In order to pencil up against the implications of AI within the anti-malware context, there are several basic concepts that we need to make clear. Before we go any further, we need to get a clearer idea of what AI is. Various factors might have biased our perception of this matter; these include as the complexity of the concept itself, the continuous controversy it generates among the brightest contemporary minds or the AI-based sci-fi characters brought to our attention by the film industry. But the truth is that AI is part of our daily routine to an extent we are not even aware of.
Can we classify AI?
We can talk about three
major AI categories:
ANI (i.e., Artificial Narrow Intelligence):
This type of AI specializes in one specific area. Take it out of there, and it will practically be useless. AGI (Artificial General Intelligence):
Though we are yet to achieve it, we are talking about a computer as smart as a human being, able to plan, reason, solve problems or learn from experience as easily as we can.
ASI (Artificial Superintelligence):
We are now talking about an intellect that is far superior to the brightest human brains in any field you can think of, including social skills. This is the type of AI that generates the most controversy and brings to the table hot topics such as ‘extinction’ or ‘immortality. Though AGI and ASI are yet to come, ANI is already part of our lives, and it’s here to stay a little longer. From our email spam filter to Google Translate, smartphone apps, smart traffic systems to alleviate traffic congestion, or our car’s injection system, ANI is present in practically every single aspect of our lives. And that includes cybersecurity.
Which are the implications of AI in the malware and anti-malware context?
It is probably just a question of time before AI-based malware tries to break through all the defensive barriers we currently have in place.
Will security experts be ready to face such a threat? Or will AI-based malware cause havoc?
This is a crucial aspect, as an AI-based defensive system may not get another chance to defend itself against a superior opponent.
VPN developers have already achieved a revolutionary product that optimizes routing by using an algorithm that is based on a neural network. This means that the VPN can analyze Internet traffic and find the shortest and most secure route to the target server, thus reducing the number of possible attack points and making tracking practically impossible.
What’s notable about this system is the fact that the algorithm learns and reacts to routing changes.
Another excellent example of the use of AI for cybersecurity purposes would be Google’s Invisible reCaptcha, a system that uses the Advanced Risk Analysis. This is Google’s alternative to the use of those annoying CAPTCHAs that protect websites from spammers and bots. Since even the most sophisticated CAPTCHAs have been successfully broken, a new solution was required. Google’s new system uses AI to detect signs of human behavior such as movements of the mouse or the time between one click and another. This technology was launched in March 2017, and its inventors highlight the fact that, due to this technology, human users can pass through with zero clicks.
How about AI-based antivirus software?
Though the implementation of AI is still an emerging feature in the field of anti-virus solutions, developers are looking for ways to integrate AI into their products. Some break files into hundreds of pieces and make use of billions of indicators to determine if an executable is malware or not, wiping it off should one of these indicators are met.
SecureAge Technology’s take on
AI-powered anti-virus makes use of large amounts of high-quality data to effectively spot malicious patterns while also adapting itself against emerging behaviour to decisively identify new variants of malware. This makes it very effective against mutated threats that have since become the norm for attackers due to the ineffectiveness of traditional scanners in detecting them.
AI: The future of anti-malware software?
There is no doubt that the use of AI is slowly gaining a foothold in the security field. The WannaCry or Bad Rabbit ransomware attacks have clearly demonstrated that traditional security approaches are obsolete. If they can’t face today’s threats, how will they face tomorrow’s ones without significant changes?
The truth is that machines are much faster and more efficient than humans when it comes to analyzing vast amounts of data, classifying the new threats that appear each day, or predicting the risk of executable code. The use of Artificial Intelligence and Machine Learning technology while developing new strategies can make a difference in the field of both online and offline security.
However, it is imperative for AI-based and machine-learning product developers to pay attention to both the offensive and defensive abilities of their products. Because the race is on and bad guys will try to find a way to break through.