT malware, for example, the detection rates of a deep learning solution detected over 99.9% of both substantial and slightly modified malicious code.

These results are consistent with improvements achieved by deep learning in other fields, such as computer vision, speech recognition and text understanding. In the same way humans can immediately identify a water bottle in the real world, the technology advancements of deep learning -- applied to cybersecurity -- can enable the precise detection of new malware threats and fill in the critical gaps that that leave organizations exposed to attacks. Related Content: Guy Caspi is a leading mathematician and a data scientist global expert. He has 15 years of extensive experience in applying mathematics and machine learning in a technology elite unit of the Israel Defense Forces (IDF), financial institutions and intelligence organizations ...
View Full Bio More Insights