Week 03: Reconnaisance

I found this article rather interesting for a few reasons.  Putin makes a comment that brings up a valid point, and he said something to the effect of; it doesn’t really matter who hacked the emails, what matters is the information that was made public.  I tend to agree with him.  If servants of the public (politicians) who are paid by the public and made a public oath begin to exchange emails that evidence corrupt practices then that information should be made public.  An election should be conducted on the basis of full transparency.  If the public votes then all information should be made available for the public to digest ESPECIALLY if its information pertaining to the election.

That is the foundation of free markets.  Any and all information must be made available for a market to function properly, if not the market is broken and will fail.  That is a universal truth about free markets.  So I consider whoever hacked the email that ended up getting Debbie Schultz ousted did, in fact, do a societal good.

I can foresee hacktivist groups becoming more and more prevalent as corruption becomes more and more visible, regardless of borders…

http://www.baltimoresun.com/news/maryland/politics/blog/bs-md-russia-hacking-20160908-story.html

This isn’t an article (its a scholarly paper) but I thought it would be interesting to revisit last week’s post after I had done some research.  As a refresher, last week I posted an article around machine learning algo’s being able to predict cyber intrusions and in essence learn what is a relevant attack by analyzing (a) was there misuse of the system and (b) what was the loss.  I also posited that this could potentially reduce the need for the human element with regards to IDPS system which rely on the human element.

Last week I went back to work and asked the team working on such algo’s and I’ve learned a few things from them; (1) the algorithm uses statistical ensembles, which is essentially a mathematical physics solution that provides probability distribution for a set a systems and their properties and (2) on top of the statistical ensemble they use partition functions which essentially describe the statistical properties and their equilibrium in the set of systems.  I find this fascinating because the Black-Scholes Model for asset pricing also uses physics equations.

Essentially the algorithm is instructed to (1) map all possible states of equilibrium for the set of systems and its characteristics, (2) if there is any variance outside of those designated equilibrium states to then investigate and use partition functions to map the characteristics.  Here is where the learning comes into play, using ANN or a type of machine learning/information intelligence – the algo will use the historical series, multi-correlation regression and time series to build prediction models.  As the size and complexity of the system(s) grows the models change and the machine “learns” and its learning tasks grow.  The system is no fluid and as more inputs are placed into the ANN the more accurate and reliable the output, thus improving the ANN’s generalization ability.  One should keep in mind the paper points to certain flaws in a single network ANN as such the instructions (algo) fed to the ANN which dictates how it behaves is based on an ensemble (which consists of multiple systems).

The paper details results of such an ANN employed at the database level and is referred to as, a “statistical database anomaly prediction system.”  The results were “[the system] has been presented to learn previously observed user behavior in order to prevent future intrusions in database systems…”

The idea of a prediction system that can learn the behavior of agents is fascinating.  This could be a paradigmatic shift in the field.  As Professor Mackey said though, these ANN’s aren’t placed in operation, rather they’re still being researched and tested.

What makes me think it has the possibility to disrupt the demand for the human element?  This stems out of economics, and the reality of the production function or the relation between economic inputs and outputs.

(Q) is a function of L (labor), K (human capital / capital), M (raw material) and T (technology)

It is the basis of microeconomics that where this is a macro increase or change in technology the short run micro-utility (or the value society gets from the introduction of that new technology is diminished then rise exponentially to a point then slows at an increasing rate).  I’ll provide two good examples…

(1) In the cockpit of a commercial passenger air plane there used to be three people, a pilot, co-pilot and engineer, since we started transporting people in the air that was the way of the world.  As technology grew and the cockpit instruments became more sophisticated, the need for the engineer in the cockpit decreased.  Today there is only two people in the cockpit, the pilot and co-pilot.  The system replaced the engineer, the job of airline instruments engineer does not exist today, the system tracks and re-calibrates the instruments used during flight.

(2) E-ZPass, we’re witnessing this phase out.

It would be prudent to believe that this type of machine learning and anomaly prediction system would replace at least one human in the field once implemented.

 

Article:

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.98.7461&rep=rep1&type=pdf

 

PS:  I used many articles during my research and have them in an email if anyone is interested.

 

 

According to researchers at Israel’s Ben-Gurion University, they have discovered a way to disable the emergency system across an entire state for an extended period using a telephony denial of service (TDoS) attack targeting 911 call centers. Since 1968, the emergency infrastructure relies on routing and connecting 911 calls to nearby public call centers, known as public safety answering points (PSAP). However, a hacker could cause mobile phones to call 911 automatically without a user’s knowledge, essentially clogging up the PSAP’s queues and preventing legitimate callers from reaching the service. Discussing possible solution to prevent or minimize the impact of possible attack, researchers said a mandatory “call firewall” could be implemented to identify and block DDoS activities. Another solution would have PSAPs implement “Priority Queues” that would priories callers with more reliable identifiers when connecting someone to a call-taker. However, the biggest issue lies in the current regulations set in place by the FCC.

 

I found this article interesting because these researchers discovered the issue before the loss happens. It might save millions of lives. Even hackers don’t attack every 911 call centers, if he/she is a criminal who kidnap a person, he/she can attack the nearest center to prevent victim to contact 911. The author also gives explanation of DDos, hackers attempt to overload a website’s connections by sending in data requests from multiple sources. Making a DDoS attack-known as “dosing”-is relatively simple. Botnets are available to hire on websites not reachable via dark web. Therefore, I hope FCC can pay enough attention on this and fix it as soon as possible.

 

Link: http://www.ibtimes.co.uk/us-911-emergency-phone-system-vulnerable-ddos-attacks-say-researchers-1580674

From iOS and OS X security issues that forced Apple to push out an important update this past week, to this vulnerability in both Windows and OS X, goes to show how hackers keep expanding their arsenal everyday. In this article a simple USB stick can be inserted into a computer (even when locked) and will mount onto the computer obtaining the password within seconds and unmount. The way it works is when the USB stick is plugged in it starts up a DHCP server which is recognized by the computer as an Ethernet adapter. This then monitors traffic and since it is considered a local network it is trusted. The authentication services are then able to put the password on the USB key which can then later be deciphered.

Article Link
https://www.engadget.com/2016/09/08/usb-device-pc-login-theft/

Video Link:
https://www.youtube.com/watch?v=Oplubg5q7ao