Fujitsu Laboratories Ltd. has announced that it has developed an AI technology that automatically determines whether action needs to be taken in response to a cyberattack.

 

When a business network has been hit with a cyberattack, various security appliances detect the attack on the network’s servers and devices. Conventionally, an expert in cyberattack analysis then manually investigates and checks the degree of threat, to determine whether action is needed to minimize damage.

 

To secure the necessary training data needed to develop highly accurate AI technology, Fujitsu Laboratories has now developed a technology that identifies and extracts attack logs, which show the behavior of a cyberattack, from huge amounts of operations logs. It also developed a technology that expands on the small number of training data extracted in a manner that does not spoil attack characteristics. This generates a sufficient amount of training data.

 

In simulations using these technologies, they achieved a match rate of about 95% in comparison with experts’ conclusions regarding the need for action, and they did not miss any attack cases that required a response. The time necessary to reach a conclusion was also shortened from several hours to several minutes.

 

By using these technologies, countermeasures can quickly be put in place for cyberattacks that have been determined to require action, contributing to business continuity and the prevention of loss.

 

Development Background
In recent years, the number of cyberattacks against business networks continues to increase. With targeted attacks(1), which is a type of cyberattack, the attacker uses clever techniques to embed malware(2) that can be controlled remotely in an organization, and then remotely controls devices infected with malware to conduct intelligence activities. In defense, when a company discovers suspicious activities with such monitoring equipment as a security appliance, a security expert manually investigates the attack, and takes time to evaluate danger and risk, then determines the necessity to respond.

 

The decision to respond needs to be made carefully as the responses themselves may have consequences. For example, attacked business devices may need to be isolated, and the network reconstructed, resulting in operation stoppages that impact businesses.

 

According to statistics from Japan’s Ministry of Economy, Trade and Industry(3), by 2020 there will be a shortage of 193,000 security professionals in Japan. That being said, AI-based automation is expected to rapidly determine the necessity to respond to attack cases, making decisions on the same level as an expert who has advanced knowledge and insight on attacks.

 

Issues

 

In order to develop an AI-based model to make determinations, the following issues regarding training on attack information needed to be addressed:

 

1. The operations logs for normally functioning servers, devices, and network equipment coexist with the attack operations logs, and both logs are accumulated in great abundance. To conduct proper learning with AI, it is necessary to identify the traces of targeted attacks from the large number of logs. However, distinguishing between logs is difficult because intelligence activities via targeted attacks utilize OS commands and other methods.

 

2. It is extremely difficult to extract attack operations logs from the huge amounts of existing logs, while securing them in large quantities as training data. For AI technologies, it is possible to increase the small amounts of training data through procedures and conversions such as noise processing; however, such simple processing of the training data of targeted attacks can cause the attack characteristics to be lost, making data expansion difficult.

 

About the Newly Developed Technology

 

Fujitsu Laboratories has developed technologies to secure sufficient amounts of training data related to targeted attacks required for the creation of highly accurate, AI determination models. Features of the developed technologies are outlined below:

 

1. Training data extraction technology
Based on the know-how Fujitsu has accumulated in its security-related business and research, as well as from about seven years’ worth of actual attack analysis data, Fujitsu Laboratories has built a database of attack patterns that includes commands and parameters linked to intelligence activities of targeted attacks. By using this database, users can accurately identify and extract a series of intelligence activities from the vast amounts of logs.

 

2. Training data expansion technology
This technology generates simulations of new intelligence gathering activities – a type of targeted attack-without losing attack characteristics. The technology calculates attack levels and identifies the important commands of intelligence activities in the extracted targeted attack, then converts the parameters within the range existing in the attack pattern database. As a result, it becomes possible to expand the training data fourfold.

 

Effects

 

Fujitsu Laboratories combined the newly developed technologies with its own Deep Tensor AI technology, and ran evaluative testing on the determination model that had been trained on the new training data. Run in a simulation using about four months of data – 12,000 items – the technologies made an approximate 95% match with the findings that a security expert generated through manual analysis, achieving a near equal determination of response necessity. Furthermore, the technologies were field tested on STARDUST, the Cyber-attack Enticement Platform(4) which is jointly operated with the National Institute of Information and Communications Technology (NICT), using real cyberattacks targeting companies. The technologies automatically determined the attack cases requiring a response, thereby confirming their effectiveness.

 

With these AI technologies, determinations of the necessity of action, which until now have taken an expert several hours to several days, can be automatically made with high accuracy from tens of seconds to several minutes. Furthermore, by combining these technologies with Fujitsu Laboratories’ high-speed forensic technology, which rapidly analyzes the whole picture of the status of damage from a targeted attack, the response sequence, from attack analysis to instructions for action, can be automated, enabling immediate responses to cyberattacks and minimizing damage.

 

Future Plans
Fujitsu aims to make use of these technologies within its Managed Security Services, as a response platform for cyberattacks.

 

  • [1] Targeted attack
    A cyberattack targeting a specific organization or individual, to relentlessly steal information or destroy systems.

 

  • [2] Malware
    Malicious software.

 

 

  • [4] STARDUST, the Cyber-Attack Enticement Platform
    a platform, which was developed by the National Institute of Information and Communications Technology (NICT), for the observation of cyberattacks. By enticing attackers to an environment that elaborately simulates organizations such as government and corporations, and observing over the long term the activities of attackers without them noticing, the platform aims to reveal the detailed behavior of attackers once they have penetrated an organization, to gather the information needed to establish cyberattack countermeasures and responses.

 

&


RECOMMENDED ARTICLE FOR TECHWORLD


 
10 Years in the Making: NVIDIA® Brings Real-Time Ray Tracing to Gamers with GeForce® RTX™
Techworld Date Posted: 22 August 2018 2:04 PM | 312 Views
NVIDIA® has unveiled the GeForce® RTX™ series, the first gaming GPUs based on the new NVIDIA® Turing™ architecture and the NVIDIA® RTX™ platform, which fuses next-generation shaders with real-time ray tracing and all-new AI.... See More
 
10 Years in the Making: NVIDIA® Brings Real-Time Ray Tracing to Gamers with GeForce® RTX™
Techworld Date Posted: 2:04 PM | 312 Views
NVIDIA® has unveiled the GeForce® RTX™ series, the first gaming GPUs based on the new NVIDIA® Turing™ architecture and the NVIDIA® RTX™ platform, which fuses next-generation shaders with real-time ray tracing and all-new AI...See More

 
New Version of Kaspersky Password Manager Helps to Keep Valuable Digital Data in Order
Techworld Date Posted: 23 March 2019 10:11 AM | 21 Views
Kaspersky Lab has released a new version of its freemium solution: Kaspersky Password Manager. The solution further simplifies the process of organizing valuable private data – from passwords to documents and photographs. Kaspersky Password.... See More
 
New Version of Kaspersky Password Manager Helps to Keep Valuable Digital Data in Order
Techworld Date Posted: 10:11 AM | 21 Views
Kaspersky Lab has released a new version of its freemium solution: Kaspersky Password Manager. The solution further simplifies the process of organizing valuable private data – from passwords to documents and photographs. Kaspersky Password...See More

 
Transcend’s Gives Advice in Selecting the Right Dashcam for Your Needs
Techworld Date Posted: 20 September 2017 11:06 AM | 242 Views
The dashcam, or dashboard camera, has become an essential vehicle accessory primarily because of solid evidence that it aids with self-protection. Transcend Information Inc., a leading manufacturer of storage and multimedia products, has come.... See More
 
Transcend’s Gives Advice in Selecting the Right Dashcam for Your Needs
Techworld Date Posted: 11:06 AM | 242 Views
The dashcam, or dashboard camera, has become an essential vehicle accessory primarily because of solid evidence that it aids with self-protection. Transcend Information Inc., a leading manufacturer of storage and multimedia products, has come...See More

 
PH’s Biggest Telcos Converge, Unveil First PLDT-Smart Store in BGC
Techworld Date Posted: 27 April 2018 3:22 PM | 437 Views
Manila, Philippines – The country’s leaders in broadband, mobile and digital entertainment are now in one home. PLDT and Smart formally unveiled the first ever PLDT-Smart Store—a one-stop digital hub and converged store which.... See More
 
PH’s Biggest Telcos Converge, Unveil First PLDT-Smart Store in BGC
Techworld Date Posted: 3:22 PM | 437 Views
Manila, Philippines – The country’s leaders in broadband, mobile and digital entertainment are now in one home. PLDT and Smart formally unveiled the first ever PLDT-Smart Store—a one-stop digital hub and converged store which...See More

 
Five Short YouTube Docus That Deserve a Spot on Your Playlist Right Now
Techworld Date Posted: 15 September 2018 2:32 PM | 235 Views
In between life hacks and viral videos, YouTube has an exciting selection of thought-provoking documentaries and informative videos that are just as entertaining as they are enlightening.. See More
 
Five Short YouTube Docus That Deserve a Spot on Your Playlist Right Now
Techworld Date Posted: 2:32 PM | 235 Views
In between life hacks and viral videos, YouTube has an exciting selection of thought-provoking documentaries and informative videos that are just as entertaining as they are enlightening.See More

 
Kaspersky Lab’s Global Research and Analysis Team Recognized for ShadowPad Discovery
Techworld Date Posted: 16 October 2018 3:45 PM | 326 Views
The Kaspersky Lab Global Research and Analysis Team (GReAT) was recognized with the Annual Péter Szőr Award for Technical Security Research for its work on uncovering and analyzing the ShadowPad operation. See More
 
Kaspersky Lab’s Global Research and Analysis Team Recognized for ShadowPad Discovery
Techworld Date Posted: 3:45 PM | 326 Views
The Kaspersky Lab Global Research and Analysis Team (GReAT) was recognized with the Annual Péter Szőr Award for Technical Security Research for its work on uncovering and analyzing the ShadowPad operationSee More

Frank Emmanuel Trazo
Summer Loving in VR: Summer Lesson
Techworld • By: Frank Emmanuel Trazo | Date Posted: 27 June 2017 10:55 AM | 446 Views
Summer is one of the most magical and memorable seasons for the youth as it lets them experience love. As VR technology is becoming more reachable for public consumption and you can live in.... See More
Frank Emmanuel Trazo
Summer Loving in VR: Summer Lesson
Techworld • By: Frank Emmanuel Trazo | Date Posted: 10:55 AM | 446 Views
Summer is one of the most magical and memorable seasons for the youth as it lets them experience love. As VR technology is becoming more reachable for public consumption and you can live in...See More

 
IDC Philippines Unveils its Top ICT Predictions for 2017 and Beyond
Techworld Date Posted: 9 February 2017 2:38 PM | 241 Views
MANILA, Philippines – IDC Philippines announced its top predictions for the Philippine ICT industry for 2017 and beyond and predicts 25% of its top 1,000 companies will see majority of their business depend on.... See More
 
IDC Philippines Unveils its Top ICT Predictions for 2017 and Beyond
Techworld Date Posted: 2:38 PM | 241 Views
MANILA, Philippines – IDC Philippines announced its top predictions for the Philippine ICT industry for 2017 and beyond and predicts 25% of its top 1,000 companies will see majority of their business depend on...See More

 
Kaspersky Lab Industrial Cybersecurity Conference 2018 Call for Papers
Techworld Date Posted: 3 May 2018 3:42 PM | 183 Views
The growing interconnectedness of IT and operational technology (OT) systems raises new security challenges and requires the transformation of both protection technologies and the mindsets of board members, engineers and IT security teams. . See More
 
Kaspersky Lab Industrial Cybersecurity Conference 2018 Call for Papers
Techworld Date Posted: 3:42 PM | 183 Views
The growing interconnectedness of IT and operational technology (OT) systems raises new security challenges and requires the transformation of both protection technologies and the mindsets of board members, engineers and IT security teams. See More

 
Best Gadgets That Will Make Your Christmas Shopping a Breeze
Techworld Date Posted: 13 November 2018 3:55 PM | 205 Views
Make your Christmas shopping easier this 2018 with Gadget Goods Asia’s Christmas package as they offer five unique travel and work gadgets at great discounts. . See More
 
Best Gadgets That Will Make Your Christmas Shopping a Breeze
Techworld Date Posted: 3:55 PM | 205 Views
Make your Christmas shopping easier this 2018 with Gadget Goods Asia’s Christmas package as they offer five unique travel and work gadgets at great discounts. See More


Power by

Download Free AZ | Free Wordpress Themes