LAS VEGAS—IBM will detail at Black Hat USA here on Aug. 8 a new class of attacks dubbed DeepLocker that uses artificial intelligence to bypass cyber-security protections.
With DeepLocker, IBM researchers will demonstrate an evasive attack vector that has been developed as a proof of concept. According to IBM, DeepLocker can be used to keep ransomware or other malware hidden from traditional security tools. IBM’s goal with the presentation is not to promote fear about AI, but rather to help organizations start to think about how attackers can use AI and how to minimize risks.
“DeepLocker malware is fundamentally different from any other malware we are aware of. It uses AI to hide a malicious application in benign payloads,” Marc Ph. Stoecklin, principal research scientist and manager of Cognitive Cybersecurity Intelligence at IBM Research, told eWEEK. “With AI, we can conceal and hide the condition of when the malicious payload is being unlocked, making it almost impossible to reverse-engineer.”
This isn’t the first time this year that IBM has presented research about the perils of artificial intelligence. At the RSA Conference in April, IBM outlined ways that an attacker could manipulate machine learning models to corrupt results and influence outcomes.
DeepLocker could be embedded into a legitimate application that is widely distributed, according to Stoecklin. The malware only deploys when certain conditions are met, such as being installed on a particular device or even when a specific end user logs in. The AI component keeps the malware hidden and is used to understand when the benign application is deployed on the right target.
One potential deployment could be for webcam conferencing technology, where the DeepLocker malware is embedded within a legitimate app. Stoecklin said the malware could be set to deploy, for example, only when it recognizes a particular user is on the webcam.
Although the potential damage from DeepLocker and AI-powered malware is immense, Stoecklin said that, to date, IBM researchers have not seen attackers using anything like DeepLocker.
How It Works
With many forms of malware, there is a need for the code to call out to a command and control node to get instructions or download a payload. By monitoring for those outbound anomalous connections, security technologies can often detect malware, but that won’t work with DeepLocker.
Stoecklin said DeepLocker is entirely self-contained within the benign application and it does need to call out to the internet to deliver its malware payload.
Dhilung Kirat, research scientist at IBM Research, explained that IBM wrote custom code and trained the machine learning model beforehand so it would be ready to deploy. Kirat added that many smart applications already integrate machine learning models, and as such it’s possible to hide DeepLocker alongside code that an enterprise would expect to see in an application.
One way to detect DeepLocker is with some form of behavior-based technology that detects when an application deviates from a known good baseline. Another approach that IBM is conducting active research on is using cyber-deception to trick AI-powered malware.
Defending against DeepLocker is no easy task, but that’s part of the point of why IBM created the attack and is discussing it at Black Hat USA. Stoecklin said IBM wants to raise awareness in the cyber-security industry about how artificial intelligence could influence the next generation of cyber-attacks.
“Our mission is to raise awareness that attackers will be evolving their arsenal with AI,” he said. “Many of the traditional defenses won’t be able to detect these new threats, so both the industry and the researchers need to come up with methods for protection.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.