Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

AI makes security systems more flexible

Maria Korolov | Nov. 9, 2016
Advances in machine learning are making security systems easier to train and more flexible in dealing with changing conditions, but not all use cases are benefitting at the same rate

"It's under a millisecond for an average file of one megabyte," David said. "We do all the complex stuff with the really sophisticated infrastructure in our laboratory, and what the customers get is a very small brain. They don't see all the complexity."

Meanwhile, back at the lab, new malware samples are added to the data collection and every three or four months or so an update goes out to all the brains working away in the end point devices.

"But even if the brain is not updated for six months, it can still detect new files," David said. "Deep learning is very good at being agnostic to new changes or mutations."

Most of the millions of new malware samples that appear each day are tiny mutations of existing malware.

"Even brand-new zero-days from advanced threat actors and nation states are still 80 percent the same as the old ones," David said. "Traditional methods won't detect them. Deep learning will easily detect them."

The company is working with independent testing labs to quantify the results, he said, but early testing with Fortune 500 customers has shown a 20 to 30 percent higher malware detection rate compared to existing solutions.

"We recently did a test against 100,000 files at a major bank in the U.S.," he said. "The existing solution was updated the morning of the test, ours was 2 months old. Our solution got 99.9 percent detection, their's got 40 percent."

Finding the reasons why

One of the downsides of the newest deep learning systems is that they can come up with an answer -- but might not necessarily be able to explain how they did it.

But that's not always the case.

In fact, the main job of Eureqa, a proprietary AI engine from Nutonian, is to find explanations for why things happen.

For example, when pointed at physics data, Eureqa was able to rediscover Newton's Laws, said Michael Schmidt, the company's founder and CTO.

"It would find the simplest, most elegant way to describe what happens, and what that relationship is," he said.

The company has made the engine available for free to researchers, and it has already been helpful in more than 500 journal publications, he said. For example, in medicine, it has helped find new models to aid in diagnosing diseases such as macular degeneration and appendicitis.

And it also has applications in cybersecurity, he said.

"One of the hardest problems is to find out the anatomy of a cyberattack," he said. "One of the applications of AI with Eureqa is to do that process automatically."

Once a customer signs up for the cloud-based system, it can take about an hour to go over the data, and then answers come back very quickly.

 

Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.