Microsoft new algorithm recognizes password spray attacks

During the last few weeks of October, Microsoft is promoting digital security efforts as part of its observance of National Cyber ​​Security Awareness Month. Awareness Month or NCSAM)).

Η has announced new initiatives to promote cyber awareness, it has revealed Zero Trust Deployment Center, released one Adversarial ML Threat Matrix and started a pretty successful attack against the malicious botnet Trickbot.

Now h δήλωσε ότι έχει αναπτύξει έναν νέο αλγόριθμο βασισμένο στη εκμάθηση που ανιχνεύει επιθέσεις ψεκασμού κωδικών (password spray attacks) with significantly improved performance from its previous mechanism.

For those not in the know, a password spray attack is a relatively crude and common form of cyberattack in which a malicious it attacks thousands of IPs with a few commonly used passwords instead of trying multiple passwords on a single user.

Although the success rate per account is not impressive enough, the attack is very difficult to detect.

To combat password spraying attacks, Microsoft created a mechanism that recognizes "basic system failure in ... worldwide traffic" and alerts organizations at risk. Today the company has improved this mechanism by training a new machine learning algorithm that uses features such as IP reputation, unknown properties and other account discrepancies to detect when someone is being attacked by password spraying.

Microsoft claims that its new model has a 100% increase in recall compared to the previous heuristic algorithm. This means that it detects twice the number of compromised accounts. In addition, it has 98% accuracy, which means that if the model claims that an account has been hacked by a password, then it is almost certainly true.

The new model will soon be available to Azure AD Identity Protection customers, who will be able to use it on the portal and the APIs they use to protect their identity.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).