New Method Can Stop Cyberattacks in Less Than a Second

The method has been shown to completely prevent corruption of up to 92% of files on a computer, removing an average malicious program in just 0.3 seconds.

Computers, laptops and other smart devices in our homes could be protected by artificial intelligence that can quickly detect and eliminate malware.

Cardiff University Researchers have developed a new approach to automatically detect and stop cyberattacks on our laptops, computers and smart devices in less than a second.

By using artificial intelligence in a whole new way, the technology has been found to effectively prevent up to 92% of data on a computer from being corrupted, deleting a malware in just 0.3 seconds on average.

The team published their findings in security and communication networks on December 6th and say this is the first demonstration of a method that can both detect and kill malicious software in real-time, which could change approaches to modern cybersecurity and prevent incidents like the recent WannaCry cyberattack on the NHS in 2017 .

The new strategy, developed in collaboration with Airbus, focuses on monitoring and predicting malware behavior, as opposed to more typical antivirus technologies that analyze what a malware looks like. It also leverages the latest advances in artificial intelligence and machine learning.

“Traditional antivirus software looks at the code structure of a malware and says, ‘Yes, that sounds familiar,'” explains Professor Pete Burnap, co-author of the study.

“But the problem is that malware authors just hack the code and change it so the next day the code looks different and isn’t detected by the antivirus software. We want to know how a malware behaves so that it leaves a fingerprint as soon as it attacks a system, e.g. B. opening a port, creating a process, or downloading data in a specific order, which we can then use to build a behavior profile.”

By training computers to run simulations for specific pieces of malware, it is possible to make a very quick prediction, in less than a second, of how the malware will later behave.

Once a piece of software is flagged as malicious, the next step is to delete it, and this is where the new research comes in.

“Once a threat is detected, the speed of some destructive malware makes it essential to have automated actions to support those detections,” Professor Burnap continued.

“We were motivated to do this work because nothing was available that could perform this type of automated detection and killing on a user’s computer in real time.”

Existing products, known as Endpoint Detection and Response (EDR), are used to protect end-user devices such as desktops, laptops, and mobile devices and are designed to quickly detect, analyze, block, and contain ongoing attacks.

The main problem with these products is that the collected data needs to be sent to administrators in order for a response to be implemented, by which time malware may already have done damage.

To test the new detection method, the team set up a virtual computing environment representing a group of commonly used laptops, each running up to 35 applications simultaneously to simulate normal behavior.

The AI-based detection method was then tested on thousands of malware samples.

The lead author of the study, Matilda Rhode, now Head of Innovation and Scouting at Airbus, said: “While we still have some work to do to improve this[{” attribute=””>accuracy of this system before it could be implemented, this is an important step towards an automated real-time detection system that would not only benefit our laptops and computers but also our smart speakers, thermostats, cars, and refrigerators as the ‘Internet of Things’ becomes more prevalent.”

Reference: “Real-Time Malware Process Detection and Automated Process Killing” by Matilda Rhode, Pete Burnap and Adam Wedgbury, 6 December 2021, Security and Communication Networks.
DOI: 10.1155/2021/8933681

(function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(d.getElementById(id))return;js=d.createElement(s);;js.src=” 1&version=v2.6″;fjs.parentNode.insertBefore(js,fjs);}(document,’script’,’facebook-jssdk’));

New Method Can Stop Cyberattacks in Less Than a Second Source link New Method Can Stop Cyberattacks in Less Than a Second

Related Articles

Back to top button