Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    IBM Demonstrates DeepLocker AI Malware at Black Hat

    By
    SEAN MICHAEL KERNER
    -
    August 8, 2018
    Share
    Facebook
    Twitter
    Linkedin
      IBM Black Hat Deeplocker

      LAS VEGAS—IBM will detail at Black Hat USA here on Aug. 8 a new class of attacks dubbed DeepLocker that uses artificial intelligence to bypass cyber-security protections.

      With DeepLocker, IBM researchers will demonstrate an evasive attack vector that has been developed as a proof of concept. According to IBM, DeepLocker can be used to keep ransomware or other malware hidden from traditional security tools. IBM’s goal with the presentation is not to promote fear about AI, but rather to help organizations start to think about how attackers can use AI and how to minimize risks.

      “DeepLocker malware is fundamentally different from any other malware we are aware of. It uses AI to hide a malicious application in benign payloads,” Marc Ph. Stoecklin, principal research scientist and manager of Cognitive Cybersecurity Intelligence at IBM Research, told eWEEK. “With AI, we can conceal and hide the condition of when the malicious payload is being unlocked, making it almost impossible to reverse-engineer.”

      This isn’t the first time this year that IBM has presented research about the perils of artificial intelligence. At the RSA Conference in April, IBM outlined ways that an attacker could manipulate machine learning models to corrupt results and influence outcomes.

      DeepLocker could be embedded into a legitimate application that is widely distributed, according to Stoecklin. The malware only deploys when certain conditions are met, such as being installed on a particular device or even when a specific end user logs in. The AI component keeps the malware hidden and is used to understand when the benign application is deployed on the right target.

      One potential deployment could be for webcam conferencing technology, where the DeepLocker malware is embedded within a legitimate app. Stoecklin said the malware could be set to deploy, for example, only when it recognizes a particular user is on the webcam.

      Although the potential damage from DeepLocker and AI-powered malware is immense, Stoecklin said that, to date, IBM researchers have not seen attackers using anything like DeepLocker.

      How It Works

      With many forms of malware, there is a need for the code to call out to a command and control node to get instructions or download a payload. By monitoring for those outbound anomalous connections, security technologies can often detect malware, but that won’t work with DeepLocker.

      Stoecklin said DeepLocker is entirely self-contained within the benign application and it does need to call out to the internet to deliver its malware payload.

      Dhilung Kirat, research scientist at IBM Research, explained that IBM wrote custom code and trained the machine learning model beforehand so it would be ready to deploy. Kirat added that many smart applications already integrate machine learning models, and as such it’s possible to hide DeepLocker alongside code that an enterprise would expect to see in an application.

      Remediation

      One way to detect DeepLocker is with some form of behavior-based technology that detects when an application deviates from a known good baseline. Another approach that IBM is conducting active research on is using cyber-deception to trick AI-powered malware.

      Defending against DeepLocker is no easy task, but that’s part of the point of why IBM created the attack and is discussing it at Black Hat USA. Stoecklin said IBM wants to raise awareness in the cyber-security industry about how artificial intelligence could influence the next generation of cyber-attacks.

      “Our mission is to raise awareness that attackers will be evolving their arsenal with AI,” he said. “Many of the traditional defenses won’t be able to detect these new threats, so both the industry and the researchers need to come up with methods for protection.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×