A new method that uses AI to detect and block cyberattacks in less than a second has been invented by researchers at Cardiff University.
It has been shown that the method successfully prevents damage to up to 92% of files on the computer, the destruction of malware takes an average of only 0.3 seconds.
Publish your findings in a journal Security and communication networksa team from Cardiff University says this is the first demonstration of a method that can detect and destroy malware in real time.
It is hoped that the new method can change approaches to modern cybersecurity, especially for schools and universities that are perceived as high-risk.
Leveraging advances in artificial intelligence and machine learning, the new approach, developed in collaboration with Airbus, is based on monitoring and predicting the behavior of malware. This is in contrast to more traditional anti-virus approaches that analyze what a piece of malware looks like.
Professor Pete Burnap, co-author of the study, explains: “Traditional antivirus software will look at the code structure of a piece of malware and say, ‘Yes, it looks familiar.’ But the problem is that malware authors just cut and modify the code, so the next day the code looks different and is not detected by antivirus software.
“We want to know how malware behaves, so once it starts attacking a system, such as opening a port, creating a process or loading some data in a certain order, it will leave a fingerprint that we can use to create a behavioral profile ».
By training computers to run simulations on specific parts of malware, one can make a very quick prediction in less than a second as to how the malware will behave further.
Once a piece of software is labeled as malicious, the next step is to remove it, and here a new study comes into play.
To test the new detection method, the team created a virtual computing environment that represents a group of frequently used laptops, each running up to 35 applications simultaneously, to simulate normal behavior, and added thousands of malware samples.
Lead author Matilda Rod, now head of innovation and scouting at Airbus, said: “While we still have a way to improve the accuracy of this system before it can be implemented, it is an important step towards a real-time detection system.” .
“This system will benefit not only our laptops and computers, but also our smart speakers, thermostats, cars and refrigerators as the Internet of Things becomes more common.”