5.9.18

Award-winning news, views, and insight from the ESET security community



Of ML and malware: What’s in store?


All things labeled Artificial Intelligence (AI) or Machine Learning (ML) are making waves, but talk of them in cybersecurity contexts often muddies the waters. A new ESET white paper sets out to bring some clarity to a subject where confusion often reigns supreme
It is no mean feat to find an area in business and technology where the proponents of Artificial Intelligence (AI) or Machine Learning (ML) don’t tout the benefits of any of their manifold applications. Cybersecurity is no exception, of course. Given the promised benefits of the technology and the urgency of stemming the rising tide of internet-borne threats, the sustained fever that this “next big thing” has triggered is understandable.
However, this is also why it might be good to cool down and consider the broader picture, including where the technology’s often already-apparent promise and limitations reside. And, of course, it would be remiss of us should we also not consider the attendant risks and ask the question whether AI can fuel future malware.
https://www.welivesecurity.com/2018/09/04/ml-malware-whats-in-store/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29

ML has brought various benefits to cyber-defenders, including enhanced scanning, faster detection, and improvements in the ability to spot anomalies. Ultimately, all this has contributed to a higher level of protection for many enterprises.
On the other hand, the potential of the technology isn’t lost on adversaries, who are likely to attempt to harness its efficiency to fuel cyberattacks, especially those of the labor-intensive kind. That leads to the threat of cyberattacks ultimately becoming more difficult to detect, track, and mitigate.
ESET is well-positioned to offer its insight into the upcoming challenges and possible scenarios, having fought crafty attackers for more than three decades, including with the help of supervised ML for years. The white paper considers ways in which AI/ML could be co-opted by attackers, such as for protecting their own infrastructure, for generating and distributing new breeds of malware, for conducting reconnaissance of targets, and for identifying vulnerabilities in company systems, to name just a few possibilities.
To be sure, a survey commissioned by ESET has found that the prospects for the virtuous and the villainous applications of AI/ML are not lost on IT decision makers in US, UK and German businesses. In addition to shedding light on their attitudes towards the implications of AI/ML both for offense and defense, the poll also finds that many executives are aware of the vendor hype that encompasses the subject.
Indeed, the limitations of the technology are often lost in all the hype about the “brave new world” that AI/ML is poised to proffer. However, our extensive experience in endpoint security and experimenting with applying several ML approaches to it lays bare several ways in which ML algorithms in general may fall short or be susceptible to subversion. Claims about ML-based defensive solutions being fail-safe are, of course, fact-challenged. Instead, a multi-layered approach where ML is but one brick in your wall can augur well for your defenses.
To learn more about the different facets of AI/ML outlined above, as well as about the inner workings of ESET’s implementation of ML in its multi-layered engine and its business and home solutions, head over to the white paper itself.