It is certain that artificial intelligence (AI) is revolutionizing the landscape of cybersecurity. Through the use of AI, organizations are able to detect and respond to threats more quickly and effectively (Zwets, 2022). An application of AI within the field of cybersecurity that shows a lot of promise is the detection of malware. Malware can be described as all types of malicious software that is designed to intentionally exploit or damage any service, device or network (Cisco, n.d.). Many problems that occur on the internet today, such as spam e-mails and DoS attacks, are caused by malware. Additionally, malware is constantly evolving and becoming more complex, which calls for new and better solutions that can keep up with these changes.
According to a report of Pillsbury, which is an international law firm focused on technology, and the Intelligence Unit of The Economist, almost 50% of world leaders consider AI to be the best method for countering nation-state malware attacks (Mavrona, 2022). Traditional methods of malware detection are dependent on signatures, heuristics or patterns detected in sandboxes. These require a lot of work to be manually analysed by cybersecurity analysts. AI can enhance and automise current techniques of malware detection as well as generate new methods that can detect unknown malware and zero-day attacks (Mavrona, 2022). The latter is an important task that is difficult to perform with traditional tools. In comparison to static malware detection, AI and machine learning algorithms can create dynamic tools that can learn from historical data to identify malware patterns, even when the patterns or signatures are not known yet. AI is already being used by some companies, however, the number of AI-based detection techniques could be significantly increased, considering its potential.
Recently, Quantum Star, a start-up from Idaho, America, has released a detection-software that is based on AI (Verdict, 2022). The software can achieve more than 99% accuracy in detecting malicious content without any prefiltering (Verdict, 2022). At the same time, the software requires very little resources to be executed (Verdict, 2022). Solutions like these shall provide a crucial change in the cybersecurity landscape, where companies and institutions can improve their cybersecurity significantly and detect even zero-day attacks. As technology keeps on evolving, we can expect to see even more innovative and effective ways of using AI to detect and respond to threats. However, this also poses the question, how malware itself will evolve with AI as a technology growing in popularity. If cybersecurity improves due to AI, will attackers convert to using AI for making their malicious software even more complex and smart? And will AI based detection software be able to detect AI based malware? I guess we will have to see.
References
Cisco (n.d.). What is Malware? – Definition and Examples. [online] Cisco. Available at: https://www.cisco.com/c/en/us/products/security/advanced-malware-protection/what-is-malware.html [Accessed 14 Oct. 2022].
Mavrona, R.C., Katerina (2022). The Artificial Intelligence and Cybersecurity Nexus: Taking Stock of the European Union’s Approach. [online] Carnegie Europe. Available at: https://carnegieeurope.eu/2022/09/15/artificial-intelligence-and-cybersecurity-nexus-taking-stock-of-european-union-s-approach-pub-87886 [Accessed 14 Oct. 2022].
Verdict (2022). Quantum Star Rolls Out AI-Based Malware Detection Software. [online] Verdict. Available at: https://www.verdict.co.uk/quantum-star-rolls-out-ai-based-malware-detection-software/?_gl=1 [Accessed 14 Oct. 2022].
Zwets, B. (2022). AI brengt cybersecurity vooruit, maar biedt ook hackers volop kansen. [online] Techzine.nl. Available at: https://www.techzine.nl/blogs/security/499387/ai-brengt-cybersecurity-vooruit-maar-biedt-ook-hackers-volop-kansen/ [Accessed 14 Oct. 2022].
The detection of new types of malware was traditionally achieved by Heuristic analysis, where the code was analysed to detect suspicious behaviours and patterns. Existing rule-based Heuristic methods have already achieved high levels of success in detecting new types of malware. However, an AI system could be trained using existing Heuristic systems as a baseline to better handle edge cases which cannot be handled by rule based systems, and false positives could also be reduced since we would not be relying on strict rules. In the future, AI will certainly replace Heuristic analysis completely and act as a complement to signature based malware detection based on the trends mentioned in the article.