5G: Customized services and apps at the edge
December 26, 2018 – 8:21 pm | No Comment

Services can be tailor-made for customers and delivered in real-time by placing all or most of the elements for service composition — such as VNFs, virtualized resources, microservices, management and orchestration software, a cloud-native infrastructure that includes the SaaS. IaaS, PaaS, and Cloud-RAN — in close proximity to customers at the edge.

Read the full story »
Business Technology Writing

Industry Dynamics, Competition, Value Proposition of emerging B2B technologies, Business Models for Emerging Technologies, Disruption, Use Cases, Solutions, Pain points, Narratives, Storytelling, Messaging

Content

White Papers, Blogs, Marketing Plans, Case Studies, Articles, Web content, Ghost writing, e-books, Social Media content, Technology Marketing content, Business of Technology, Industry Marketing.

Financial Writing

Economic Prospects, Economic Policy, Fiscal and Monetary Policy, Asset Allocation, Country Prospects, Global Investing, Emerging markets, Risk and Return, Corporate Finance, Equity, Debt, Real Estate, Derivatives, Hedge Funds, Capital and Credit Markets, Cryptocurrencies.

Emerging technologies and trends

Artificial Intelligence, Internet of Things, Computer Vision, Digital Transformation, Software-defined networks, Wearables, Heterogeneous Networks, Cloud computing, SaaS, PaaS, IaaS, Blockchains, 5G, Healthcare, Streaming Media

Predictions

Crystal ball, Foresight, Forecasting, projections, change, innovation, entrepreneurship, policy reform, futurology, leadership, vision, business cycle, Kondrateiv Wave,

Cybersecurity, Technology »

Zeroing on Stuxnet-like cyber adversaries
January 20, 2019 – 11:00 pm | No Comment

by Kishore Jethanandani

Cyber defense is on high alert against assaults of unknown and elusive threats akin to Stuxnet that hit Iranian nuclear facilities.  Firewalls — designed for known, signature-based malware — are routinely breached.

Zero-day exploits

Alternative approaches for protecting networks against the elusive zero-day cyber attacks, AI-enabled services, and applications, exist but adversaries have found ways to subvert them. Preventive methodologies which eliminate vulnerabilities at the time of software development take management transformation before they can be implemented. 

SDN controllers are the big brothers of networks. They receive data on unusual activities from every corner of virtualized networks from sensors.  When unusual activity is detected in networks, SDN  controllers prompt actuators to take action against threats.

Finding zero-day threats, however, is a formidable challenge. Virtualized networks generate a torrent of software components with unpatched bugs — unknown vulnerabilities that hackers can exploit and go unnoticed. IoT networks and connected devices are adding another wave of software to the mix. According to a recent survey by cybersecurity firm Herjavec Group 70% of security operation centers see unknown, hidden, and emerging threats as their most challenging problem and the most desired capability they would like to acquire is threat detection (62%.)

Zero-day attacks pinpoint specific bugs leaving only small traces of their footprints. When detected, they have polymorphic chameleon characteristics to morph into new unknown versions. Network perimeters, as a result, are chronically porous.

Unsurprisingly, zero-day vulnerabilities, usually discovered accidentally during routine maintenance, peaked at 4,958 in 2014 and declined to 3,986 in 2016, according to a Symantec report. Product development processes, which incorporate security at the outset, are believed to be responsible for the fall.

Law enforcement was initially able to foil zero-day attacks by listening to conversations among cybercriminals over the darknet. Hackers have since closed this source of information.

“Cybercriminals construct their private networks to prevent law enforcement from listening to their conversations,” said Mike Spanbauer, vice president of research strategy, NSS Labs Inc. A research study by NSS Labs on breach detection systems found that five of the seven tested missed malware that evades firewalls, or advanced malware like zero-day threats, and their average effectiveness was 93%. The shortfall of 7% leaves the entire network at risk.

Living off the land

The story is no different when cybercriminals are inside of a virtualized network. They can blend into the network by acquiring credentials from the network’s administration, which is called “living off of the land” in the cyber security world. Service providers are prone to decrypting data — as illustrated by a recent FTC case — when they move it across transportation layers and provide an opportunity for intruders to sniff out credentials. They then use remote control protocols — meant for legitimate purposes such as load balancing — to maliciously control multiple VNFs.

Opportunities for deception abound in virtualized networks. For example, by masquerading as trusted authorities — such as those responsible for the quality of service — gain access to confidential information of unsuspecting victims across the network. Cybercriminals can spin virtual machines, recreated from their snapshots or images, and inject stolen identities of trusted authorities to ward off any suspicion of malicious activity.

Hackers can exploit the inconsistencies created unknowingly in interdependent systems of virtual networks. The data network, for example, is governed by the policies of the management network, and the SDN controller executes policies. Adversaries can maliciously insert fake policies in the management network, and the SDN controller unwittingly implements them.

Artificial Intelligence

In this shadowy cybersecurity world, artificial intelligence is widely touted as a means to find the clues to lurking malware. Chris Morales, head of security analytics at Vectra, said his company specializes in tracking cyber threats inside networks by analyzing data from packet headers to find patterns in communication between devices and their relationships.

“We focus on the duration, timing, frequency, and volume of network traffic,” he said. “Data on a sequence of activities point to hidden risks. An illustrative sequence that is a telltale sign of malicious activity is an outside connection initiating largely outbound data transfers and small inbound requests, together with sweeps of ports and IP addresses, searching for databases, and file servers, followed by attempts at administrative access.”

Artificial intelligence, however, is not a panacea as machine-learning algorithms have chinks that cybercriminals can exploit with their own learning algorithms. AI-augmented malware tweaks its malicious code as it learns about the detection of its earlier versions. Cybercriminals can also fob off the defending algorithms by feeding subtly misleading data (adversarial learning) such as pictures of effeminate males that are then mistakenly labeled as females.

As the cybersecurity arms race spirals ad infinitum, some industry experts are taking a step back to consider an entirely different course of action. “Hackers essentially reverse engineer code to find flaws in software and determine how to exploit them. By adopting methodologies like the secure development lifecycle (SDLC), software developers can use analytics tools to detect errors and eliminate them at the outset,” said Bill Horne, vice president, and general manager with Intertrust Technologies Corporation.

Deep Instinct’s Shimon Noam Oren, head of Cyber Intelligence, had an altogether different take on the matter. His company’s data and analytical model are designed to track unknown unknowns while current models can at best detect known unknowns.

“Data on the behavior of malware limits the training of current algorithms to known threats,” he said. “Binary sequences, the most basic level of computer programming, account for all raw data and the infinite number of combinations that are possible. Some of these sequences represent current threats, and others are possibilities open to adversaries.

“Current predictive modeling techniques in security are linear while Deep Instinct’s model is non-linear, which affords greater flexibility for the machine to autonomously simulate and predict unknown unknowns extrapolating from data on existing threats as if solving a crossword puzzle.”

The most likely scenario for the future is that improved software development methodologies will slow down the rate of increase of vulnerabilities from the current breakneck speed. Zero-defect software is improbable in the environment. Ever more sophisticated AI engines will build defenses against the remaining hidden threats.

A version of this article was previously published by Light Reading’s Telco Transformation

Mesh networks open IOT’s rich last mile data seams for mining
August 13, 2018 – 2:03 pm | No Comment
Mesh networks open IOT’s rich last mile data seams for mining

By Kishore Jethanandani
Mesh networks (or the alternative star topology networks connecting devices to routers) afford the mining of data in IOT’s last mile. By interconnecting mobile devices, mesh networks can funnel data from sensors to …

Fog Computing: Bringing cloud vapors to the IOT fields
August 13, 2018 – 1:30 pm | No Comment
Fog Computing: Bringing cloud vapors to the IOT fields

Sensor data creates needs for local analytics that fog computing serves
By Kishore Jethanandani
Fog computing has arrived as a distinct class of customized solutions catering to local analytical needs in physical ecologies that constitute the Internet …

Knowing the unknown by digging deep
April 10, 2018 – 4:27 pm | No Comment

Kishore Jethanandani
Deep learning, referred to as neural network algorithms, is a lot like solving a crossword puzzle–the unknowns in gargantuan data stores are knowable only by their relationships with the known. Unsupervised deep learning goes …

Cyber-detectives chase cyber-criminals armed with Big Data
July 10, 2015 – 8:02 pm | One Comment

by Kishore Jethanandani
Cyber-security in enterprises is caught in a dangerous time warp—the long held assumption that invaluable information assets of companies can be cordoned off within a perimeter, protected by firewalls, no longer holds. The …

The long arm of the law extended by technology
July 3, 2015 – 8:44 pm | One Comment

Law enforcement faces daunting challenges and many cases go cold. Its loses the trail when it pursues criminals into the woods, fugitives are often elusive as they flee from the scene of the crime, clues don’t tell …

Infrared mobile devices: light under the cover of darkness
May 11, 2015 – 6:45 pm | No Comment

By Kishore Jethanandani
Consumer mobile devices are extending their reach into the enterprise, fulfilling more than communication needs of distributed workforces, as they are incorporated into business processes. A bevy of companies have launched infra-red mobile …

Enterprise mobile apps: carriers help overcome geography
May 9, 2015 – 3:13 pm | No Comment

By Kishore Jethanandani
Mobile broadband carriers are discovering their unique latent strengths in provision of mobile enterprise platforms and applications stretching across multiple geographies. They see in the provision of a seamless mobile experience, for nationwide …

Indiana Jones in the age of analytics
May 8, 2015 – 12:04 am | No Comment

By Kishore Jethanandani
Drilling engineers navigate hazardous oil wells in earth’s dark hollows not in the manner of the swashbuckling Indiana Jones but collaboratively with staid geophysicists and geologists who parse terabytes of data to calculate …

Future of Healthcare in the USA: how it could be the growth engine
May 7, 2015 – 11:41 pm | No Comment

By Kishore Jethanandani
Kondratieff cycles, which span thirty to fifty years, are marked by breakthroughs in technology and reform of institutions that drive expansion and a downturn sets in as technologies mature and unnoticed dysfunction in …

YouTube competes with commercial TV
May 7, 2015 – 7:02 pm | No Comment

By Kishore Jethanandani
Youtube’s harum-scarum expansion of goofy user-generated content is giving way to first steps towards professional content on premium TV channels. Sports content is the linchpin for commercial TV and will likely light the …

Is Video Analytics an answer to Google Analytics for retail stores?
May 7, 2015 – 6:38 pm | One Comment

By Kishore Jethanandani
The competitive battle between brick-and-mortar stores and on-line stores seemed like a no contest. E-commerce stores have the clinching advantage in analytics. Video analytics may well help stores disprove that presumption.
E-commerce sites learn …

On the M2M road to pervasive intelligence
May 7, 2015 – 5:54 pm | No Comment

By Kishore Jethanandani
Machine-to-Machine (M2M), the tiny radio devices, sensors that feed bits of data from activities of objects such as moving trucks, have a whole lot more value when the data from each of them …

MEMS transform Mobile Devices
May 7, 2015 – 1:45 am | No Comment

Mobile device sales have tapered in developed markets. To regenerate demand, vendors are turning to tiny, low-powered MEMS (Micro-electro-mechanical systems) devices that enable novel services on smaller energy efficient devices.
Outdoor navigation was one of the …

Global Supply Chains: the connecting tissue for dispersed supply centers
September 6, 2012 – 7:33 am | No Comment
Global Supply Chains: the connecting tissue for dispersed supply centers

International Procurement Operations (IPOs) are the nerve centers of decision-making for efficient global procurement operations. Expansion into low-cost countries brings within the fold of an extended enterprise a coalition of suppliers, buyers and logistics companies …

Hedge Funds: alpha for the masses
September 6, 2012 – 6:48 am | No Comment
Hedge Funds: alpha for the masses

 
 
 
 
 
 

The specter of inflation has increased the appetite for capital preservation among endowments and foundations – and these investors have targeted rates of return that can’t be achieved with today’s low-yielding bonds. Alternative investments in …

Predictive Analytics: ready for surprises
September 6, 2012 – 12:52 am | No Comment
Predictive Analytics: ready for surprises

 

Customers can now see that the early CRM technologies had a modest objective of accumulating transaction data. The truth is that the “irrational optimism” about CRM clouded judgments in the 1990s. The “irrational pessimism” that …