Sorry, no posts matched your criteria.
DGA-based botnet uses algorithmically generates command and control (C&C) server domain names. Potentially billions of devices are prone to a botnet and various malware/ransomware infections. Recent news from Microsoft [1] emphasizes the importance of tackling the DGA problem: ZLoader is run by a global internet-based organized crime gang operating malware as a service designed to steal and extort money and is made up of computing devices around the world. Zloader contains a DGA embedded within the malware.
To defend against DGA, robust artificial intelligence (AI)-based cybersecurity defense systems are required. However, modern AI advances are characterized by massive datasets, such as crowdsourced from open-source intelligence (OSINT), that are impractical to clean/monitor. For example, when a cybersecurity analyst notices network traffic anomalies (very high frequencies) coming to/from a suspicious IP address, they may use OSINT (such as https://bgp.he.net ) to investigate whether this IP is benign or malicious. Then, they may conclude that this IP is dangerous and need to be blocked in the network firewall appliances. This process of cybersecurity decision-making is typically conducted manually. Therefore, automation to reduce manual intervention in cybersecurity decision-making is needed.
Hatma Suryotrisongko and professors from Kumamoto University, Japan, in their IEEE-Access journal paper [2], present a novel idea of combining eXplainable AI (XAI) and OSINT. In AI-based DGA detection, OSINT data become a second opinion (or validation) for unknown DGA domain names. Thus, we achieved cybersecurity decision-making automation. When no information in the OSINT database exists regarding a suspected domain name, security analysts can still make a fair decision by referencing the explanations produced by XAI techniques.
Quantum computing is emerging research with the potential to dramatically change the current world paradigm in computation. Quantum machine learning (QML) is the adoption of quantum computing in AI/machine learning (ML) research and applications, as quantum computational power can bring advantages to various AI/ML tasks. There are three approaches to QML algorithms: First, QML algorithms which are the quantum versions of conventional ML algorithms; Second, the quantum-inspired ML algorithms that use the principles of quantum computing to improve classical methods of ML algorithms; Third, the hybrid quantum-classical ML which combine quantum algorithms and classical ML algorithms with improving performance.
Hatma also studied the hybrid approach of the deep learning algorithm combined with the quantum computing approach [3]. Hatma and his colleagues in the Cybersecurity and Smart City Laboratory (Information Technology Department, Faculty of Intelligent Electrical and Informatics Technology, Institut Teknologi Sepuluh Nopember) are eager to join research and collaboration with researchers/professors from other universities. He can be reached at hatma [at] is [dot] its.ac.id
[1] https://blogs.microsoft.com/on-the-issues/2022/04/13/zloader-botnet-disrupted-malware-ukraine/ [2] https://ieeexplore.ieee.org/document/9743448 [3] https://inass.org/wp-content/uploads/2022/01/2022063018-2.pdf