Month: October 2015

Cyberattacks studied through the lens of EEG and eye tracking

University of Alabama at Birmingham researchers have conducted a study that provides new insights on users’ susceptibility to, and capability to detect, cyber-criminal attacks such as malware and phishing attacks.

The study analyzed users’ brain activity and eye gaze movements as they were subjected to these attacks. This new research was presented at the 2015 ACM Conference on Computer and Communications Security last week in Denver.

This study from researchers within the UAB College of Arts and Sciences Department of Computer and Information Sciences and Center for Information Assurance and Joint Forensics Research was based on the knowledge that detecting malware and phishing attacks are user-centered functions, but little is understood about the user behavior underlying these tasks.

There is some prior knowledge on this topic regarding users’ performance in these security tasks, but UAB’s research took the work to the next level by studying users in a near-reality setting and evaluating more than one neurophysiological measure during a single study.

Researchers took a three-dimensional approach to this study by looking at what the users’ task performance was through evaluating how they process the tasks of detecting cyberattacks with neural activity, which was captured using electroencephalogram, or EEG, cognitive metrics and with eye gaze patterns, which were captured using an eye-tracker.

The evaluation process tested users on phishing attacks, which use malicious email to collect personal and financial information, as well as Web-based malware attacks, which deploy software to infect computers with viruses while users browse the Web.

“By looking at these three measures together, we were able to show that users do not spend enough time analyzing key phishing indicators, and often fail at detecting phishing attacks even when they are mentally engaged in the task and subconsciously processing real sites differently from fake sites,” said Nitesh Saxena, Ph.D., the director of the Security and Privacy In Emerging computing and networking Systems (SPIES) lab and associate professor of computer and information sciences at UAB. “Under malware attacks, we found the opposite to be true. Users were found to be frequently reading, possibly comprehending and eventually heading the message embedded in the malware warning (such as the one provided by common browsers).”

“Overall, the way users respond to and process malware warnings is good news,” said UAB graduate student Ajaya Neupane, co-author of the article with Saxena. “The gaze patterns show that users are reading the warnings, the neural activity shows that users are undergoing high workload and are highly engaged when warnings were displayed, and the task accuracy shows that users heed warnings a large majority of the time.”

Also, for phishing attacks, a direct correlation was found between the users’ attention control, which is considered a personality trait, measured via a paper-and-pencil test, and how accurate they were at detection.

“We believe that means the users’ susceptibility to phishing attacks is a function of their personality traits,” Saxena said. “The more attentive they are by nature, the more likely they are to detect the phishing attacks.”

These results give researchers the foundation upon which to begin designing mechanisms that will use real-time neural and eye-gaze features that can automatically infer a user’s alertness state, and determine whether or not the user’s response should be relied upon. Most interestingly, the insight that users’ brains can subconsciously detect phishing attacks, even though users themselves may fail at detecting them, can be used to build future automated phishing detection mechanisms based on neural activity.

“We can begin thinking about developing ways to automatically detect whether users are attentive or inattentive, and whether they subconsciously detected a phishing attack,” Neupane said. “Our research suggests that combining neural and ocular features might provide a robust detection system, which would result in higher user security measures.”

This study was conducted in collaboration with researchers from Syracuse University.


Story Source:

The above post is reprinted from materials provided by University of Alabama at Birmingham. The original item was written by Katherine Shonesy.

Advertisements

Automating big-data analysis

Big-data analysis consists of searching for buried patterns that have some kind of predictive power. But choosing which “features” of the data to analyze usually requires some human intuition. In a database containing, say, the beginning and end dates of various sales promotions and weekly profits, the crucial data may not be the dates themselves but the spans between them, or not the total profits but the averages across those spans.

MIT researchers aim to take the human element out of big-data analysis, with a new system that not only searches for patterns but designs the feature set, too. To test the first prototype of their system, they enrolled it in three data science competitions, in which it competed against human teams to find predictive patterns in unfamiliar data sets. Of the 906 teams participating in the three competitions, the researchers’ “Data Science Machine” finished ahead of 615.

In two of the three competitions, the predictions made by the Data Science Machine were 94 percent and 96 percent as accurate as the winning submissions. In the third, the figure was a more modest 87 percent. But where the teams of humans typically labored over their prediction algorithms for months, the Data Science Machine took somewhere between two and 12 hours to produce each of its entries.

“We view the Data Science Machine as a natural complement to human intelligence,” says Max Kanter, whose MIT master’s thesis in computer science is the basis of the Data Science Machine. “There’s so much data out there to be analyzed. And right now it’s just sitting there not doing anything. So maybe we can come up with a solution that will at least get us started on it, at least get us moving.”

 

Source- Massachusetts Institute of Technology

Story Source:

The above post is reprinted from materials provided by University of Alabama at Birmingham. The original item was written by Katherine Shonesy.

Essentials of Networking

Essentials of Networking

 

The Department of Computer Science and Applications, DAV College, Chandigarh conducted a workshop “Essentials of Networking” for the final year students of Bachelors of Computer Applications on 19/8/15.The Resource persons for the workshop were Mr.Rajiv Nayyar and Mr.Rakesh Garg from the leading networking solutions provider : “ Infowiz-Software Solutions”, a firm registered with CII and national award winner for the best IT Centre of 2014-15.The workshop was organized to enlighten the students about  the various aspects of networking and internet security and the latest networking tools and techniques prevalent in the research and development industry. Using a live project, Mr.Rakesh Garg demonstrated how various networking tools can be  helpful in  saving our valuable data from hackers and other malicious programs on the internet. He also gave some handly practical tips to overcome frequently encountered bugs in network centric programming. Around 50 students attended the workshop.

 

IBM Cloud Computing Workshop

 

In the present technological era, IT industry is looking for developers who are well versed with various emerging and roboust technologies, one of them being Cloud computing. It is a tremendous innovation in the digital landscape that has changed the way IT solutions are delivered and will hold the key in futuristic application development. Keeping in view the same, the Department of Computer Science organised a workshop to enlighten the students and faculty with immense benefits and never ending sphere of implementations of cloud computing. The resource person for the workshop was Mr. Mani Madhukar from the Global IT Giant, IBM – inceptors  of numerous innovative and resource management technologies. Mr. Madhukar started the workshop by introducing  the Cloud Computing framework, its various Service Models and Application and Integration layers. Continue Reading

IT CLUB- TECHNOMINDS

TechnoMinds is an IT Club of DAV College Chandigarh; that focuses on interests of members by providing them intense knowledge about growing IT sector, their personnel development and technical skills. The club aims at ingraining the spirit of ingenuity, innovativeness and technical competence in the students through rigorous competition and regular guidance.