New Solutions For Zero-Day Attacks

Uploaded on 2021-02-26 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

A zero day threat is a vulnerability that developers and security researchers have known about for less than a day. In many cases, these threats are first identified by penetration testers and white hats, which gives them time to issue emergency patches.

They are usually enabled by unknown vulnerabilities and defending against zero-day attacks is one of the most fundamentally challenging security problems yet to be solved. 

Zero-day attacks continue to challenge even the strongest network security defenses. A zero-day attack path is formed when a multi- step attack contains one or more zero-day exploits. Detecting zero-day attack paths in time could enable early disclosure of zero-day threats. 

These attacks can take over a computer systems security and it can take weeks to get the systems working again. 
For instance, the WannaCry ransomware attack, which occurred in May 2017, targeted more than 200,000 Windows computers across 150 countries and caused an estimated $4 billion to $8 billion worth of damage. This adaptive machine learning-driven method was developed to address current limitations in a method to detect and respond to cyber-attacks, called moving target defense, or MTD.

Now, researchers at Penn State University have used reinforcement learning, to create an adaptive cyber defense against zero-day attacks.The team’s approach relies on reinforcement learning, which, along with supervised and unsupervised learning, is one of the three main machine learning paradigms. 

According to the researchers, reinforcement learning is a way that a decision-maker can learn to make the right choices by selecting actions that can maximise rewards by balancing exploitation, leveraging past experiences, and exploration, trying new actions. “The decision-maker learns optimal policies or actions through continuous interactions with an underlying environment, which is partially unknown,” said Peng Liu, MD Professor of Cybersecurity in the College of Information Sciences and Technology. “So, reinforcement learning is particularly well-suited to defend against zero-day attacks when critical information, the targets of the attacks and the locations of the vulnerabilities, is not available.”

Zero-day cyber attacks are among the most dangerous threats to computer systems and can cause serious and lasting damage. Due to the information asymmetry between attackers and defenders, detecting zero-day attacks remains a major challenge. Their use in cyber attacks is still at an early phase and hackers can be expected to adapt and become smarter and more effective  

TechXplore:       Research Gate:       Faronics:     NIST:        NIST:     I-HLS:    Image: Unsplash

You Might Also Read: 

Artificial Intelligence Is The Future Of Security:

 

« Social Media’s Troublesome Influence On Politics
Microsoft Releases Free Tool For Hunting SolarWinds Malware »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Infoblox

Infoblox

Infoblox solutions help businesses automate complex network control functions to reduce costs, increase security and maximize uptime.

Canadian Centre for Cyber Security (CCCS)

Canadian Centre for Cyber Security (CCCS)

The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure, the private sector and the public.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

CUIng.org

CUIng.org

The CUIng initiative was launched to tackle the problem of criminal exploitation of information hiding techniques.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

BCS Financial

BCS Financial

BCS Financial delivers financial and insurance solutions. Specialty risk products include Cyber and Privacy Liability insurance.

Cymbel

Cymbel

Cymbel provides businesses and government agencies with the tools and expertise they need to manage the most complex security and compliance challenges.

Intersec Worldwide

Intersec Worldwide

Intersec Worldwide is a boutique Information Security Firm specializing in PCI Compliance, Assessment, Remediation, Forensics, Data Breach Investigations, Incident Response and IT Managed Services.

Wise-Mon

Wise-Mon

Wise-Mon is expert in its field of network monitoring and control. We give solutions to huge organizations with tens of thousands of ports, as well as small companies with one switch.

Cyber Smart Defense

Cyber Smart Defense

Cyber Smart Defense is a specialist provider of penetration testing services and IT security audits.

Network Intelligence

Network Intelligence

Network Intelligence delivers a comprehensive suite of AI-powered cybersecurity solutions built on the ADVISE framework.

Sprint Networks

Sprint Networks

Sprint Networks is a trusted compliance and risk program advisor which deliver cost-effective technology to reduce enterprise-wide risk.

Cognyte

Cognyte

Cognyte are a market leader in security analytics software that empowers governments and enterprises with Actionable Intelligence for a safer world.

Cyber Security Authority (CSA) - Ghana

Cyber Security Authority (CSA) - Ghana

The Cyber Security Authority has been established to regulate cybersecurity activities in Ghana.

Debevoise & Plimpton

Debevoise & Plimpton

Debevoise & Plimpton LLP is a premier law firm with market-leading practices in areas including Data Strategy & Security.

Gleam Cloud Security Solutions (GCSS)

Gleam Cloud Security Solutions (GCSS)

GCSS Security is an information security firm providing cyber security protection with a highly skilled and experienced team focused on technology that creates best-in-class customer experiences.