Socio-Cultural Modeling for Cyber Threat Actors

AAAI Conferences

In this paper we describe the unique challenges to the important problem of socio-cultural modeling of cyber-threat actors and why they necessitate further advances in artificial intelligence – particularly with regard to interdisciplinary efforts with the social sciences.

FairJudge: Trustworthy User Prediction in Rating Platforms Machine Learning

Rating platforms enable large-scale collection of user opinion about items (products, other users, etc.). However, many untrustworthy users give fraudulent ratings for excessive monetary gains. In the paper, we present FairJudge, a system to identify such fraudulent users. We propose three metrics: (i) the fairness of a user that quantifies how trustworthy the user is in rating the products, (ii) the reliability of a rating that measures how reliable the rating is, and (iii) the goodness of a product that measures the quality of the product. Intuitively, a user is fair if it provides reliable ratings that are close to the goodness of the product. We formulate a mutually recursive definition of these metrics, and further address cold start problems and incorporate behavioral properties of users and products in the formulation. We propose an iterative algorithm, FairJudge, to predict the values of the three metrics. We prove that FairJudge is guaranteed to converge in a bounded number of iterations, with linear time complexity. By conducting five different experiments on five rating platforms, we show that FairJudge significantly outperforms nine existing algorithms in predicting fair and unfair users. We reported the 100 most unfair users in the Flipkart network to their review fraud investigators, and 80 users were correctly identified (80% accuracy). The FairJudge algorithm is already being deployed at Flipkart.

The New Wave of Automated Cyber Attacks


From big players to small and midsize businesses, every organization has faced the impact of cyber threats at some point. But, the new generation of automated cyber attacks will affect multiple businesses to an unimaginable extent. With the onset of the digital age, going online became a necessity for every business. Most business processes, data storage, and data exchange are now handled digitally. Data has become such a significant asset that companies have started monetizing their data.

Machine Learning for Cybercriminals


Machine learning (ML) is taking cybersecurity by storm nowadays as well as other tech fields. In the past year, there has been ample information on the use of machine learning in both defense and attacks. While the defense was covered in most articles (I recommend reading "The Truth about Machine Learning in Cybersecurity"), Machine Learning for Cybercriminals seems to be overshadowed and not unanimous.

Windows Defender ATP machine learning: Detecting new and unusual breach activity


Microsoft has been investing heavily in next-generation security technologies. These technologies use our ability to consolidate large sets of data and build intelligent systems that learn from that data. These machine learning (ML) systems flag and surface threats that would otherwise remain unnoticed amidst the continuous hum of billions of normal events and the inability of first-generation sensors to react to unfamiliar and subtle stimuli. By augmenting expert human analysis, machine learning has driven an antimalware evolution within Windows Defender Antivirus, providing close to real-time detection of unknown, highly polymorphic malware. At the same time, machine learning has also enhanced how Windows Defender Advanced Threat Protection (Windows Defender ATP) is catching advanced attacks, including apex attacker activities that typically reside only in memory or are camouflaged as events triggered by common tools and everyday applications.