By: Harold Selden
Malware has proven increasingly difficult to detect via signature or heuristic-based methods, which means most Antivirus (AV) programs are woefully ineffective against mutating malware, and especially ineffective against APT attacks (Advanced Persistent Threats). Typical malware consists of about 10,000 lines of code. Changing only 1% of the code renders most AV ineffective.
Five to six years ago marked the beginning of the use of machine learning to solve non-linear problems such as facial recognition or understanding malware, and what features one needs to extract to uniquely identify such programs. Other techniques, such as sandboxing and machine-based techniques, are not as fast nor as accurate as Deep Learning…read more.