Communications of the ACM
Researchers Enlist Machine Learning in Malware Detection
Cylance researchers are using machine learning to improve malware detection.
Credit: chmag.in
Cylance researchers are using machine learning to improve malware detection.
Cylance's Matt Wolff and Andrew Davis are training software to quickly spot and ultimately stop malware infections, using deep-learning techniques. They are training a special machine-learning tool module on legitimate and malicious files to teach the application the difference between the two. The algorithm employs static analysis of a piece of code to quickly spot malware in a file that it has never seen before.
"We don't run [the malware], so the malware doesn't have a chance," Wolff says. Moreover, the researchers note the approach is faster than sandboxing and analyzing malware.
Machine/deep learning is particularly helpful in staying atop the increasingly polymorphic nature of malware. "If a malware author two months later comes up with a new [variant], there's a high probability the module you wrote is going to detect that," Wolff says. "It has a predictive capability."
Wolff and Davis say the deep-learning system could ultimately replace existing malware detection tools, and they plan to feed the deep-learning module some malware live during a presentation at the Black Hat USA 2015 conference in August.
From Dark Reading
View Full Article
Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA
No entries found