My personal blog on machine learning, cybersecurity and AI
Seeing the signature green padlock and “https” in the browser bar means one thing for most internet users: safety. However, is this sense of security justified? The short answer is a loud, resounding, no! To start, let’s define what “https” really means: that the website being accessed is encrypted, and all information sent through the site is protected by... Continue Reading →
Recently we presented a research paper on the malicious usage of AI by cyber attackers. Here the abstract, slides a link to the paper. Machine Learning and Artificial Intelligence have become essential to any effective cyber security and defense strategy against unknown attacks. In the battle against cybercriminals, AI-enhanced detection systems are markedly more accurate... Continue Reading →
Long ago, the introduction of the internet moved crime from physical to digital locations, where anti-fraud actors play a high-stakes game of detection and prevention, always working to stay one step ahead of fraudsters. The battles of modern-day cybercrime follow the same pattern, with one major difference – cybercriminals are far more sophisticated than they... Continue Reading →
In a recent research paper, we showed how we are able to detect with a high level of accuracy if a website is a phish just by looking at the URL. This post lays out in greater detail how, by using a deep recurrent neural network, we’re able to accurately classify more than 98 percent... Continue Reading →
Machine learning models are often dismissed on the grounds of lack of interpretability. There is a popular story about modern algorithms that goes as follows: Simple linear statistical models such as logistic regression yield to interpretable models. On the other hand, advanced models such as random forest or deep neural networks are black boxes, meaning... Continue Reading →
Phishing, by definition, is the act of defrauding an online user and tricking them into clicking on a malicious link in order to obtain personal information by posing as a trustworthy institution or entity. That is why users have a hard time differentiating between a legitimate and a malicious site. Although one might think the... Continue Reading →
First, let’s quickly review the clusters we built to understand phishing attacks. Using data we collected over the course of a year spent tracking and taking down phishing cases for a major U.S. financial institution, we extracted features from four categories: similarity analysis, structure analysis, phishing visitors tracking and domain registration. Then, using the expectation-maximization... Continue Reading →
In a recent report we showed how we are able to gain better understanding of phishing attacks and attackers by using cluster analysis. This post lays out in greater detail how to create those clusters by examining the features and methods used.For the study, we used the data collected over the course of more than a year... Continue Reading →
