'Deep Learning' Technology Sees Through Security Software Blind Spots

By Wayne Rash  |  Posted 2015-11-02 Print this article Print
Deep Learning

The advantage of using deep learning is that malware and other cyber-security threats can be identified the first time they appear, reducing or eliminating the chance of a successful zero-day attack, which is what happens when new malware is developed and launched before antivirus software companies develop a signature.

Unfortunately, it takes little effort to make malware unrecognizable to most signature based anti-malware, which is why there are something like 250,000 new malware files with new signatures circulating worldwide every day, according to a recent Panda Labs report. While some of these will still be caught by existing software, not all of them will be.

The idea behind what Deep Instinct is doing with their product is to make it so that the security system instinctively recognizes malware without the need to recognize a signature by recognizing its basic makeup instead. This is vaguely like what I did when I recognized the malware last week, except without the dose of human cynicism, and Deep Instinct works a whole lot faster.

The Deep Instinct learning process accomplishes its mission by learning the characteristics of malware and then breaking them down into a text file that is simply a string of numbers. That string is several million numbers long, but it's easily contained in a file on a remote computer or even in a mobile device. Then, a remote agent recognizes malware and eliminates it. Next, it follows up with a report of the action sent to the company's central server appliance.

Every so often the appliance is updated so it can pass updated characteristics to remote sites. However, Dr. David stressed that even without updates Deep Instinct remains highly effective. The company claims that all the updates do is improve its already 99 percent plus effectiveness.

The next obvious question is whether it works. Dr. David says it does, but he's the company's CTO, so you'd expect that. He also told me that several financial institutions are already using it to combat breaches and he points out that the company has received significant financial backing. 

It's also true that deep learning is real, and that it's being used by Google and Facebook, among other companies in areas other than cyber-security.

Right now, though, this is all very new, but it's also very hopeful. If deep learning as implemented by Deep Instinct turns out to be as effective as it seems to be, then it might prove to be the next big breakthrough in cyber-security.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel