Sign In

Communications of the ACM

ACM TechNews

Researchers Enlist Machine Learning in Malware Detection


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A representation of automated malware detection.

Cylance researchers are using machine learning to improve malware detection.

Credit: chmag.in

Cylance researchers are using machine learning to improve malware detection.

Cylance's Matt Wolff and Andrew Davis are training software to quickly spot and ultimately stop malware infections, using deep-learning techniques. They are training a special machine-learning tool module on legitimate and malicious files to teach the application the difference between the two. The algorithm employs static analysis of a piece of code to quickly spot malware in a file that it has never seen before.

"We don't run [the malware], so the malware doesn't have a chance," Wolff says. Moreover, the researchers note the approach is faster than sandboxing and analyzing malware.

Machine/deep learning is particularly helpful in staying atop the increasingly polymorphic nature of malware. "If a malware author two months later comes up with a new [variant], there's a high probability the module you wrote is going to detect that," Wolff says. "It has a predictive capability."

Wolff and Davis say the deep-learning system could ultimately replace existing malware detection tools, and they plan to feed the deep-learning module some malware live during a presentation at the Black Hat USA 2015 conference in August.

From Dark Reading
View Full Article

 

Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA


 

No entries found