Nextcloud 16 becomes smarter with Machine Learning for security and productivity

Nextcloud 16 introduces a number of intelligent features designed to make the users’ lives easier and keep data safe. Suspicious Login Detection uses a locally trained neural network to detect attempts to login by malicious actors. Share recommendations suggests people and groups the user frequently shares with and our new Recommendations app adds a list of files and folders the user might be interested in, based on recent activity on these files and other factors.

As this release brings so many improvements, we’ve written 4 other blogs with more details about the main features:

• Nextcloud 16 introduces machine learning based security and usability features, ACL permissions and cross-app projects
• ACL permissions for Groupfolders
• Nextcloud 16 allows you to link resources to keep track of your projects
• Talk 6.0 brings commands, improved user experience and more

Suspicious Login Detection

From cutting-edge browser protections like CSP and SSC to password-checks using the online breached-password database by Troy Hunt and unique malware recovery technologies, Nextcloud has been at the forefront of developing solutions to constantly changing security threats. Protecting logins with brute-force protection and 2-factor authentication makes it harder to hack user accounts, but the growing sophistication of attacks makes new, more intelligent protections essential. Nextcloud 16 introduces a brand new solution protecting Nextcloud systems using machine learning to detect suspicious login behavior and warn the user.

The Suspicious Login Detection app tracks successful logins on the instance for a set period of time (default is 60 days) and then uses the generated data to train a neural network. As soon as the first model is trained, the app starts classifying logins. Should it detect a password login classified as suspicious by the trained model, it will add an entry to the suspicious_login table, including the timestamp, request id and URL. The user will get a notification and the system administrator will be able to find this information in the logs.

When the user is notified, they can go to the security section in their user settings, terminate the suspicious session, and proceed to set a new password. The administrator can also take action, like disabling user accounts or forcing users to pick a new password.

Suspicious Login notification on mobile

Suspicious Login notification in the browser

Note that Suspicious Login Detection trains and works with local data and does not sent data anywhere else!

You can read a blog with more background behind this exciting new technology from its developer here!

Smarter collaboration

Nextcloud was designed to help users accomplish tasks quickly and efficiently. Nextcloud 16 introduces two new ‘smart’ features which help with this: share recommendations and file recommendations.

When the user clicks the ‘share’ button, Nextcloud 16 will immediately show groups and users they frequently share with in the drop-down menu. This makes it quicker and easier to share files and folders with the teams and individuals they frequently work with.

With favorites in the sidebar and sorted on top of the list of files in each folder, users can organize their important data and make it quick and easy to find. With the Recommendations app, Nextcloud goes a step further, trying to predict what data the user is interested in. Showing recommended files on top of the files list, Nextcloud 16 helps users find relevant data with even less effort. This will, for example, show a photo their phone just uploaded, or a file a colleague just shared or commented upon.

The recommendations are based on recent activity as well as other measures, and over time more factors can be taken into account.