Artificial Intelligence Security Software

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
Oct 22, 2012
4,055
8,905
#1
AI security software, I could find or know & if I am correct -

VoodooShield - VoodooShield™ - The User-Friendly Toggling Computer Lock.
You all know VoodooShield

DeepArmor - A Cognitive Approach to Anti-malware - SparkCognition Inc
Currently in Beta

Deep Instinct - A Cognitive Approach to Anti-malware - SparkCognition Inc

FireEye - Cyber Security & Malware Protection | FireEye

Cylance - Cylance | Advanced Threat Prevention Built on Artificial Intelligence

Most of these products are, request a demo i.e no direct trial version, for business, etc...

VoodooShield, we all know.

Any other AI security software? And anyone using any? How is it protection & usability wise?
Share your experience if you are using one, your work place is using one, etc...
 

tim one

Level 20
Verified
AV-Tester
Jul 31, 2014
980
9,817
Operating System
Windows 10
Installed Antivirus
F-Secure
#4
Do you know what is Fuzzy logic?

Fuzzy logic is also known as nuanced logic.
We know that a computer works by using the boolean logic, i.e. it works on two values: zero and one (binary logic). The statement, therefore, can only be true or false, without alternatives. Fuzzy logic is used in the study of artificial intelligence to introduce a intermediate value and then a variable can take a value of, for example, 0.2 or 0.6. An evolution of boolean logic that allows a statement to be true, false or partly true or partly false.
This implementation in antivirus AI allows you to have positive uncertainty: a suspect file may be malware or non-malware, but also likely malware.
This uncertainty may run additional algorithms levels in a pyramidal scheme until it gets a logical reasonable conclusion.
 

jamescv7

Level 61
Verified
Mar 15, 2011
12,660
17,639
Operating System
Windows 10
Installed Antivirus
Microsoft
#5
I think the implementation of Artificial Intelligence alone is difficult and will take time to master it, nowadays majority of antivirus rely on their signatures and cloud to obtain a concrete AI; something that is not on the concept table.

The best example goes on DeepArmor which shows the true AI without relying on signatures, so only matter of time to produced unique and accurate pattern of information.
 

Windows_Security

Level 15
Content Creator
Verified
Mar 13, 2016
703
3,158
Operating System
Windows 7
#6
Providing one's opinion is the fastest way to get feedback when the content is incorrect, so please feel free to correct me as it has been 25 years ago I followed a AI-course as "knowledge engineer"(the IT-guy interviewing the expert to get the business rules for the 'inversion engine' which fed the 'prediction engine' ).

We use fuzzy logic in more daily appliances than we think: for instance digital camera's have fuzzy logic software to make fairly good pictures in common conditions. In the AV industry most Av's already provide ML/Ai with fuzzy logic to reduce the number of malware samles human malware analyst have to analyse in detail.

With some applications fuzzy logic's "fairly good" is just not good enough (e.g. medical analysis systems or security endpoint proctection systems). Therefor Machine Learning/Artificial Intelligence is great in determining good and bad, but had its limitation (again please correct me when I am wrong with my 'old' knowledge) in determining grey-ware. This is the reason "pure" ML/AI solutions are whitelisting or central managed solutions.

ML/AI are brought with a lot of marketing bravado, but in fact are the logical next step in AntiVirus heuristics/generic fingerprints and reputation services. In future all AVs will have a combination of these mechanisms and probably have a local whitelist which is used as cache and cloud based false negative/positive check (with automatic sample collection when unknown).

Avast Free is one of the many 'traditional vendors' applying Machine Learning in the cloud already (link). I think you have to enable hardened mode to change from blacklisting to whitelisting. Because Avast already has a central whitelist the chances of running into false positives are slim IMO (since most software is signed nowadays). Comodo offers similar innovative features, but (in my experience) your mileage may vary when using new Comodo features (stability issues).

VoodooShield Free is also pretty amazing in auto-pilot mode (less restrictive as smart mode, but in practice nearly as effective). VoodooShield already has a cloud AV-blacklist scan, but lacks a cloud based whitelist like Avast to reduce False Positives. Dan showed pictures of cenrtal management feature for the corporate market. When central management is realised a cloud based whitelist is just a step further.
 
Last edited:

Windows_Security

Level 15
Content Creator
Verified
Mar 13, 2016
703
3,158
Operating System
Windows 7
#8
@Zero Knowledge.

Would be interesting to know what your experience is when using Avast (Reputation service on, Cyber capture on block, Hardened mode on moderate) or VoodooShield (in AUTO-pilot mode). Do you install new software, if so how many programs per week/month on average?

Regards Kees
 
Dec 2, 2016
239
681
#10
@Zero Knowledge.

Would be interesting to know what your experience is when using Avast (Reputation service on, Cyber capture on block, Hardened mode on moderate) or VoodooShield (in AUTO-pilot mode). Do you install new software, if so how many programs per week/month on average?

Regards Kees

I have never used Avast but I have tried VoodooShield but not in the last 1.5 years so my opinion is very obsolete.

I download a lot of programs and try them out. Most of the time new apps are flagged as bad reputation because they are new.

I use Kaspersky Total Security and it does a very good job. Again most apps are flagged because they are new and unknown to the AV.

I did not test Cylance against new malware. The false positives put me off the product.

I am trying to get licenses for SentinalOne, Crowdstrike Falcon and Carbon Black. But they hate dealing with single user licenses.

I will update this forum if I do get licenses for said products and I will test them this time.
 

tim one

Level 20
Verified
AV-Tester
Jul 31, 2014
980
9,817
Operating System
Windows 10
Installed Antivirus
F-Secure
#11
With some applications fuzzy logic's "fairly good" is just not good enough (e.g. medical analysis systems or security endpoint proctection systems). Therefor Machine Learning/Artificial Intelligence is great in determining good and bad, but had its limitation (again please correct me when I am wrong with my 'old' knowledge) in determining grey-ware. This is the reason "pure" ML/AI solutions are whitelisting or central managed solutions.
Agree, fuzzy logic checks systems starting from a limited and inaccurate description, as their behaviour: no need a concept is precise, because it has meaning.
Quantifying a process seemingly accurate, show it exact and well-understood, but often
the complexity and accuracy are inversely proportional and, in fact, when the the complexity of a problem grows, the possibility of analysing it in precise terms decreases.
 

Parsh

Level 24
Verified
AV-Tester
Dec 27, 2016
1,327
11,956
Operating System
Windows 10
Installed Antivirus
Default-Deny
#14
An evolution of boolean logic that allows a statement to be true, false or partly true or partly false.
This implementation in antivirus AI allows you to have positive uncertainty: a suspect file may be malware or non-malware, but also likely malware.
Besides VooDoshield, I've seen CrowdSource Falcon ML do that work. Seen that in VirusTotal results of new malware samples shared on MT


It's pretty impressive and can be the future if it proves it's mettle progressively. Currently it misses some not-so-sophisticated malware samples
 

tim one

Level 20
Verified
AV-Tester
Jul 31, 2014
980
9,817
Operating System
Windows 10
Installed Antivirus
F-Secure
#15
Besides VooDoshield, I've seen CrowdSource Falcon ML do that work. Seen that in VirusTotal results of new malware samples shared on MT


It's pretty impressive and can be the future if it proves it's mettle progressively. Currently it misses some not-so-sophisticated malware samples
Voodooshield AI uses IBM Watson technology, if I'm not wrong :)
 

shmu26

Level 57
Jul 3, 2015
4,670
14,862
Operating System
Windows 10
Installed Antivirus
Default-Deny
#16
I noticed that @_CyberGhosT_ has been using DeepArmor for a while, and he seems to like it. In fact, it is one of the key components in his new config. Maybe CG can share his experiences...

I tried out DeepArmor only very briefly, a month or two ago, it looked good, but I just didn't have the time and patience to be an early beta guinea pig.
 

Parsh

Level 24
Verified
AV-Tester
Dec 27, 2016
1,327
11,956
Operating System
Windows 10
Installed Antivirus
Default-Deny
#17
Voodooshield AI uses IBM Watson technology, if I'm not wrong :)
I didn't know that!
Here's from a 2011 post from some forum-
VoodooAi uses IBM Watson in the initial stages, and Microsoft Azure for the final analysis
That's awesome. I'm actually gonna use Watson for AI in my current Final Year Project #engineering :-D