AI forces you to rethink your defense strategies.
A Los Alamos National Laboratory research team has made a significant breakthrough in cybersecurity, using artificial intelligence to improve malware analysis on a large scale. The developed approach made it possible to significantly advance in the classification of malware for the Microsoft Windows operating system and set a new world record in the classification of malware families.
"Artificial intelligence methods developed for cyber defense systems, including large-scale malware analysis systems, must take into account real-world challenges," said Maxim Eren, a scientist in the Los Alamos Advanced Cybersystems Research Department.
The study, published in the journal ACM Transactions on Privacy and Security, presents an innovative method of using AI, which is a significant breakthrough in the field of classification of malware for Windows. The technique achieves a realistic classification of Malvari families by using semi-supervised tensor decomposition methods and selective classification, in particular the opt-out option.
"The opt-out option is the ability of the model to say,' I don't know, ' instead of making the wrong decision, which gives the model the opportunity to discover knowledge," said Eren.
This new method can accurately work with both large and small data sets at the same time, allowing you to detect both rare and common malware families. They can also reject predictions if they are not sure of their answer. This can give security analysts the confidence to apply these techniques in practical high-risk situations, such as cyber defense to detect new threats.
"As far as we know, our work sets a new world record by simultaneously classifying an unprecedented number of malware families, surpassing previous work by 29 times, in addition to working in extremely difficult real – world conditions of limited data, extreme class imbalance, and the presence of new malware families," said Eren.
Tensor decomposition techniques, combined with high-performance computing and GPU capabilities, are now available as a user-friendly Python library on GitHub, highlighting the cutting-edge nature of the team's approach and opening up new perspectives for improving cybersecurity measures.
A Los Alamos National Laboratory research team has made a significant breakthrough in cybersecurity, using artificial intelligence to improve malware analysis on a large scale. The developed approach made it possible to significantly advance in the classification of malware for the Microsoft Windows operating system and set a new world record in the classification of malware families.
"Artificial intelligence methods developed for cyber defense systems, including large-scale malware analysis systems, must take into account real-world challenges," said Maxim Eren, a scientist in the Los Alamos Advanced Cybersystems Research Department.
The study, published in the journal ACM Transactions on Privacy and Security, presents an innovative method of using AI, which is a significant breakthrough in the field of classification of malware for Windows. The technique achieves a realistic classification of Malvari families by using semi-supervised tensor decomposition methods and selective classification, in particular the opt-out option.
"The opt-out option is the ability of the model to say,' I don't know, ' instead of making the wrong decision, which gives the model the opportunity to discover knowledge," said Eren.
This new method can accurately work with both large and small data sets at the same time, allowing you to detect both rare and common malware families. They can also reject predictions if they are not sure of their answer. This can give security analysts the confidence to apply these techniques in practical high-risk situations, such as cyber defense to detect new threats.
"As far as we know, our work sets a new world record by simultaneously classifying an unprecedented number of malware families, surpassing previous work by 29 times, in addition to working in extremely difficult real – world conditions of limited data, extreme class imbalance, and the presence of new malware families," said Eren.
Tensor decomposition techniques, combined with high-performance computing and GPU capabilities, are now available as a user-friendly Python library on GitHub, highlighting the cutting-edge nature of the team's approach and opening up new perspectives for improving cybersecurity measures.
