Cognitive Intelligence

February 27, 2019

SECURITY

Cisco Security at Work: Threatwall at Mobile World Congress 2019

If you attended a Cisco Live or an RSA conference in the past couple of years you may have come across a display entitled “Cisco Security at Work”. This display, often referred to as the Threatwall, is a live display of threats on the wireless network at the conferences where it is deployed. Current…

September 29, 2018

SECURITY

Defeating Polymorphic Malware with Cognitive Intelligence. Part 2: Command Line Argument Clustering

Co-authored with: Jan Jusko, Harry Nayyar, and Danila Khikhlukha. Adversaries continue to evolve their techniques to evade detection. Static analysis approaches are prone to evasion using malicious packers, code obfuscation, and polymorphism. That means that the vast majority of malware is unique to…

August 28, 2018

SECURITY

Cognitive Intelligence: Empowering Security Analysts, Defeating Polymorphic Malware

Co-authored with: Jan Jusko, Harry Nayyar, and Danila Khikhlukha. In psychology, the term “cognition” refers to a human function that is involved in gaining knowledge and intelligence. It helps describe how people process information and how the treatment of this information may lead to various deci…

January 26, 2018

SECURITY

Securing Encrypted Traffic on a Global Scale

written by Martin Rehak and Blake Anderson, on behalf of Cognitive and ETA teams Introduction How many engineers does it take to find malware in encrypted traffic? In case of Cisco, the core of machine learning team that enables Encrypted Traffic Analysis (ETA) is about 50 engineers, security resear…

July 13, 2017

SECURITY

Are You The Lucky One? Sometimes Luck Can Bring You Malware

For more than two decades, malicious actors have been evolving their Phishing techniques to effectively achieve their goals. From poorly crafted scams to extremely well crafted documents, Phishing attacks keep being a very effective technique in the attackers toolbox. Anyone can be a target. While m…

May 24, 2017

SECURITY

The light is green! But is it safe to go? Abusing users’ faith in HTTPS

This post was authored by Anna Shirokova and Ivan Nikolaev John Smith had a lot of friends and liked to travel. One day he got an email that read: “Money has been sent to your PayPal account”. The sender appeared to be a person he met from recent trip to Cape Town. John Smith was curious…

January 19, 2017

SECURITY

Closing One Learning Loop: Using Decision Forests to Detect Advanced Threats

This blog post was authored by Veronica Valeros and Lukas Machlica Malicious actors are constantly evolving their techniques in order to evade detection. It is not only the sophistication or the rapid pace of change that is challenging us as defenders, but the scale of attacks. With the continuous f…

December 14, 2016

SECURITY

In plain sight: Credential and data stealing adware

Adware has been around for a while now. In principle, displaying advertising in order to finance your software is not necessarily something bad. Users are used to seeing advertising everywhere: newspapers, magazines, and websites. When advertising was introduced to software, users had a surprisingly…

October 20, 2016

SECURITY

Piecing Together Malicious Behavior in Encrypted Traffic

This post was authored by Jan Kohout, Veronica Valeros and Petr Somol. Increasing adoption of encryption in web communication significantly contributes to protection of users’ privacy. However, it also brings tough challenges for intrusion detection systems that need to analyze the traffic wit…