Sign In

Communications of the ACM

ACM TechNews

Researchers Enlist Machine Learning in Malware Detection

A representation of automated malware detection.

Cylance researchers are using machine learning to improve malware detection.


Cylance researchers are using machine learning to improve malware detection.

Cylance's Matt Wolff and Andrew Davis are training software to quickly spot and ultimately stop malware infections, using deep-learning techniques. They are training a special machine-learning tool module on legitimate and malicious files to teach the application the difference between the two. The algorithm employs static analysis of a piece of code to quickly spot malware in a file that it has never seen before.

"We don't run [the malware], so the malware doesn't have a chance," Wolff says. Moreover, the researchers note the approach is faster than sandboxing and analyzing malware.

Machine/deep learning is particularly helpful in staying atop the increasingly polymorphic nature of malware. "If a malware author two months later comes up with a new [variant], there's a high probability the module you wrote is going to detect that," Wolff says. "It has a predictive capability."

Wolff and Davis say the deep-learning system could ultimately replace existing malware detection tools, and they plan to feed the deep-learning module some malware live during a presentation at the Black Hat USA 2015 conference in August.

From Dark Reading
View Full Article


Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account