What is the place of artificial intelligence in the war between hacker and it publishers antivirus solutions?
Anti-virus solutions and other computer security programs are increasingly beginning to use the Learning Machine tool to improve the ability to detect malware.
While this is good to see beneficial for deduction capabilities, it is also a significant disadvantage. Indeed, with the development of know-how, cyber criminals, it will be easy of course to find viable methods to mislead artificial intelligence. And we know that this is totally likely.
This article will also interest you: The year 2020 and cyber threats. What projections for what threats?
From a practical point of view, deep learning in French, deep machine learning can significantly add a boost to the detection method offered by the antivirus solutions of the moment. They have become more efficient but also faster. And speed in this area is crucial. The idea of merging deep learning with the antivirus solution was detailed at the CyberSec – AI which venue in Prague during October 2019. This combination of technology has been demonstrated by antivirus publisher Avast through some techniques that are already in production. For example, the publisher highlighted its protection module called Web Shield, which, through a proposed feature, allows the second largest URLs to be analyzed to detect malicious ones, which its many customers to the tune of 400 million, tend to visit almost at any time. this is explained in these terms, the exact operation of deep learning fusion and classic antivirus solution through the Web Shield: "A first network of neurons will try to detect anomalies in the address itself, both in terms of its structure and the arrangement of letters. A second neural network will then take a screenshot of the site and analyze parts of the image and compare it to existing legitimate sites. If the page looks like a page on Apple's site, but the address is not part of its domain, then it's a malicious URL," said Rajarshi Gupta, Avast's vice president of artificial intelligence.
And that's not all, deep learning is also used in behavioral analysis frameworks, which makes it easier to detect network attacks directed against their customers. For this antivirus editor has a blacklist that gathers more than 2 million unwanted IP addresses. "But it's hard to integrate such a blacklist locally with our customers. A neural network allows us to retain only the most virulent C-C (botnets) servers. In the end, we get a list of 200,000 addresses covering 95% of the attacks," explains Rajarshi Gupta. He will also note an essential point: "You can't do what you do in image recognition and have people say "this is malware" or "this is not malware." There is too much data to analyze and too few qualified people capable of doing so." as if to show the limits of deep learning at this point.
Now access an unlimited number of passwords: