Antivirus That Mimics the Brain Could Catch More Malware

MIT Technology Review

October 29, 2015

By Will Knight

Deep learning antivirus software could reduce malware infections significantly.

Computer malware can often evade antivirus security software if the author changes a few lines of code or designs the program to automatically mutate before each new infection.

Artificial neural networks, trained to recognize the characteristics of malicious code by looking at millions of examples of malware and non-malware files, could perhaps offer a far better way to catch such nefarious code. An approach known as deep learning, which involves training a network with many layers of simulated neurons using huge quantities of data, is being tested by several companies.

An Israeli startup called Deep Instinct plans to launch an antivirus service based on the approach in the coming months. The company claims that its software is significantly better at catching modified versions of existing malware than current antivirus software. Those claims have yet to be independently verified, but others are exploring the use of deep learning for antivirus software, and their published results suggest it could help turn the tide in the battle against malware infections. ...

... George Cybenko, a professor at Dartmouth who studies the use of machine learning in computer security, says that the idea of using neural networks to scan for malware goes back more than a decade. But he says the emergence of deep learning will probably cause companies to give the approach a closer look.

Cybenko says the performance being claimed for deep learning virus detection systems would be “a breakthrough,” although the results will have to be tested scientifically. He also notes that virus writers are notoriously persistent. “If there’s a breakthrough, they’re going to do some R&D and come up with a new approach.”

Read full article