- Microsoft reveals that it is developing a threat detection tool
- The IRE project has obtained so far in precision tests
- The tool has the potential to meet the ‘gold standard’ for malware classification.
Microsoft has introduced a new AI tool that says it has the ability to meet the “gold standard” of malware detection, identification and classification.
While it is only a prototype of work, Project Ire has shown a great promise in its ability to detect and invest engineering malware without any context of the origin or purpose of the file.
Microsoft plans that Project Ire joins the Microsoft defender as a ‘binary analyzer’ used to identify malware in the memory of any source in the first meeting.
Autonomous malware detection
The tool is still in the early stages of development, but in the test scenarios of the real world of Microsoft, the Ire project managed to detect almost 9 out of 10 malicious files in precision tests, but only managed to detect a little more than a quarter of malware in the memory tests. However, in these initial tests, there was a 4%false positive rate.
“While the general performance was moderate, this combination of precision and a low error rate suggests a real potential for future implementation,” Microsoft said in a blog post. In addition, in this test, the ai tool had no knowledge of nor had any of the 4,000 files he scanned.
The tool generates a report on each potentially malicious file that identifies, summarizing why certain parts of the file could indicate it as malware.
In a separate test against a public data set of a legitimate and malicious Windows controllers, the tool again detected 9 out of 10 malicious files correctly with a false positive rate of 2%. The recovery rate was also significantly higher, noting 0.83 in this test.
Looking to the future, Microsoft will continue working to improve the capacity of Project Ire to detect fast -scale malware and precisely, and hopefully it will include AI inside the Microsoft defender as a threat detection tool and software classification.
Threat actors are increasingly taking advantage of AI tools to generate malicious files on scale, but cyber security organizations are also taking advantage of AI technology to fight.
