ALL >> Computers >> View Article
How Chicken Eyes Taught Us To Detect Cloud Security Breaches
A fascinating scientific discovery
There was a fascinating discovery last month on a new state of matter never before seen in biology in, of all places, the eyes of chicken – a state of “disordered hyperuniformity”. This arrangement of particles in the chicken’s eyes appears disorganized over small distances but has a hidden order that allows material to behave like both a crystal and a liquid. Eyes of other animals have cones arranged in a discernable pattern; insects for example, have cones in a hexagonal scheme.
The fundamental characteristic of this state of matter is that they exhibit order over long distances but disorder over short distances.
This is what disordered hyperuniformity looks like
Take a look at the diagram below. This diagram depicts the spatial distribution of the five types of light-sensitive cells known as cones in the chicken retina (Image courtesy of Joseph Corbo and Timothy Lau, Washington University in St. Louis). Each type of cone is has an “exclusion region” that excludes other similar cones, and due to different sizes of cones these exclusion ...
... regions seem random but, in reality, cones have a hyper-uniform structure. For example, cones of a particular type arrange in a triangular formation with each other due to their exclusion regions.
Reading this, inspired me to draw a parallel to the analytics work we do at Skyhigh Networks in the field of Cloud Security where we analyze enterprise access events to discern patterns that indicate insider threats and security breaches by determining what normal access patterns look like and weeding those out. Finally….I think we have a single term to describe what we are looking for in terabytes of daily cloud access data we analyze – we are looking for deviations from “disordered hyperuniformity”.
Dare I say, security is in the [chicken] eyes of the beholder!
There is no dearth of headlines on enterprise data breaches, usually via advanced persistent threats that exfiltrate data over extended periods of time – including at technology companies like Adobe, and more recently at many retailers including Target and Neiman Marcus. In all these cases signals of anomalous activity existed but was lost in a sea of otherwise harmless access log data. Security analysts in enterprises are faced with a problem that big data has compounded even further – that of a deluge of data. The signals of nefarious activities are invariably lost in the tera- and peta- bytes of daily logs that are routinely collected.
Check out disordered hyperuniformaity applied to cloud analytics
Security analysts tasked with weeding out good actors (the majority of who fall into this pattern of disordered hyperuniformity) from the bad actors look for anomalies using behavioral and statistical anomaly detection techniques. For example, the below snapshots of a few minutes of access patterns (each dot representing a user access to a high/medium/low risk service) from a large enterprise repeats itself over very large time scales.. Techniques including both behavioral and statistical approaches are used to analyze this time series data for strong correlations indicating expected behavioral patterns.
These techniques are meant to efficiently bubble-up actors whose traffic patterns deviate from the norm. Codifying what is the “norm” is challenging due to variations in real time access patterns that invariably appear disordered. Hence, a macro-view that, for example, looks at logical Service chaining, category & risk of Services, user groups, etc. lends itself to more natural clustering of access patterns that make it easier to discern behavioral outliers. Using these techniques we at Skyhigh have found data exfiltration attempts using twitter, scans of cloud storage services for use as drop zones, command & control interactions from popular Infrastructure-as-a-Service providers, watering hole attacks from tracking services, and backdoor attacks from code hosting Services, to name a few.
Author :
Adam Chriss, a proud contributing author and a freelance writer with interests in various subjects and writes articles on several subjects including Cloud Technology, Cloud Security, Cloud Data Security, Data Loss Prevention Software etc,.
Add Comment
Computers Articles
1. Few Good Insights To Follow With Pc Gaming In Australia!Author: Jack Williams
2. Transform Your Online Store With Australia's Leading Ecommerce Developers
Author: themerchantbuddy
3. How To Choose The Right Technology For Your mobile App?
Author: goodcoders
4. The Rise Of User Centered Web Design
Author: goodcoders
5. Reasons Why Laravel Perfect For Web Development?
Author: goodcoders
6. Ssd Vs Sas Vs Sata Drives: Which Is Better For Your Dedicated Server Hardware?
Author: The CyberTech
7. Raid Servers And Data Protection: Common Myths About Raid Servers
Author: The CyberTech
8. Top 8 Do's And Don’ts When Dealing With A Corrupted Sd Card
Author: The CyberTech
9. Nvme Vs Ssd: What To Choose For Your Storage Solutions?
Author: The CyberTech
10. 8 Common Data Recovery Myths Exposed!
Author: The CyberTech
11. Understanding Ssd Lifespan: Signs, Durability, Data Recovery, And Factors Affecting The Life Of An Ssd
Author: The CyberTech
12. Server Data Recovery Solutions: When Your Raid Server Is Crashed!
Author: The CyberTech
13. Data Recovery Solutions For Undetected Ssd On Bios
Author: The CyberTech
14. Problems Faced By Mobile Phone Users: Green Line Issue, Motherboard Failure, Phone Stuck On Logo And Mobile Data Recovery Possibilities
Author: The CyberTech
15. Ssd Vs Hdd: Weaknesses, Data Recovery Factors And Failure Rates
Author: The CyberTech