image title

Award-winning cybersecurity startup springs from ASU research

April 11, 2018

Combining expertise in AI and social sciences, CYR3CON is building stronger defenses against the dark web

In 2013 Arizona State University researchers Paulo and Jana Shakarian collaborated on a book that explored cyberwarfare from “a human-centric viewpoint,” as Paulo Shakarian described it.

“We noticed that everyone who was working on cybersecurity was focused on the technical aspects of it. Things like building firewalls and doing virus scanning,” he said. “But no one was taking a deep look at the people who are doing the bad stuff, the cyber attackers.”

The theme of the book became the genesis of the research they’ve done to understand the “hacker ecosystem” and devise ways to not merely respond to cyberattacks but to predict and thwart them in advance.

That research has given birth to CYR3CON, which the Shakarians define as “a next-generation cyber threat intelligence company” that employs machine learning, data mining and artificial intelligence technology — along with knowledge of the workings of the dark web — to identify emerging threats.

More than that, CYR3CON’s system guides users in making informed decisions about what cyber defense actions should be launched to most effectively neutralize specific kinds of hacking attempts.

Combining their expertise to explore cyber world

CYR3CON was started and is led by the Shakarians, who are husband and wife; Paulo is the company’s chief executive officer, while Jana is the president.

Paulo Shakarian's expertise is in cybersecurity, artificial intelligence and social network analysis. He is director of the Cyber-Socio Intelligent Systems Laboratory at ASU, where he is a Fulton Entrepreneurial Professor in the Ira A. Fulton Schools of Engineering.

He has been named a Knowledge Discovery and Data Mining Rising Star by Microsoft Research, held a fellowship with the U.S. Defense Advanced Research Projects Agency and won an Air Force Young Investigator award for his work in cybersecurity. He was also awarded a Bronze Star for his Army service, which included two tours in Iraq.

Jana Shakarian is a sociologist and anthropologist specializing in the behavior of hacking groups, and co-author of several books on topics relating to malicious hacking and terrorism. She previously worked as a staff social scientist for the University of Maryland Institute for Advanced Computer Studies. In her current role, she works with ASU’s Center for Cybersecurity and Digital Forensics.

Paulo Shakarian is on the faculty of the School of Computing, Informatics, and Decision Systems Engineering in the Fulton Schools. Jana Shakarian is an assistant research technologist in the same school.

The expertise employed in the Shakarians' venture mirrors an array of major research thrusts at ASU, particularly in the Fulton Schools. The range spans from such pursuits as digital forensics, web and data mining, and computer systems security modeling and architecture to automated vulnerability analysis, cybercrime analysis and intelligent machines and systems — as well as the use of social sciences research in the development of engineering and technology solutions.


Advanced technologies for identifying vulnerabilities

Their CYR3CON venture won a TechConnect Defense Innovation Award at the Defense Innovation Technology Acceleration Challenges Summit — a meeting of leaders in defense and security industries and officials in government agencies and the U.S. military.

CYR3CON was also a finalist in the recent tech startup and business model competitions held by the Arizona Technology Council and PricewaterhouseCoopers.

The TechConnect award was specifically for the company’s product called Vulnerability Update. It’s technology that provides a constant monitoring of software vulnerabilities in cybersecurity systems that are being identified through communications between potential hackers on the dark web. Vulnerability Update identifies and ranks system weaknesses that are up to 30 times more likely to be exploited by hackers, the Shakarians said.

The company also offers CYR3CON Screen, a web-based portal that allows analysts to find the most recent malicious hacker information from the dark web, as well as CYR3CON Alert, which provides timely and accurate intelligence to cyber defenders, and Active Threat Assessment to reveal a client’s footprint on the dark web, including related hacker discussions, industry threats and emerging attack tactics.

Tracking hackers to preempt cyberattacks

“What we are essentially trying to do is get ahead of the bad guys,” Paulo Shakarian explained. If you look at the major cyberattacks of recent years, he said, the vast majority were enabled by software vulnerabilities that were known about ahead of time.

The problem is that the number of vulnerabilities is growing too fast for all of them to be quickly remedied even after they are discovered.

“The people who are tasked with defending security networks don’t know where to begin,” Paulo Shakarian said. “As soon as they begin making progress there is a whole new batch of vulnerabilities that come up, so they are continually behind.”

CYR3CON provides capabilities to collect information from the hidden parts of the internet and to find out what specific vulnerabilities hackers are discovering as possible targets of attacks. Using machine learning and data mining methods, the company’s technologies can constantly search as many as 400 websites simultaneously, sifting through thousands of posts and discussions on dark web sites.

“We can say we saw these software vulnerabilities being discussed by these particular people and predict with a good degree of certainty what weaknesses of specific cybersecurity systems are going to be targeted by hackers,” Paulo Shakarian said.

Video by Jamie Ell/ASU Now

Deeper look into the dark web

The Shakarians' next step is to provide clients with strategies that quickly and precisely reinforce defenses based on a system's specific vulnerabilities.

Along with the power of the company’s technological infrastructure, the value of its service hinges on a deep understanding of the perpetrators of malevolent cyber activity.

“To identify the bad actors in these scenarios takes knowledge of behavioral psychology,” Paulo Shakarian said. “All this hacking isn’t done by the technology itself, it’s done by people. Jana's training as an anthropologist and sociologist comes into play in multiple aspects of what [CYR3CON] does. She knows what to focus on amid everything that’s going on out there in the hacker ecosystem.”

It’s not a matter of merely knowing what’s being talked about on the dark web.

“I don’t think you can do a good job predicting human behavior unless you have good socially rooted intuitions about what people are doing,” he said. “It’s knowing what the reputations of the people are and what their social connections look like that helps us create better algorithms to identify potential threats.”

The methodology on which the Shakarians’ enterprise is being built has been evaluated and validated by three peer-reviewed studies and has earned multiple provisional patents for ASU based on inventions by the Shakarians and various students. CYR3CON now licenses those inventions.

Business skills, more research will drive startup forward

The Shakarians have brought on experts to handle their startup’s financial, business development and customer support operations. They’re starting to bring on the company’s first customers, which range from mid-market businesses to large Fortune 500 companies.

“This will enable us to learn how our technology can be best integrated into existing operational business cybersecurity environments,” Paulo Shakarian said. “After we learn those lessons, we will expand through the use of channel partners that will resell the technology.”

CYR3CON has already established contractual relationships with multiple partners that provide complementary cybersecurity products and services.

Research aimed at improving the company’s operations and capabilities will continue. The Shakarians expect to tap into the skills of those working in Fulton Schools labs — including graduate and undergraduate students.

“Machine learning, artificial intelligence and cybersecurity are a big focus of what we teach here,” Paulo Shakarian said, “so we have an array of expertise and a large pool of talent to draw from.”

Joe Kullman

Science writer , Ira A. Fulton Schools of Engineering


image title

Giving pound puppies a paw up

April 11, 2018

ASU researcher Lisa Gunter focuses on improving shelter dog welfare

Editor's note: This story is being highlighted in ASU Now's year in review. Read more top stories from 2018 here.

Dogs — they’re our best friends but there’s still a lot we don’t know about them: what they daydream about, if they’re really smiling, why they’re scared and how we can help. And until Dug the dog’s magical speaking collar from “Up” becomes available on the mass market, we’ll have to use other means to find out.

ASU psychology doctoral candidate Lisa Gunter has spent several years doing just that. A researcher at the university’s Canine Science Collaboratory, Gunter’s work focuses on improving the welfare of shelter dogs. She recently wrapped up three studies on the topic.

The first study found positive effects related to short-term fostering, the second confirmed a relationship between presumed stress behaviors and dogs’ physiological responses, and the third dispelled myths about shelter dog breeds. The latter is currently under review to be published by the open-access scientific journal Plos One.

“I think the aim of sheltering in general is to be doing things that improve the dogs’ well-being or that help them find a home,” Gunter said. “But a lot of times in shelters, we just don’t know a lot about the dogs. And I think if we know more, we can better help them.”

Sleepovers: Not just for kids

The first of Gunter’s recent studies was a larger-scale roll-out of an earlier study in which dogs from a single shelter spent one night away with a volunteer “foster parent.” In the initial study, cortisolCortisol is a hormone involved in the stress response. levels were measured in samples of the dogs’ urine taken at three separate points in time: at the shelter before the sleepover, during the sleepover and back at the shelter after the sleepover.

That study found that one night away from the shelter significantly reduced the dogs’ cortisol levels.

In the larger-scale roll-out, Gunter’s team, which included Erica Feuerbacher of Virginia Tech, received a grant from Maddie’s Fund to expand the study to include dogs from four shelters across the U.S.: the Arizona Humane Society in Phoenix; the Humane Society of Western Montana in Missoula; DeKalb Animal Services in Decatur, Georgia; and the SPCA of Texas in Dallas.

This time around, dogs spent two nights away from the shelter in the home of a volunteer foster parent, and their cortisol levels were measured before they left the shelter, on each day of their time away and for two days after they arrived back at the shelter.

Researchers wanted to look at the two-day post-intervention baseline cortisol level — as opposed to just the one-day post-intervention level — because there was some concern after the initial study that following the intervention, the dogs’ stress may actually increase over the next few days to levels higher than it was before they left the shelter, due to the shock of getting a break and then having to return.

“Some people were like, ‘Well yeah, they get to go spend time in a home but then they have to come back!’” Gunter said.

However, Gunter and her team found that two days post-intervention, the dogs’ cortisol levels were no higher than before they left the shelter for the sleepover. And at all four sites, they found reductions in cortisol levels during the sleepover.

“Our interpretation of [the results] is that these sleepovers are kind of like a weekend to the work week,” Gunter said. “It doesn’t make all the dogs’ stress go away but it lets them go to a house, take a breather, rest and recharge. And then come back to the shelter ready to find their forever home.”

One additional interesting finding was a difference in stress levels of dogs between shelters. What that suggests is that there may be best practices for running shelters that can make them less stressful environments.

Factors such as a lack of social interaction and high noise levels can have a huge effect on dogs’ well-being. According to Gunter, one study even found dogs who had spent six months or more in a shelter showed signs of damage to their hearing.

“The fact that we saw the sleepover intervention working despite the differences in the shelters suggests to us that it would be a useful practice [for shelters to implement],” she said.

Panting and howling? Sure signs of distress

We might think that when a dog pants it needs water or that when it howls it’s just admiring the moon, but we don’t actually have scientific proof of why it’s acting that way. So for another of Gunter’s recent studies, carried out at the Arizona Humane Society and funded by PetSmart Charities, she set out to identify behavioral indicators of welfare by linking them to dogs’ physiological responses.

She and her team analyzed footage of 62 dogs in their kennels over a four-hour period, noting various behaviors throughout. They then compared their findings to physiological data taken from the dogs, including cortisol levels, heart rates and amount of movement, to determine which behaviors were indicative of increased stress.

Behaviors such as barking, howling, pawing at the kennel and panting were shown to be associated with a more engaged stress response.

Though Gunter stressed the results are only preliminary, behaviors such as the dog scratching itself or stretching, which were associated with a less engaged stress response, could be indicative of the dog actually coping with stress.

Taking physiological measurements was key in this study, as it allowed researchers to get a more complete picture of the dogs’ stress response. The better we understand that, the better we’ll be able to intervene and help, through practices like the sleepover intervention.

“If we can find the behaviors that are related to stress or welfare, then we can really start looking at not only how they’re doing in the shelter but what can we do to improve their welfare,” Gunter said.

More than just pit bulls and Chihuahuas

Gunter has two dogs, one of which, Sweetie, is half Chesapeake Bay retriever, a quarter American Staffordshire terrier, an eighth rottweiler and an eighth German shepherd.

“We know that from DNA analysis,” Gunter said. “I never knew what she was for so long, and I totally thought I knew. And I was wrong.”

What she found in the final study was that quite often, so are shelters.

For her master’s degree work, Gunter looked at how labeling a dog as a certain breed can influence people’s perception of its personality and whether or not it gets adopted. For this latest study, she took that a step further.

Gunter and her team performed a DNA analysis on nearly 1,000 dogs from two shelters: the Arizona Animal Welfare League and the San Diego Humane Society.

Some key findings:

• Less than five percent of the dogs in the shelters were purebreds.

• Most often dogs had at least three breeds in their heritage, and sometimes as many as five.

• Over 125 breeds were identified across the nearly 1,000 dogs. More than 90 of those breeds were shared between dogs at the San Diego and Arizona locations.

“So we’re kind of selling dogs short when we’re thinking they’re all Lab mixes and border collie mixes or pit mixes or Chihuahuas,” Gunter said. “Shelter dogs are way more interesting than that. There’s a lot of variability in breed and in combinations.”

One dog she and her team came across, Bruce, turned out to be a beagle, cocker spaniel and Labrador mix.

“Previous research that’s been done suggests that one reason why folks don’t go to the shelter is because they don’t perceive that the type of dog they’re looking for is there. And I think what that says is, well, maybe (they are) though,” Gunter said.

Researchers addressed what Gunter calls “a common refrain on the West Coast,” that shelters only have pit bulls and Chihuahuas. What they found was that "pit bull-type“Pit bull-type” breeds include American Staffordshire terriers, Staffordshire bull terriers, American bulldogs, bull terriers, etc., each of which is its own separate breed." breeds and Chihuahuas only accounted for about 50 percent of dogs in the shelters.

They also looked at how accurate shelter staff were at identifying dog breeds, based on the dogs’ DNA analyses. When it came to picking out one breed in the dog’s overall makeup, the staff were right about two-thirds of the time. When staff was asked to pick out more than one breed (which most dogs in shelters are), they were right only about 10 percent of the time.

“That that has nothing to do with the expertise of staff,” Gunter said. “I think that has everything to do with [the fact that] it’s a really hard job to just look at a dog and know what it is.”

She added that we don’t really know how multiple breeds in an individual dog influence its behavior anyway.

“Just because a dog is a border collie-Lab mix doesn’t mean it’s going to herd and swim well,” she said. “At the end of the day, it just matters if they’re a good fit for your home and for your life and for your family. And that’s something that you’ve just got to take on a dog-by-dog basis.”

Top photo: ASU psychology doctoral candidate Lisa Gunter play with Cera, a mixed breed, at the Arizona Humane Society Sunnyslope campus in Phoenix. Photo by Charlie Leight/ASU Now