This ML Algorithm Can Find Hackers Who Have Broken In Before

darktrace-threat-visualizer

Cybersecurity agencies generally focus on preventing hackers from getting inside systems instead of stopping them from leaking information out. Now a new cybersecurity company called Darktrace is acting on this idea.

They have developed a tool, in collaboration with mathematicians from the University of Cambridge, that uses machine learning to catch internal breaches.

Majority of machine-learning applications rely on supervised learning which involves feeding a machine with huge amounts of data for recognizing patterns. This method works well if you are fighting a threat the system has faced before — which also becomes its limitation. Therefore, unknown threats are still capable of sneaking under the radar.

So instead of training on datasets that contain examples of previous attacks, Darktrace developed an algorithm that recognizes new instances of unusual behavior.

This machine-learning technique is based on unsupervised learning, which doesn’t require humans to specify what to look for. The system works like the human body’s immune system.

“It has this innate sense of what’s self and not-self,” says Darktrace co-CEO Nicole Eagan. Whenever the algorithm finds something that doesn’t belong to its system, it exhibits “an extremely precise and rapid response.”

In cybersecurity data, threatening behavior generally lies buried beneath an overwhelming amount of normal behavior. This is where unsupervised learning gains advantage over a supervised one by spotting behavior that doesn’t follow the usual pattern.

Darkface uses this software in combination with “physical and digital sensors around the client’s network to map out its activity.” Data collected from the system is then directed to over 60 different unsupervised-learning algorithms that work relentlessly to find anomalous behavior.

On detection of such behavior, the system quarantines the breach by cutting off all external communication from the infected device — until it’s resolved.

While all of that is effective, unsupervised training isn’t a cure for everything because cybersecurity is like the whack-a-mole game. And at the end of the day, the whole system is as secure as its weakest link.

Also Read: This Hidden Chrome Page Shows All Interstitial Warnings From Google
Manisha Priyadarshini

Manisha Priyadarshini

An Editor and a Tech Journalist with a software development background. I am a big fan of technology and memes. At Fossbytes, I cover all aspects of tech but my specific area of interest is Programming and Development. Drop an email if you have any software/hardware/research to share or tech-related queries!

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top