Advances in Deep Learning Can Help Computers Fight Malware

Malicious software is always engineered to hide that it’s malicious. Programs meant to fight malicious software must be sophisticated enough to identify it despite its attempts at camouflage. So far the conflict has raged on with neither type of software able to eliminate the other completely and each type of software having no choice but to become ever more advanced. However, resolution may be just around the corner.

Cybersecurity company Deep Instinct just released a security solution that utilizes “deep learning” to enable a program to learn to identify bad code on its own, without being programmed to recognize anything in particular.

deep learning“Deep learning draws its inspiration from the human mind. It organizes itself into a structure of synthetic neurons. It’s another term for neural networks,” explained Bruce Daley, principal analyst at Tractica. “It was rebranded because there was so little progress with neural nets.”

Daley went on to explain exactly what kind of advantage deep learning capabilities can offer an application: “With traditional programming, as you code, you have to anticipate all the situations that arise that you have to deal with. What deep learning does is take the data and build a model from what it finds in the data that’s statistically relevant.”

“So you don’t have to anticipate all the relationships the program will encounter,” he added. “It turns into something like making beer or making bread.”

Another distinction: deep learning is more advanced than machine learning. For example, in the context of facial recognition software, a program would contain information about how to identify a nose, eyes, bone structure, etc. A facial recognition program outfitted with deep learning capabilities would be able to learn the facial features itself.

The difference between a normal program and one equipped with deep learning is profound; traditional programming methods allow for the slightest change in malicious code to fool a program. Deep Instinct CTO Eli David explained, “It’s as if I show you the picture of a cat, then I modify a few pixels, and you can’t recognize it’s a cat.”

Deep learning allows a program to have a much more comprehensive understanding of what makes malicious software what it is, so a few metaphorical “pixels” won’t make all the difference.

“With deep learning, you can show just the tail of the cat, and it will return with high confidence that it’s a cat. It is extremely resilient to variance and modification,” explained David.

Tractica forecasts that applications that utilize deep learning will generate a $10 billion market by 2024.deep learning stuff

Deep Instinct clearly believes it, and is now wagering on cybersecurity being a fruitful subset of deep learning applications. Given 2015’s proliferation of high-profile cyberattacks and the push towards increased government surveillance, it’s not a bad bet.

For how advanced Deep Instinct’s security solution is, it remains pretty small; it takes up only 10 MB of memory, and is generally inactive so it doesn’t take up much processing power either.

“Most of the time this agent does nothing,” said David. “When it detects a new file–any type of file– it passes it through the deep learning module on the device. If the file is malware, it will remove it or quarantines it.”

Leave a Reply