It’s all hands on deck in the fight against mobile and desktop malware. The good news is that artificial intelligence (AI) is proving to be as potent in this battle as it is in other endeavors in which massive amounts of data must be assessed, trends deduced, and plans of action put in play.
Network World offers a very interesting story featuring a startup called Deep Instinct. With the platform, the way in which malware detection works is that the antivirus software is kept current with every known piece of malicious code that potentially can affect users. The downsides of this are that the updating of malware signatures, or “definitions,” is constant. On top of that, even slight differences to the bad code can enable it to get past antivirus software.
Streamlining this approach plays to AI’s strength. Deep Instinct, for instance, studied as many as 1 billion pieces of code to train itself on how to detect malware. The resulting file is then made into something that can be used to protect computing equipment:
The resulting trained system is about a gigabyte in size, he said, too big for most applications, but then the company prunes it down to about 20 megabytes. It can then be installed on any endpoint device, including mobile, and can analyze incoming threats in a few milliseconds on the slowest machine.
The good news for us humans is that AI needs us (at least for now), according to a presentation made by Kalyan Veeramachaneni, a scientist at the Massachusetts Institute of Technology (MIT), at SWIFT’s Sibos conference in Geneva. Essentially, the idea is to use the input from an analyst to build a virtual assistant that can help the AI engine refine its techniques and approaches and move from identifying obvious “outliers” to finding deeply hidden and dangerous bits and pieces of code. The process can be used on a continual basis to refine the core AI engine’s approach.
AI is becoming an accepted element in security. Last week, Symantec introduced Endpoint Protection 14 which, according to the company, combines AI, machine learning, memory exploit mitigation and threat intelligence. The company leveraged the research and development arms of Blue Coat, which it acquired for $4.6 billion last month.
It seems natural that AI would be a potent – perhaps pivotal – weapon in the fight against malware. The use of the tool almost certainly won’t slow down. That raises a fairly interesting and frightening question: What is to stop the thieves from using these platforms as well?
Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at [email protected] and via twitter at @DailyMusicBrk.