Skip to main content

What we know about Chronicle, Alphabet's mysterious new company

[ad_1]


There’s an intriguing new player on the cybersecurity block, and it’s called Chronicle. Notable because it’s part of Google’s parent company, it emerged out of Alphabet’s “moonshot” incubator, known as X. Announced last week in two different blog posts on Medium, Chronicle will focus on helping companies comprehend their own security data and, according to the company’s CEO, “stop cyber attacks before they cause harm.”



In an era of global computer infections like WannaCry, or vulnerabilities in computer processors like Meltdown and Spectre, a Google-like company turning its focus and resources to cybersecurity is a good thing. But there’s limited information available about how it might function.



In a blog post, the company’s cofounder and CEO, Stephen Gillett, wrote that one prong of the firm will be “a new cybersecurity intelligence and analytics platform that we hope can help enterprises better manage and understand their own security-related data.” Some companies, he added, have been trying out an initial version of that platform already. Their system will also use machine learning, a type of artificial intelligence.



While the company isn’t sharing details besides what’s already public, machine learning represents a powerful tool for making sense of the droves of cybersecurity data that a company gathers.



“I think that the idea of using Google’s data to be able to improve cybersecurity across the ecosystem is a very direct application of information that only Google has,” says Shuman Ghosemajumder, the CTO of Shape Security and the former click-fraud chief at Google.


Drowning in data



Chronicle will help companies make sense of the “security alerts” that their internal defenses produce—alerts that can number in the tens of thousands every day, according to Gillett’s explanation of the company. “The proliferation of data from the dozens of security products that a typical large organization deploys is paradoxically making it harder, not easier, for teams to detect and investigate threats,” he wrote. And all that data is pricey to store, too.



Data about a company’s network activity can come in the form of event logs, says Bryan Parno, an associate professor of computer science at Carnegie Mellon University. On a computer network, an event can be as simple as someone logging onto their machine in the morning, the communications between computers, or files that people download. Those event logs can also include security alerts, like failed login attempts. Antivirus software also produces notifications, as do other security devices. It’s data like this in general that Chronicle might want to crunch, Parno speculates.



The next step is to do “anomaly detection,” Parno says, a process of looking at that data and figuring out the difference between normal and abnormal traffic.


Set loose the AI



That’s where machine learning can come into play, which can glean insight from oodles of data. “Security analysts often spend a lot of their time, saying, ‘Well, we got all these alerts, we need to somehow triage them,’” Parno says. The goal is to separate a real threat from just normal traffic.



Machine learning excels at learning from data—a classic example is to teach a learning algorithm what a cat looks like by giving it tons of pictures of felines and then letting it decipher its own rules about cat appearances, instead of trying to program those rules explicitly in. That software can then recognize what it thinks are bewhiskered animals in new images.



In this case, the data isn’t furry pets. It’s information like security alerts, as Gillett said in his blog item, or perhaps those event logs. Engineers tend to train their system on “the good stuff,” Parno says—showing it what the normal traffic looks like so it can learn from that, because most traffic is the benign kind.



“You’re mostly training for good, and saying, ‘Anything I don’t recognize as good is probably bad,’” Parno says. Chronicle could be training its algorithms to recognize the signals from good traffic, bad traffic, or both. (Part of the company includes a 2012 Google acquisition called VirusTotal, which focuses on malware detection.) In short, Chronicle is a platform that is designed to give speedy analysis of a company’s own cyber-security situation. (In a similiar vein, another new company has created an AI system designed to help CIA-type intelligence analysts make sense of reports and other data.)



Parno says that the system could also speed up the painstaking process of piecing together what happened even after something goes wrong, like a computer getting infected with malware.



But Parno, who focuses on computer security and cryptography, strikes a note of caution. “Historically, it’s been a challenge to apply machine learning very effectively to security problems,” he adds. That’s because it’s good at identifying what he calls the “average case.” If Siri or Alexa understands what you say 99 percent of the time, that’s basically acceptable. But in the realm of security, he says, 99 percent doesn’t cut it. “The Achilles Heel of anomaly detection has always been that attackers just say, ‘“Well, I’m just going to very carefully craft my attack so it looks like normal activity.”




[ad_2]

Written By Rob Verger

Comments

Post a Comment

Popular posts from this blog

Ice technicians are the secret stars of the Winter Olympics

[ad_1] The emphasis of this year's two-week-long Winter Olympic Games has been placed squarely on the Olympians themselves. After all, the stated purpose of the international competition is to bring together the world’s greatest athletes in a nail-biting competition across fifteen different winter sports. But before the curlers, skiers, and skaters even arrived in Pyeongchang, South Korea, the Olympians of the ice technician world were already a few weeks deep in a competition of their own. Mark Callan of the World Curling Federation and Markus Aschauer of the International Bobsleigh and Skeleton Federation both say they’re hoping to make the best ice the Winter Olympics have ever seen. To transform the barren concrete jungle of existing tracks and arenas into an ice- and snow-covered wonderland is an enormous undertaking. And it takes a keen understanding of the physics and chemistry that keeps frozen precipitation pristine. Curling Callan has been making and maintaining ice for m
Post a Comment
Read more

In the wake of NYC terrorist attack, Trump says he's ordered increased 'Extreme Vetting'

[ad_1] President Donald Trump has requested for a heightened vetting program following Tuesday's terrorist attack in New York. @realDonaldTrump: I have just ordered Homeland Security to step up our already Extreme Vetting Program. Being politically correct is fine, but not for this! Earlier, he tweeted that the attack in lower Manhattan was committed by a "sick and deranged person." @realDonaldTrump: In NYC, looks like another attack by a very sick and deranged person. Law enforcement is following this closely. NOT IN THE U.S.A.! His remarks came after a motorist drove onto a busy bicycle path near the World Trade Center memorial and struck several people on Tuesday, leaving at least eight people dead and a dozen injured. NBC News repor
Post a Comment
Read more

How to save everything you post to social media

[ad_1] If you get the urge to revisit that cute photo you posted some time last year, you'll have to scroll through your timeline for what feels like hours to track it back down. Instead, when you share a post on social media, also save it to your phone for safe-keeping. This will not only save your social media hits for posterity, but also make them easier to find if you ever need to rediscover them. In this guide, we focus on saving photos and videos, because text posts are slightly more complicated—the only way to really preserve text from Facebook and Twitter is to download your entire archive (we'll explain how to do this below), and Instagram and Snapchat don't let you save or export your instant messages at all. When it comes to photos and videos, there's a shortcut to make sure they stay on your phone: Originally film them through a dedicated app, which will save them to a gallery. Only then should you open up a social media app to share them. However, there'
Post a Comment
Read more