PNNL’s Shadow Figment Technology Foils Cyberattacks

Scientists have created a cybersecurity technology called Shadow Figment that is designed to lure hackers into an artificial world, then stop them from doing damage by feeding them illusory tidbits of success. The technology is aimed at protecting physical targets—infrastructure such as buildings, the electric grid, and water and sewage systems.

Machine learning algorithm may be the key to timely, inexpensive cyber-defense

Attacks on vulnerable computer networks and cyber-infrastructure — often called zero-day attacks — can quickly overwhelm traditional defenses, resulting in billions of dollars of damage and requiring weeks of manual patching work to shore up the systems after the intrusion. Now, a Penn State-led team of researchers used a machine learning approach, based on a technique known as reinforcement learning, to create an adaptive cyber defense against these attacks.

UAH professors get $500,000 NSF grant to better protect privacy of solid-state drive data

The National Science Foundation has awarded a pair of professors at The University of Alabama in Huntsville (UAH), a part of the University of Alabama System, a nearly $500,000, three-year grant to develop a better way to wipe data from the solid-state drives (SSDs).

Tandon team shines light on roiling market for stolen debit and credit cards

Damon McCoy and colleagues at the NYU Tandon School of Engineering analyzed multi-year data extracted from BriansClub, an underground bazaar for buying stolen and leaked credit card information. Among findings were that chip-enabled cards are no guarantee of security if owners still swipe the stripe: 85% of the stolen magnetic stripe data originated from EMV chip-enabled cards.

University of Texas at Dallas Computer Scientists’ New Tool Fools Hackers into Sharing Keys for Better Cybersecurity

Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them.

The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.