Effective for Global Trends
AI-AntiVirus.com is for sale!
– Artificial intelligence AntiVirus –
The future of antivirus protection is exciting. Much like our cars, trains, and boats, the future of antivirus runs on artificial intelligence. AI technology is one of the fastest growing sectors around the world and security researchers are continually evaluating and integrating the technology into their consumer products. Consumer antivirus products with AI or machine learning elements are appearing thick and fast.
AI antivirus (or in some cases, machine learning—more on this distinction in a moment) works differently. There are a few different approaches, but AI antivirus learns about specific threats within its network environment and executes defensive activities without prompt.
AI and machine learning antivirus leverage sophisticated mathematical algorithms combined with the data from other deployments to understand what the baseline of security is for a given system. As well as this, they learn how to react to files that step outside that window of normal functionality.
Artificial intelligence has been touted by some in the security community as the silver bullet in malware detection. Its proponents say it’s superior to traditional antivirus since it can catch new variants and never-before-seen malware—think zero-day exploits—that are the Achilles heel of antivirus. One of its biggest proponents is the security firm BlackBerry Cylance, which has staked its business model on the artificial intelligence engine in its endpoint PROTECT detection system, which the company says has the ability to detect new malicious files two years before their authors even create them.
But researchers in Australia say they’ve found a way to subvert the machine-learning algorithm in PROTECT and cause it to falsely tag already known malware as “goodware.” The method doesn’t involve altering the malicious code, as hackers generally do to evade detection. Instead, the researchers developed a “global bypass” method that works with almost any malware to fool the Cylance engine. It involves simply taking strings from a non-malicious file and appending them to a malicious one, tricking the system into thinking the malicious file is benign.