AI has been helping you with ordering food, assist you in daily household chores, imbibing your personality in games and now it has been advancing towards digital data security.
The IT space has recently been stricken with ransomwares(malware type) twice in the past six weeks and hence we need better defenses. That's where AI comes in role. With patches of code being released to identify malware on the go, AI has a long path to follow but we can only hope the best.
Let's understand the basics of malware & how AI can be interleaved in it to secure our digital data!
Finding a malware with newer techniques
Gone are the days when identifying malicious programs involved matching their code against a database of known malware. Today the new malware variants could easily slip through and hence security companies have started characterizing malware by its behavior, singular or combined.
For instance, a technique identifies malware by carefully observing the characteristics usually associated with malicious intent - such as, by quarantining a program disguised with a PDF icon to hide its true nature. We all have been there!
This sort of malware profiling doesn't rely on exact code matches, but on checks that could be made well before potentially dangerous programs start running.
The real struggle with malware & machines
Identifying a malware with two or three characteristics might not properly solve the issue at hand. But how about dozens? Or hundreds? Or even thousands? This could do the trick well.
AI is the technology helping researchers achieve this humungous task. The security system analyzes samples of good & bad software and figures out a combination of factors likely to be present in the malware.
It learns as it encounters new software, and calculates the probability of a malware aliasing as a software, compares it to a score and rejects everything that's above the threshold.
The system is self-learning and adjusts the calculations in a matter of minutes.
Now and then, researchers see a new behavior to teach the machine.
Can AI aid the malware creators?
Dmitri Alperovitch, co-founder and chief technology officer at the California vendor CrowdStrike, said that even if a particular system offers 99 percent protection, "it's just a math problem of how many times you have to deviate your attack to get that 1 percent."
Malware writers can obtain these security tools and tweak their code to evade detection. AI enables them to create their own machine-learning models to defeat security-focused artificial intelligence.
Why is malware still prevalent?
Ransomware has been able to spread in recent weeks due to outdated and garden-variety anti-virus software.
While some of the free versions block new forms of malware, they are already incorporating behavioral-detection and machine-learning techniques. But these softwares again rely on malware databases that we, users, aren't good at keeping up to date
Next-generation services such as CrowdStrike, SentinelOne and Cylance tend favor database-less machine learning but at a cost of $40-50 per year which doesn't exactly fit into the budget of both end user & SMEs.
In all, AI has a long way to go with malwares & machines.
Source: HOB Team