Synthetic Media, Deepfakes, and Cyber Deception

Auteur
Cameron H. Malin is a Behavioral Profiler with over 20 years of experience investigating, analyzing and profiling cyber adversaries across the spectrum of criminal to national security. He is the founder of the FBI Behavioral Analysis Unit's (BAU) Cyber Behavioral Analysis Center (CBAC) and the longest serving FBI Cyber Profiler. He is a co-author of the authoritative cyber deception book, Deception in the Digital Age: Exploiting and Defending Human Targets Through Computer-Mediated Communications (published by Academic Press, an imprint of Elsevier, Inc.) and co-author of the Malware Forensics book series: Malware Forensics: Investigating and Analyzing Malicious Code, Malware Forensics Field Guide for Windows Systems, and Malware Forensics Field Guide for Linux Systems (all published by Syngress, an imprint of Elsevier, Inc.). Cameron is the creator of Digital Behavioral Criminalistics a combined application of numerous forensic disciplinesdigital forensics, criminalistics, and behavioral sciencesto meaningfully uncovering offender thoughts and actions in digital artifactsas well as the Cyber Pathway to Intended Violence (CPIV)a model for assessing violent offenders who have engaged computer systems, devices, and/or online resources before, during, and/or after a premeditated, violent act. These important emerging topics were published in his book chapter Digital Behavioral Criminalistics to Elucidate the Cyber Pathway to Intended Violence in the International Handbook of Threat Assessment, 2nd Edition (Oxford University Press, 2021). Prior to working for the FBI, Cameron was an Assistant State Attorney (ASA) and Special Assistant United States Attorney in Miami, Florida, where he specialized in computer crime prosecutions. During his tenure as an ASA, he was also an Assistant Professorial Lecturer in the Computer Fraud Investigations Master's Program at George Washington University. Dr. Matthew Canham is the CEO of Beyond Layer 7, a security consulting firm specializing in mitigating insider risk, human-centric security solutions, and data analytics. He is a founding member of the Cognitive Security Institute, a non-profit organization dedicated to research and understanding the nuances of defending human and artificial decision makers from cognitive attacks. He currently holds an affiliated faculty member appointment with George Mason University, where the focus of his research orients around synthetic media deepfake-social social engineering attacks, cognitive security, and insider risk. Dr. Canham was previously a Special Agent for the FBI, where he investigated cybercrimes, insider threats, and ran cyber HUMINT operations as a certified online covert employee. During his tenure with the FBI, he also served as a subject matter expert with the Behavioral Analysis Program (BAP) and as the Technical Liaison between the Operational Technology Division (OTD) and the Cyber Behavioral Analysis Center (CBAC). Dr. Canham has previously taught courses on synthetic media attacks, cognitive warfare, human-centric security, and insider risk for: NATO, NASA (Kennedy Space Center), DARPA, MIT, BI (Oslo), Aberdeen Proving Ground, and the FBI. He holds a PhD in Cognitive Psychology with special expertise in human centric security, data analytics, and behavioral engineering.Dr. Kirk Kennedy is a licensed clinical psychologist, and he retired after serving 31 years in the U.S. Government including four years of active duty with the U.S. Air Force. In addition, he worked for NSA, CIA, Department of Defense (DoD) Counterintelligence Field Activity, and the FBI. For six of his 11 years in the FBI, he worked in the Behavioral Analysis Unit's Cyber Behavioral Analysis Center applying psychology to cyber-crime investigations and counterintelligence activities. In addition, he provided case consultations on counterterrorism, counterespionage, and violent crime investigations. In addition, he conducted research on insider threats, and he provided training for federal agents and analysts, including the ANSI-credentialed Behavioral Science Research Methods Course and the Psychology of Intelligence Collection and Analysis Course for the Intelligence Community Advanced Analyst Program. Since his retirement from federal service in 2020, he has worked as a contractor on a variety of DoD and military contracts to provide independent psychological consultation on a wide range of training, research, and personnel selection initiatives.

Texte du rabat
The use of artificial intelligence to fabricate or augment identities is a central information security issue that has raised to the top of all threat lists. Synthetic mediädeepfakes, digital impersonation, and other technologies are rapidly changing the cyber threatscape by providing criminals with game-changing capabilities when using social engineering tactics. The introduction of deepfakes or hyper-realistic fabricated video or audio recordings created through advanced deep learning tools, such as autoencoders (AE) or generative adversarial networks (GAN), has meaningfully expanded cybercriminals arsenal to facilitate attacks with synthetic media. Synthetic Media, Deepfakes, and Cyber Deception: Attacks, Analysis, and Defenses *introduces the only analytical Synthetic Media Analysis Framework (SMAF) to help describe these cyber threats and help security professionals anticipate and analyze attacks. This framework encompasses seven dimensions: Credibility, Control, Medium, Interactivity, Familiarity, Intended Target, and Evocation. Synthetic media is a broad term that encompasses the artificial manipulation, modification, and production of information, covering a wide spectrum from audio-video deepfakes to text-based chatbots. Remote Online Social Engineering (ROSE) attacks depend upon gaining a victim s trust and convincing them that the scammer is legitimate. Synthetic media provides cyber attackers and scammers with a game-changing advantage over traditional ROSE attacks because they have the potential to convincingly impersonate close associates through text, imagery, voice, and video. This burgeoning threat has yet to be meaningfully addressed through any written treatment on the topic. *Synthetic Media, Deepfakes, and Cyber Deception is co-authored by three cyber influence and deception experts who have gained deep knowledge and experience on the topic through diverse, true operational pathways and backgrounds. The diversity and perspectives of the author team makes the content in the book the broadest and deepest treatment of synthetic media attacks available to readers. This book is a unique and unprecedented resource in the burgeoning science, theory, and analysis of synthetic media cyber deception.

Contenu

Section I: Principles of Influence and Persuasion 1. Psychological Principles of Online Influence 2. Online Credibility Assessment 3. The Psychology of Trust Section II: Principles of Online Deception 4. The Psychology of Deception 5. "Oh what a tangled Web 2.0 we weave": Typologies of Online Deception 6. Nation-State Cyber Deception Practices 7. Synthetic Media Use by Cyber Crime Threat Actors Section III: Understanding the Synthetic Media Assessment Framework 8. The Synthetic Media Kill Chain 9. Overview of the Synthetic Media Assessment Framework 10. Control 11. Medium 12. Interactivity 13. Familiarity 14. Intended Target 15. Evocation Section IV: Applying the Synthetic Media Assessment Framework 16. Putting it All Together Assessing Attack Scenarios 17. SMAF Best Practices