Active Social Engineering Defense (ASED) - DARPA · PDF fileActive Social Engineering Defense...

Active Social Engineering Defense (ASED)

Wade Shen/I2O

Approved for Public Release, Distribution Unlimited 1

ASED Goal

Automatically identify, disrupt and investigate spear-phishing and social engineering attacks via bot-mediated communications.


ASED - A taxonomy of social engineering attacks


TargetingEveryoneOrgsIndividuals

TrustSpoofed identityCo-opted identityNone (earned)

GoalInduce behavior (e.g. click thru, open attachment)Elicit sensitive information (e.g. passwords, PII)Acquire resources (e.g. $, bitcoins, etc.)

Phishing: targets large populations and gains trust via impersonation to induce behaviors or elicit sensitive information

Spear-phishing: targets individuals or organizations and gains trust via impersonation to induce behaviors or elicit sensitive information

Scam: targets individuals and gains trust via impersonation or by one-on-one interaction to elicit sensitive information or acquire resources

Typical attacks

Active Social Engineering Defense (ASED)


Today Tomorrow

Victim

① Attackers communicate directly with potential victims to gain trust

② Victim independently decides whether F isfriend or foe

③ Investigators manually trace attackers from outside vantage point via post-attack forensic investigation

3

① ASED mediates and aggregates communications through bots that act on the victim’s behalf.

② ASED bots auto-identifies friend or foe:• channel anomaly detection from multiple vantage points• bot-based HITL challenge/response

③ ASED bots conduct coordinated investigation from victim’s vantage point of foes eliciting identifying information actively

2 Friend or foe?

1

• 80+% of cyber penetrations start with a social engineering attack [Verizon/TM 2014]

• 70+% of nation state attacks [FBI 2011]• The fundamental weakness of secure cyber

systems are humans

ASED

V2’’

1

2

3

F

Victim 2

Victim 1

V1’

Automated information elicitationLearning optimal strategies from opponent interactions

• Recent work in deep reinforcement learning:- Q: Given state st, Q(st) is the best score associated with all possible future states st+k- 2015 Google DeepMind develops DRQN; plays pacman beats humans- 2016 CMU chatbot able to win 20Q game with 90+% vs. 68% [1]

Approved for Public Release, Distribution Unlimited 5[1] Zhao and Eskenazi, “Towards End-to-End Learning for Dialog State Tracking and Management using Deep Reinforcement Learning,” SigDial 2016.

DRQNDQNPOMDP

Observe opponent actions

(computer vision)

Estimate game state st

Decide plan that maximizes Q(st)

Synthesize action

AI Opponent

History of prior actions

Parse statement (Natural language

understanding)

Estimate dialog state st

Decide plan that maximizes Q(st)

Statement generation

History of prior statements

Human communicant

Automated video game player

Chatbot

Games played

Scor

e

Elici

tatio

n Ac

cura

cyGames playedDRQN Deep Recurrent Q Networks

DQN Deep Q Networks

POMDP Partially-observed Markov Decision Process

20Qs

Program technical areas


TA1 Attack detectionTA2 Active investigation of social engineersTA3 Scalable evaluation red-team

TA1: Attack detection


ASED

F <-> V channel

V’

V’’

V’’’

Virtual alter ego bots • Specific communication channels for each

interaction via different personas• ASED-managed bots can collaborate and

act on behalf of the victim autonomously for attack detection and active investigation

• ASED controls all bots with the human-in-the-loop

Passive detection• Examine similar comms across users to

identify multi-target attack• Out-of-channel comms are potential

identifiers of attack

Active detection• Out-of-band verification: Automated

URL/site validation via sandboxing, elicited verification via alternate channels

• Coordinated challenge/response from multiple bots

• Automated challenges designed to elicit identifying information

VictimAttacker

TA2: Active investigation of social engineers

• Maintain mediated access to privileged information- Automatically manage honey-pot resources

(e.g. bitcoin, disposable accounts, fake victim PII, URL-testing VMs, etc.)

- Manage access to real PII via appropriate channels

• Automatic elicitation of attacker’s identifiers- Bots probe attackers via direct, stateful dialog- Provoke activity on observable channels- Exchange resources for identifying information

• Coordinated elicitation and adversary distraction- Automatically cluster attacks by latent attacker- Coordinate multi-bot elicitation strategy- Distract attackers by keeping dialogs live

(increase adversary workload)Approved for Public Release, Distribution Unlimited 8

ASED-managed alter egos

From: [email protected]

Hi. Just writing to let you know my trip has been a mess… I need you to loan me some money. I'll refund it when I get back.

Honey pot’

Real PIIHoney pot’’

V’

Can you send me your bitcoin

address?

Let’s meet @ Main st. @ 10am

I’ll wire money to your account.

V’’

TA3: Scalable evaluation red team

• Maintain and develop corpus of scam, spear-phishing, and social engineering in multiple scenarios- Goal-based attacks for PII, $s and security-related information

• Recruit pools of skilled human attackers to counter TA1/TA2 systems- Use transcripts of human attacks to construct “corpus” of training examples for TA1/TA2

adaptation

• Develop automated attack strategies tailored to counter TA1/TA2 ID and counter-attack algorithms- Automated soft-target identification- Automated offensive phish bots- Automated and dynamic attacker obfuscation


Evaluation method


ASED test range (FFRDC-managed)

Volunteer subject pool

TA3 Attackers

1. Witting and savvy subjects2. Existing PEN-test IRB

TA1/2 Defenders

1. Human attackers2. Automated attackers

Metrics and program targets


Metrics P0 P1 P2TA1: Attack detection

Pd/Pfa for identification of friend/foe• # of challenges needed to perform IFF

70%/12% 90%/3% 95%/1%

TA2: Active investigation

Retrieval rate for attacker’s identifying information• # of turns + # of alter egos needed to

extract information• Amount of expendable resources needed per

identifier extracted• Engagement time (in dialog turns) per target

of DoS counter attack

17% 70% 90%

TA3: Scalable redteam

Pd/Pfa detection of soft targets• @ differing #s of seedsSuccess rate of attacks against non-ASED accounts

65%/20%

70%

85%/4%

80%

97%/1%

95%

ScheduleExecution and phasing

TA1: Attack detection

TA2: Active investigation

TA3: Scalable red-team and evaluation

Integrated toolkit / prelim system Transition System

Phase 1 (18 months) Phase 2 (30 months)

Hypertargeted phishing/scams

Human-in-the loop testbed

Corpus/scenario development + live red-team exercises

Automated hypertargeting

Coordinated alter ego DDoS Coordinated elicitation

Direct elicitation Indirect elcitation

Automated channel management

Passive collective assessment of links and personas

Active verification

Bi-annual evaluation


www.darpa.mil

Social engineering

• The fundamental weakness of cyber systems are humans• 80+% of penetrations and hacks start with a social

engineering attack; 70+% of nation state attacks [FBI, 2011/Verizon 2014]

• Examples


Hidden Lynx 2013: Chinese attack on Bit9 (certificate authority); compromised 3 DoDcontractors

2015 Russian spear-phishing of joint chiefs of staff

OPM 2015: Chinese spear-phishing results in 4M+ SF-86s + fingerprints stolen

Source: Fedscoop.comSource: Digitaltrends.com

Source: Hiveminer.com

TA1/2: Active assessment and engagement


Automated Assessment1. Identify direct and indirect targets

for challenge2. Bots that automatically challenge

adversary to provide privileged information

3. Verify provided info (links, accounts, etc.) against DBs and known sites

verified

suspicious

Active investigation and denial of service

1. Elicit identifying information from targets• Direct elicitation• Indirect elicitation

2. Manage and disseminate false target information

3. Coordinate swarmed engagement of targets to elicit information and deny access to real users

Active Social Engineering Defense (ASED) - DARPA · PDF fileActive Social Engineering Defense...

Documents

Transcript of Active Social Engineering Defense (ASED) - DARPA · PDF fileActive Social Engineering Defense...