(Press-News.org) RICHLAND, Wash.--Scientists have created a cybersecurity technology called Shadow Figment that is designed to lure hackers into an artificial world, then stop them from doing damage by feeding them illusory tidbits of success.
The aim is to sequester bad actors by captivating them with an attractive--but imaginary--world.
The technology is aimed at protecting physical targets--infrastructure such as buildings, the electric grid, water and sewage systems, and even pipelines. The technology was developed by scientists at the U.S. Department of Energy's Pacific Northwest National Laboratory.
The starting point for Shadow Figment is an oft-deployed technology called a honeypot--something attractive to lure an attacker, perhaps a desirable target with the appearance of easy access.
But while most honeypots are used to lure attackers and study their methods, Shadow Figment goes much further. The technology uses artificial intelligence to deploy elaborate deception to keep attackers engaged in a pretend world--the figment--that mirrors the real world. The decoy interacts with users in real time, responding in realistic ways to commands.
"Our intention is to make interactions seem realistic, so that if someone is interacting with our decoy, we keep them involved, giving our defenders extra time to respond," said Thomas Edgar, a PNNL cybersecurity researcher who led the development of Shadow Figment.
Exploiting attackers' "success"
The system rewards hackers with false signals of success, keeping them occupied while defenders learn about the attackers' methods and take actions to protect the real system.
The credibility of the deception relies on a machine learning program that learns from observing the real-world system where it is installed. The program responds to an attack by sending signals that illustrate that the system under attack is responding in plausible ways. This "model-driven dynamic deception" is much more realistic than a static decoy, a more common tool that is quickly recognized by experienced cyberattackers.
Shadow Figment spans two worlds that years ago were independent but are now intertwined: the cyber world and the physical world, with elaborate structures that rely on complex industrial control systems. Such systems are more often in the crosshairs of hackers than ever before. Examples include the takedown of large portions of the electric grid in the Ukraine in 2015, an attack on a Florida water supply earlier this year, and the recent hacking of the Colonial pipeline that affected gasoline supplies along the East Coast.
Physical systems are so complex and immense that the number of potential targets--valves, controls, pumps, sensors, chillers and so on--is boundless. Thousands of devices work in concert to bring us uninterrupted electricity, clean water and comfortable working conditions. False readings fed into a system maliciously could cause electricity to shut down. They could drive up the temperature in a building to uncomfortable or unsafe levels, or change the concentration of chemicals added to a water supply.
Shadow Figment creates interactive clones of such system in all their complexity, in ways that experienced operators and cyber criminals would expect. For example, if a hacker turns off a fan in a server room in the artificial world, Shadow Figment responds by signaling that air movement has slowed and the temperature is rising. If a hacker changes a setting to a water boiler, the system adjusts the water flow rate accordingly.
Shadow Figment: undermining ill intent
The intent is to distract bad actors from the real control systems, to funnel them into an artificial system where their actions have no impact.
"We're buying time so the defenders can take action to stop bad things from happening," Edgar said. "Even a few minutes is sometimes all you need to stop an attack. But Shadow Figment needs to be one piece of a broader program of cybersecurity defense. There is no one solution that is a magic bullet."
PNNL has applied for a patent on the technology, which has been licensed to Attivo Networks. Shadow Figment is one of five cybersecurity technologies created by PNNL and packaged together in a suite called PACiFiC.
"The development of Shadow Figments is yet another example of how PNNL scientists are focused on protecting the nation's critical assets and infrastructure," said Kannan Krishnaswami, a commercialization manager at PNNL. "This cybersecurity tool has far-reaching applications in government and private sectors--from city municipalities, to utilities, to banking institutions, manufacturing, and even health providers."
"The development of Shadow Figment illustrates how PNNL technology makes a difference in so many lives," said Kannan Krishnaswami, a commercialization manager at PNNL. "The Laboratory's research provides protection against an array of threats, including cyberattacks."
INFORMATION:
The team's most recent results were published in the spring issue of the Journal of Information Warfare.
Edgar's colleagues on the project include William Hofer, Juan Brandi-Lozano, Garrett Seppala, Katy Nowak and Draguna Vrabie. The work was funded by PNNL and by DOE's Office of Technology Transitions.
A new study from North Carolina State University found that certain types of messages could influence how people perceive information about the spread of diseases from wildlife to humans.
The researchers say the findings, published in the journal Frontiers in Communication, could help scientists, policymakers and others more effectively communicate with diverse audiences about zoonotic diseases and the role of wildlife management in preventing them from spreading to people. Zoonotic diseases are diseases that originate in wildlife and become infectious to people.
"If we want to prevent ...
A new global review has found that receiving Opioid Agonist Therapy (OAT) is associated with lower risk of multiple causes of death among people with opioid dependence.
The review found that people with opioid dependence were less likely to experience overdose-related, suicide, alcohol-related, cancer, and cardiovascular-related mortality while receiving OAT.
Researchers from the National Drug and Alcohol Research Centre (NDARC) at UNSW Sydney, University of Bristol and several other global institutions reviewed the relationship between OAT and mortality across type of drug, setting and participant groups from over 700,000 participants, which is six times the number of any other previous review.
The review found that mortality risk ...
Spiders avoid building webs near European fire ants, their natural predators, by sensing the chemicals they give off in the environment, Simon Fraser University researchers have found.
The findings, published recently in Royal Society Open Science, give us a peek inside the enduring struggle between spiders and ants, and could lead to the development of natural repellents for homeowners worried about unwanted eight-legged guests.
Many ants prey on spiders, suggesting that web-building spiders may avoid locations near ant colonies or frequented by foraging ...
The future of electronic displays will be thin, flexible and durable. One barrier to this, however, is that one of the most widely used transparent conductors for electronic displays--indium tin oxide (ITO)--doesn't perform as well on larger areas and can crack and break down with wear. Indium is also a rare earth mineral, which is relatively scarce, and the process to create ITO requires high energy consumption and expensive equipment.
One emerging alternative is metal "microgrid" conductors. These microgrids can be customized to their application by varying the microgrid width, pitch and thickness, and they can be made with a variety of metals.
New research from the University of Pittsburgh Swanson School of Engineering ...
Researchers have demonstrated "giant flexoelectricity" in soft elastomers that could improve robot movement range and make self-powered pacemakers a real possibility. In a paper published this month in the Proceedings of the National Academy of Sciences, scientists from the University of Houston and Air Force Research Laboratory explain how to engineer ostensibly ordinary substances like silicone rubber into an electric powerhouse.
What do the following have in common: a self-powered implanted medical device, a soft human-like robot and how we hear sound? The answer as to why these two disparate technologies and biological phenomena ...
SMU Office of Research & Tech Transfer - Whether they are in the technology or oil sector, selling shoes or healthcare products, for many companies, green is the new black. While maximising profit might have been the sole priority for most businesses a decade ago, these days it is common for mission-oriented companies to pursue the 'triple bottom line' of people, planet and profit, particularly through corporate social responsibility (CSR) efforts.
While such efforts are commendable, some investors remain primarily concerned about whether firms can do well by doing good; in other words, whether CSR actually can increase a company's value. For instance, CSR activities could enhance brand image and improve customer loyalty, or even make it easier to attract and retain talent, leading to ...
ABERDEEN PROVING GROUND, Md. - A new formula from Army scientists is leading to new insights on how to build an energy-efficient legged teammate for dismounted warfighters.
In a recent peer-reviewed PLOS One paper, the U.S. Army Combat Capabilities Development Command, known as DEVCOM, Army Research Laboratory's Drs. Alexander Kott, Sean Gart and Jason Pusey offer new insights on building autonomous military robotic legged platforms to operate as efficiently as any other ground mobile systems.
Its use could lead to potentially important changes to Army vehicle development. Scientists said they may not know exactly why legged, wheeled and tracked ...
BROOKLYN, New York, Wednesday, June 2, 2021 - Perovskite solar cells have progressed in recent years with rapid increases in power conversion efficiency (from 3% in 2006 to 25.5% today), making them more competitive with silicon-based photovoltaic cells. However, a number of challenges remain before they can become a competitive commercial technology.
Now a team at the END ...
The organization of the human genome relies on physics of different states of matter - such as liquid and solid - a team of scientists has discovered. The findings, which reveal how the physical nature of the genome changes as cells transform to serve specific functions, point to new ways to potentially better understand disease and to create improved therapies for cancer and genetic disorders.
The genome is the library of genetic information essential for life. Each cell contains the entire library, yet it uses only part of this information. Special types of cells, such ...
SMU Office of Research & Tech Transfer - Short selling often gets a bad rap because it is a type of trade that bets against the success of a firm. In essence, short selling allows investors to borrow stock from a broker to sell into the market with the hope of buying the stock back at a cheaper price, thus, profiting on the difference between the sell and buy prices. Because of this practice, short selling is sometimes seen as a controversial tactic.
Furthermore, speculative short selling attacks are concerning as it can put downward pressure on ...
