If Birhanu Eshete had not become a computer science professor, he says detective work may have suited him. It's easy to see why. During a visiting doctoral research stint at the University of Illinois-Chicago, he found himself enjoying a sophisticated virtual game of cybercriminal cat and mouse, in which he got to be both cat and mouse. His charge involved investigating some of the internet’s most popular and destructive "exploit kits" — prepackaged malicious software developed by sophisticated hackers that they sell to less-sophisticated hackers. Typically, the latter are straight-up scammers, who deploy the kits on websites in order to steal people’s personal information — and, in turn, money. They aren’t necessarily after government secrets, but these armchair hackers still cause hundreds of millions of dollars in damage every year.
Studying such exploit kits, however, can prove to be a tricky enterprise. Given that they’re bought and sold in the dark corners of the internet, even acquiring them is difficult. For Eshete’s work, he got access to a goldmine of 40 different popular families of real exploit kits through his faculty advisor, who had connections to colleagues who work in law enforcement. Some, he says, were obtained via undercover work. With that kind of intense access, he spent months deploying his own virtual attacks under controlled conditions — learning how the kits worked, and more importantly, what made them vulnerable.
The work had some major payoffs. First, he developed a fingerprint system that could sniff out and identify various exploit kits across the internet. He then built on that work, creating a prepackaged toolkit of his own for law enforcement. Using it, investigators could simply “fire a bullet” at exploit kit websites in order to infiltrate them or take them down. He can’t say for sure that his team’s work played a role in what happened next, but soon after, activity from kits he targeted dropped considerably across the internet. The software is still in use today.
Cat and mouse may be the typical metaphor used to describe the nature of cybersecurity, but Eshete prefers a more apt one: “arms race.” It better captures the continuous bar-raising that’s inherent to the work, in which there is never a definitive victory over a bad guy. Rather, malicious parties are always adjusting their attack strategies based on your latest defense, which, in turn, triggers you to rethink your defense, and subsequently them to change their line of attack. And so on forever.
The geopolitical dimensions of the metaphor are also apropos, especially in the high-stakes sphere that occupies Eshete today. The field of nation-state attacks is indeed a different beast, defined by campaigns that develop stealthily over years, involve “armies” of people and are funded directly or indirectly by nation-state actors. The end game, too, isn’t simple grifting; it’s about stealing government secrets, disrupting economies, waging information warfare and compromising elections.
“As an attacker, my goal is to infiltrate a system and stay there for a very long period of time — without being discovered,” Eshete says, describing how these sophisticated campaigns work. “The first stage is often to get access to a single machine in a network. The next stages involve exploring what I can do. Can I move to other parts of the network? Can I escalate my network privileges? More importantly, can I gather valuable information to exfiltrate from the network? And while I’m doing all this, I’m carefully erasing any trace that I’ve been there.”
This activity, however, provides the seeds of a defense. Eshete says by monitoring, in real-time, all the activity of machines on a network, you can potentially identify telltale markers of nation-state attacks once they’re underway. So-called “transparent computing” is the heart of a Department of Defense-funded project that Eshete completed recently. There, he worked on a team that built large-scale graph analytics and machine learning-based recognition systems capable of sorting millions of routine activities from the potentially suspect stuff. “It’s the classic needle in a haystack problem, because more than 99 percent of what happens on a computer is totally benign,” Eshete says. Still, when a different division of their team deployed nation state-style attacks on their networks, their systems were able to reliably detect the needles.
It’s promising work. But in the cybersecurity arms race, where no victory is ever total, Eshete says they’re already discovering new vulnerabilities. In particular, computer scientists are learning just how susceptible machine learning itself is to attack. Fooling an algorithm — whose intelligence is rooted in learning from past examples and sorting things into categories — turns out to be easier than building fool-proof algorithms. Attackers can, for example, make simple tweaks to their code that leaves their cyber-weaponry fully functional, but undetectable to a machine learning-based recognition system that’s never seen it before. Or in a more complex attack, the bad guys feed an algorithm examples intended to slowly move its “decision boundary” — the heart of its intelligence — in favor of a malicious intent. In that case, a comprised algorithm in an autonomous vehicle might mistake a red light for green. In healthcare, algorithms guiding physicians’ detection of skin cancers could make the wrong call.
In a new ironic twist, Eshete says attackers are even deploying machine learning to defeat machine learning-based defenses. “In the world of artificial intelligence, you often hear people talk about the ‘summer’ and the ‘winter’ of A.I.,” he says. “Well, we’re now in summer; recent advances in A.I., especially in deep learning, are helping us do all these incredible things, like machine translation and medical imaging. But as we’re starting to see, an A.I. system can also be the target of attacks, or weaponized towards attack mechanization. That’s the winter.”
It may be optimistic to think that summer can last forever. Eshete’s job, as it always is, is to keep raising the bar, so that if and when winter does come, it’s at least followed by the promise of spring.