DeepPhish: Simulating Malicious AI

Presented at Black Hat Europe 2018, Dec. 5, 2018, 11:45 a.m. (50 minutes).

<p dir="ltr"><span>91% of cybercrimes and attacks start with a phishing email. This means that cyber security researchers must focus on detecting phishing in all of its settings and uses. However, they face many challenges as they go up against sophisticated and intelligent attackers. As a result, they must use cutting-edge Machine Learning and Artificial Intelligence techniques to combat existing and emerging criminal tactics.</span></p><p dir="ltr"><span>Encryption is a tool that is widely used across the internet to secure legitimate communications, but is now being used by cybercriminals to hide<br>their messages and carry out successful malware and phishing attacks while avoiding detection. Further aiding criminals is the fact that web browsers display a green lock symbol in the URL bar when a connection to a website is encrypted, creating false security in users who are more likely to enter their personal information into the page. The rise of attacks using encrypted sites means that information security researchers must explore new techniques to detect, classify, and take countermeasures against criminal traffic. So far, there is no standard approach for detecting malicious TLS certificates in the wild. Cyxtera researchers proposed a method for identifying malicious web certificates using deep neural networks and the content of TLS certificates to successfully identify malware certificates with an accuracy of 95 percent.</span></p><p dir="ltr"><span>In addition to combating existing attacks, researchers must focus on future of fraud. As Artificial Intelligence and Machine Learning become crucial to cyber security, criminals will undoubtedly begin to harness these powerful tools to enhance their attacks. Cyxtera researchers created an algorithm called DeepPhish to simulate the results of the weaponization of AI by real life cybercriminals, and came to the staggering conclusion that intelligent algorithms could increase their attack success by up to 3000%.</span></p>

Presenters:

  • Alejandro Correa Bahnsen - Vice President of Research, Cyxtera Technologies
    Dr. Alejandro Correa Bahnsen is the VP of Research at Cyxtera Technologies. With a passion for machine learning, he considers himself a technology evangelist of data science. He has more than a decade of experience applying the use and development of predictive models to real-world issues such as cyber security, human resources analytics, credit scoring, churn modeling, and direct marketing. In addition to advising the Cyxtera's executive team and customers on unique cyber security challenges, Alejandro manages the data science team, tests big data processing engines and researches the application of deep learning on cyber security. He also creates and develops machine learning algorithms related to phishing detection, user identification and malware prevention. He is constantly improving Cyxtera's products with data science and artificial intelligence capabilities. Alejandro holds a PhD in Machine Learning and Pattern Recognition from Luxembourg University. He has published over 15 academic and industrial papers in noteworthy peer-reviewed publications. He also taught the following subjects on a university level: econometrics, financial risk management, machine learning and natural language processing. Moreover, he is an active contributor to several open source projects such as scikit-learn and costcla.

Links:

Similar Presentations: