Skip to main content

What we know about Chronicle, Alphabet's mysterious new company

[ad_1]


There’s an intriguing new player on the cybersecurity block, and it’s called Chronicle. Notable because it’s part of Google’s parent company, it emerged out of Alphabet’s “moonshot” incubator, known as X. Announced last week in two different blog posts on Medium, Chronicle will focus on helping companies comprehend their own security data and, according to the company’s CEO, “stop cyber attacks before they cause harm.”



In an era of global computer infections like WannaCry, or vulnerabilities in computer processors like Meltdown and Spectre, a Google-like company turning its focus and resources to cybersecurity is a good thing. But there’s limited information available about how it might function.



In a blog post, the company’s cofounder and CEO, Stephen Gillett, wrote that one prong of the firm will be “a new cybersecurity intelligence and analytics platform that we hope can help enterprises better manage and understand their own security-related data.” Some companies, he added, have been trying out an initial version of that platform already. Their system will also use machine learning, a type of artificial intelligence.



While the company isn’t sharing details besides what’s already public, machine learning represents a powerful tool for making sense of the droves of cybersecurity data that a company gathers.



“I think that the idea of using Google’s data to be able to improve cybersecurity across the ecosystem is a very direct application of information that only Google has,” says Shuman Ghosemajumder, the CTO of Shape Security and the former click-fraud chief at Google.


Drowning in data



Chronicle will help companies make sense of the “security alerts” that their internal defenses produce—alerts that can number in the tens of thousands every day, according to Gillett’s explanation of the company. “The proliferation of data from the dozens of security products that a typical large organization deploys is paradoxically making it harder, not easier, for teams to detect and investigate threats,” he wrote. And all that data is pricey to store, too.



Data about a company’s network activity can come in the form of event logs, says Bryan Parno, an associate professor of computer science at Carnegie Mellon University. On a computer network, an event can be as simple as someone logging onto their machine in the morning, the communications between computers, or files that people download. Those event logs can also include security alerts, like failed login attempts. Antivirus software also produces notifications, as do other security devices. It’s data like this in general that Chronicle might want to crunch, Parno speculates.



The next step is to do “anomaly detection,” Parno says, a process of looking at that data and figuring out the difference between normal and abnormal traffic.


Set loose the AI



That’s where machine learning can come into play, which can glean insight from oodles of data. “Security analysts often spend a lot of their time, saying, ‘Well, we got all these alerts, we need to somehow triage them,’” Parno says. The goal is to separate a real threat from just normal traffic.



Machine learning excels at learning from data—a classic example is to teach a learning algorithm what a cat looks like by giving it tons of pictures of felines and then letting it decipher its own rules about cat appearances, instead of trying to program those rules explicitly in. That software can then recognize what it thinks are bewhiskered animals in new images.



In this case, the data isn’t furry pets. It’s information like security alerts, as Gillett said in his blog item, or perhaps those event logs. Engineers tend to train their system on “the good stuff,” Parno says—showing it what the normal traffic looks like so it can learn from that, because most traffic is the benign kind.



“You’re mostly training for good, and saying, ‘Anything I don’t recognize as good is probably bad,’” Parno says. Chronicle could be training its algorithms to recognize the signals from good traffic, bad traffic, or both. (Part of the company includes a 2012 Google acquisition called VirusTotal, which focuses on malware detection.) In short, Chronicle is a platform that is designed to give speedy analysis of a company’s own cyber-security situation. (In a similiar vein, another new company has created an AI system designed to help CIA-type intelligence analysts make sense of reports and other data.)



Parno says that the system could also speed up the painstaking process of piecing together what happened even after something goes wrong, like a computer getting infected with malware.



But Parno, who focuses on computer security and cryptography, strikes a note of caution. “Historically, it’s been a challenge to apply machine learning very effectively to security problems,” he adds. That’s because it’s good at identifying what he calls the “average case.” If Siri or Alexa understands what you say 99 percent of the time, that’s basically acceptable. But in the realm of security, he says, 99 percent doesn’t cut it. “The Achilles Heel of anomaly detection has always been that attackers just say, ‘“Well, I’m just going to very carefully craft my attack so it looks like normal activity.”




[ad_2]

Written By Rob Verger

Comments

Post a Comment

Popular posts from this blog

Ice technicians are the secret stars of the Winter Olympics

[ad_1] The emphasis of this year's two-week-long Winter Olympic Games has been placed squarely on the Olympians themselves. After all, the stated purpose of the international competition is to bring together the world’s greatest athletes in a nail-biting competition across fifteen different winter sports. But before the curlers, skiers, and skaters even arrived in Pyeongchang, South Korea, the Olympians of the ice technician world were already a few weeks deep in a competition of their own. Mark Callan of the World Curling Federation and Markus Aschauer of the International Bobsleigh and Skeleton Federation both say they’re hoping to make the best ice the Winter Olympics have ever seen. To transform the barren concrete jungle of existing tracks and arenas into an ice- and snow-covered wonderland is an enormous undertaking. And it takes a keen understanding of the physics and chemistry that keeps frozen precipitation pristine. Curling Callan has been making and maintaining ic...
Post a Comment
Read more

Humans flourished through a supervolcano eruption 74,000 years ago (so you can make it through Tuesday)

[ad_1] About 74,000 years ago, a large chunk of a Pacific island exploded. It sent ash and other debris around the world, including to the southern tip of Africa, where it would be found by a team of international scientists and entered as the latest data point in one of the hottest debates in paleoanthropology ( I know ): Did the Toba supervolcano thrust our planet into a 1,000-year volcanic winter, thus bottle-necking animals and plants alike? Or was it just a little blip on our historic radar? That’s the contentious arena into which our intrepid researchers venture, this time with a new study in Nature establishing that humans in modern-day South Africa not only survived, but flourished after the Toba eruption. Where once was (we think, maybe) a mountain, there is now a huge caldera with a lake inside, and an island inside that. Their evidence shows that debris from the explosion landed 9,000 kilometers (5592.3 miles) away, the farthest distance traveled ever recorded for the ...
Post a Comment
Read more

These 1950s experiments showed us the trauma of parent-child separation. Now experts say they're too unethical to repeat—even on monkeys.

[ad_1] John Gluck’s excitement about studying parent-child separation quickly soured. He’d been thrilled to arrive at the University of Wisconsin at Madison in the late 1960s, his spot in the lab of renowned behavioral psychologist Harry Harlow secure. Harlow had cemented his legacy more than a decade earlier when his experiments showed the devastating effects of broken parent-child bonds in rhesus monkeys. As a graduate student researcher, Gluck would use Harlow’s monkey colony to study the impact of such disruption on intellectual ability. Gluck found academic success, and stayed in touch with Harlow long after graduation. His mentor even sent Gluck monkeys to use in his own laboratory. But in the three years Gluck spent with Harlow—and the subsequent three decades he spent as a leading animal researcher in his own right—his concern for the well-being of his former test subjects overshadowed his enthusiasm for animal research. Separating parent and child,...
Post a Comment
Read more