Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Security Software The Internet

Future Hack: New Cybersecurity Tool Predicts Breaches Before They Happen 33

Posted by Soulskill
from the do-androids-dream-of-electric-wolves? dept.
An anonymous reader writes: A new research paper (PDF) outlines security software that scans and scrapes web sites (past and present) to identify patterms leading up to a security breach. It then accurately predicts what websites will be hacked in the future. The tool has an accuracy of up to 66%. Quoting: "The algorithm is designed to automatically detect whether a Web server is likely to become malicious in the future by analyzing a wide array of the site's characteristics: For example, what software does the server run? What keywords are present? How are the Web pages structured? If your website has a whole lot in common with another website that ended up hacked, the classifier will predict a gloomy future. The classifier itself always updates and evolves, the researchers wrote. It can 'quickly adapt to emerging threats.'"
This discussion has been archived. No new comments can be posted.

Future Hack: New Cybersecurity Tool Predicts Breaches Before They Happen

Comments Filter:
  • Precrime Division has had it for years.

  • Given enough time all of the sites on the Internet will eventually be hacked?

    • by mark-t (151149)
      Not necessarily true.... somes sites on the internet are not of general interest to enough people to ever draw the attention of somebody who might even want to hack it.
      • by bloodhawk (813939)

        a large percentage of attacks are performed by automated tools searching for targets. They don't give a shit if the site is of huge interest or your Granny's blog talking about how cute her poodle is. check your logs, even your home computers will be receiving regular port scans, and knocks on various ports/protocols to see if there is anything to attack.

    • Exception:
      My ancient and long-dead first domain/site ever had never got hacked, and it never will: I shuttered it in 2001 (-ish) when I sold the domain name (spark.org). ;)

    • You seem to be assuming that being an HTTP server implies having security holes.
  • by raymorris (2726007) on Thursday August 21, 2014 @05:10PM (#47724371)

    I see of the top "features" they identified, mostly is just various tags that mean Wordpress is in use. So they learned that Wordpress sites tend to get hacked. Duh. The Wordpress team isn't interested in security. I demonstrated an exploit for a serious vulnerability in Wordpress and submitted it to their bug tracker. For two years it sat, with one WP developer saying "it can't be exploited" - even though I attached an exploit directly to the tracker issue. Two years later, the vulnerability was added to a 'sploit kit and thousands of sites were compromised over the course of just a few days. That's when WP finally got around to patcing the clear and significant vulnerability.

    I see TFA claims "66% accuracy". "All sites will be hacked at some point" is about 50% accurate. I bet we could have 66% accuracy simply by saying "sites running PHP 5.2 or below will be hacked."

  • by mythosaz (572040) on Thursday August 21, 2014 @05:14PM (#47724409)

    That's like a 16% improvement over the quarter I flip...

  • by gweihir (88907) on Thursday August 21, 2014 @06:10PM (#47724701)

    I can predict for most sites that they will be hacked eventually, because they do not have anything resembling a secure set-up. But predicting when? That is impossible. Likely this tool gets even its pathetic 66% only dues to cherry-picked test data (also known as "lying" in scientific circles).

    • by iiii (541004)

      My algorithm does better than 66% and I'm open sourcing it right here...
      (Predicts whether site will be hacked between now and the destruction of earth)

      public boolean willSiteBeHacked(Vector whateverYouFeelLike) {
              return true;
      }

      You can't disprove my claim.

      • I'm pretty sure your algorithm would be worse than 50%. It basically amounts to "which even comes first? A) site gets hacked or b) site gets taken down."

        I think more sites get taken down every day than get hacked.

  • 66% = "could happen."

  • 100% chance it will be hacked and used as a launching point for EVARYTHANG!!!
  • Is there a page somewhere where I can query the results to see how my own site goes?
  • 66% of all websites get hacked. So if you predict EVERY website will get hacked, you'll be right 66% of the time.
    • Wouldn't it just be easier to aggregate information from social media sites using a weighted system. Just put 4Chan at the top of the weighting, with Facebook next and use separate weighting scales for positive versus negative mention counts. Both are valid predictors, so it should work and get closer.

      I'm glad one of my side jobs is setting up IPS / IDP and similar security on firewalls. I'll never be thirsting for work.
  • New cyber security tool doesn't work!
  • I was really surprised to read this article. It uses a similar approach to some research I am doing in self-healing systems. The central premise is that by monitoring feature behaviours and then autonomously classifying the state of the system/website using high-level operational validation tests, it's possible to identify the source of faults in front-end systems: http://cs203.host.cs.st-andrew... [st-andrews.ac.uk]. Our results show a much higher degree of accuracy than the one mentioned though--averaging 90%+--even in noi
    • by cs2501x (1979712)
      Ah, and if anyone is interested the paper will be presented at the 11th IEEE International Conference and Workshops on the Engineering of Autonomic & Autonomous Systems in Laurel, Maryland. So it has been vetted, etc--it's open source, and the results are publicly available as well. Venue information is here: http://tab.computer.org/aas/ea... [computer.org]
  • So in other words it could be 0% accurate...

"No job too big; no fee too big!" -- Dr. Peter Venkman, "Ghost-busters"

Working...