Artificial Intelligence Security Software

Discussion in 'Other Security for Windows' started by Yash Khan, Dec 9, 2016.

  1. Yash Khan

    Yash Khan Level 51

    Oct 22, 2012
    4,055
    8,957
    AI security software, I could find or know & if I am correct -

    VoodooShield - VoodooShield™ - The User-Friendly Toggling Computer Lock.
    You all know VoodooShield

    DeepArmor - A Cognitive Approach to Anti-malware - SparkCognition Inc
    Currently in Beta

    Deep Instinct - A Cognitive Approach to Anti-malware - SparkCognition Inc

    FireEye - Cyber Security & Malware Protection | FireEye

    Cylance - Cylance | Advanced Threat Prevention Built on Artificial Intelligence

    Most of these products are, request a demo i.e no direct trial version, for business, etc...

    VoodooShield, we all know.

    Any other AI security software? And anyone using any? How is it protection & usability wise?
    Share your experience if you are using one, your work place is using one, etc...
     
  2. viktik

    viktik Level 24

    Sep 17, 2013
    1,376
    3,782
    Unoccupied
    Hazaribagh
    Windows 10
    Kaspersky
    major antivirus companies will also deploy such technology if it works.

    they already use machine learning.
     
    venustus, SHvFl, motox781 and 7 others like this.
  3. RejZoR

    RejZoR Level 6

    Nov 26, 2016
    292
    1,372
    Security Software Guru
    Europe/Slovenia
    Windows 10
    Avast
    Antivirus companies already employ "Ai" for cloud systems...
     
    venustus, Myriad, SHvFl and 4 others like this.
  4. tim one

    tim one Level 17
    Trusted AV Tester

    Jul 31, 2014
    826
    8,298
    Europe
    Windows 10
    Emsisoft
    Do you know what is Fuzzy logic?

    Fuzzy logic is also known as nuanced logic.
    We know that a computer works by using the boolean logic, i.e. it works on two values: zero and one (binary logic). The statement, therefore, can only be true or false, without alternatives. Fuzzy logic is used in the study of artificial intelligence to introduce a intermediate value and then a variable can take a value of, for example, 0.2 or 0.6. An evolution of boolean logic that allows a statement to be true, false or partly true or partly false.
    This implementation in antivirus AI allows you to have positive uncertainty: a suspect file may be malware or non-malware, but also likely malware.
    This uncertainty may run additional algorithms levels in a pyramidal scheme until it gets a logical reasonable conclusion.
     
    venustus, Myriad, SHvFl and 7 others like this.
  5. jamescv7

    jamescv7 Level 61
    Trusted

    Mar 15, 2011
    12,664
    17,710
    Web and FileMaker Developer
    Philippines
    Windows 10
    Microsoft
    I think the implementation of Artificial Intelligence alone is difficult and will take time to master it, nowadays majority of antivirus rely on their signatures and cloud to obtain a concrete AI; something that is not on the concept table.

    The best example goes on DeepArmor which shows the true AI without relying on signatures, so only matter of time to produced unique and accurate pattern of information.
     
    venustus, Parsh, motox781 and 2 others like this.
  6. Windows_Security

    Windows_Security Level 10
    Content Creator Trusted

    Mar 13, 2016
    487
    2,241
    Holland
    Windows 7
    Default-Deny
    #6 Windows_Security, Dec 27, 2016
    Last edited: Dec 27, 2016
    Providing one's opinion is the fastest way to get feedback when the content is incorrect, so please feel free to correct me as it has been 25 years ago I followed a AI-course as "knowledge engineer"(the IT-guy interviewing the expert to get the business rules for the 'inversion engine' which fed the 'prediction engine' ).

    We use fuzzy logic in more daily appliances than we think: for instance digital camera's have fuzzy logic software to make fairly good pictures in common conditions. In the AV industry most Av's already provide ML/Ai with fuzzy logic to reduce the number of malware samles human malware analyst have to analyse in detail.

    With some applications fuzzy logic's "fairly good" is just not good enough (e.g. medical analysis systems or security endpoint proctection systems). Therefor Machine Learning/Artificial Intelligence is great in determining good and bad, but had its limitation (again please correct me when I am wrong with my 'old' knowledge) in determining grey-ware. This is the reason "pure" ML/AI solutions are whitelisting or central managed solutions.

    ML/AI are brought with a lot of marketing bravado, but in fact are the logical next step in AntiVirus heuristics/generic fingerprints and reputation services. In future all AVs will have a combination of these mechanisms and probably have a local whitelist which is used as cache and cloud based false negative/positive check (with automatic sample collection when unknown).

    Avast Free is one of the many 'traditional vendors' applying Machine Learning in the cloud already (link). I think you have to enable hardened mode to change from blacklisting to whitelisting. Because Avast already has a central whitelist the chances of running into false positives are slim IMO (since most software is signed nowadays). Comodo offers similar innovative features, but (in my experience) your mileage may vary when using new Comodo features (stability issues).

    VoodooShield Free is also pretty amazing in auto-pilot mode (less restrictive as smart mode, but in practice nearly as effective). VoodooShield already has a cloud AV-blacklist scan, but lacks a cloud based whitelist like Avast to reduce False Positives. Dan showed pictures of cenrtal management feature for the corporate market. When central management is realised a cloud based whitelist is just a step further.
     
    Myriad, SHvFl, Parsh and 9 others like this.
  7. Zero Knowledge

    Zero Knowledge Level 5

    Dec 2, 2016
    239
    689
    Dark Cloud Universe
    I've tried Cylance at home and it threw up too many false positives.

    I like the idea behind it but the tech is just too fresh and new to be applied right to the antivirus space.
     
    SHvFl and Yash Khan like this.
  8. Windows_Security

    Windows_Security Level 10
    Content Creator Trusted

    Mar 13, 2016
    487
    2,241
    Holland
    Windows 7
    Default-Deny
    @Zero Knowledge.

    Would be interesting to know what your experience is when using Avast (Reputation service on, Cyber capture on block, Hardened mode on moderate) or VoodooShield (in AUTO-pilot mode). Do you install new software, if so how many programs per week/month on average?

    Regards Kees
     
    SHvFl, frogboy and Yash Khan like this.
  9. TheMalwareMaster

    TheMalwareMaster Level 19
    Trusted

    Jan 4, 2016
    930
    5,458
    Europe
    Windows 10
    Default-Deny
    Barracuda, Crowd strike falcon, Palo alto networks, sentinel one. From an AV comparatives test
     
    SHvFl, Yash Khan and Mr.NoName like this.
  10. Zero Knowledge

    Zero Knowledge Level 5

    Dec 2, 2016
    239
    689
    Dark Cloud Universe

    I have never used Avast but I have tried VoodooShield but not in the last 1.5 years so my opinion is very obsolete.

    I download a lot of programs and try them out. Most of the time new apps are flagged as bad reputation because they are new.

    I use Kaspersky Total Security and it does a very good job. Again most apps are flagged because they are new and unknown to the AV.

    I did not test Cylance against new malware. The false positives put me off the product.

    I am trying to get licenses for SentinalOne, Crowdstrike Falcon and Carbon Black. But they hate dealing with single user licenses.

    I will update this forum if I do get licenses for said products and I will test them this time.
     
    SHvFl and Yash Khan like this.
  11. tim one

    tim one Level 17
    Trusted AV Tester

    Jul 31, 2014
    826
    8,298
    Europe
    Windows 10
    Emsisoft
    Agree, fuzzy logic checks systems starting from a limited and inaccurate description, as their behaviour: no need a concept is precise, because it has meaning.
    Quantifying a process seemingly accurate, show it exact and well-understood, but often
    the complexity and accuracy are inversely proportional and, in fact, when the the complexity of a problem grows, the possibility of analysing it in precise terms decreases.
     
    venustus, SHvFl, frogboy and 2 others like this.
  12. HarborFront

    HarborFront Level 31
    Content Creator

    Oct 9, 2016
    2,047
    5,093
    Far East
    #12 HarborFront, Dec 27, 2016
    Last edited: Dec 27, 2016
    SHvFl and Yash Khan like this.
  13. TerrakionSmash

    TerrakionSmash Level 14

    Nov 17, 2016
    681
    1,848
    Earth
    Windows 10
    Sophos
    #13 TerrakionSmash, Dec 27, 2016
    Last edited: Dec 28, 2016
    @Windows_Security Interesting since most people I see find avast! aggressive mode more likable.
     
    SHvFl and Yash Khan like this.
  14. Parsh

    Parsh Level 24
    Trusted AV Tester

    Dec 27, 2016
    1,325
    12,003
    7 Islands of Bombay
    Windows 10
    Default-Deny
    Besides VooDoshield, I've seen CrowdSource Falcon ML do that work. Seen that in VirusTotal results of new malware samples shared on MT
    [​IMG]

    It's pretty impressive and can be the future if it proves it's mettle progressively. Currently it misses some not-so-sophisticated malware samples
     
    vemn, jelson, venustus and 4 others like this.
  15. tim one

    tim one Level 17
    Trusted AV Tester

    Jul 31, 2014
    826
    8,298
    Europe
    Windows 10
    Emsisoft
    Voodooshield AI uses IBM Watson technology, if I'm not wrong :)
     
    venustus, Yash Khan, SHvFl and 2 others like this.
  16. shmu26

    shmu26 Level 49

    Jul 3, 2015
    3,853
    11,783
    East Mediterranean
    Windows 10
    Default-Deny
    I noticed that @_CyberGhosT_ has been using DeepArmor for a while, and he seems to like it. In fact, it is one of the key components in his new config. Maybe CG can share his experiences...

    I tried out DeepArmor only very briefly, a month or two ago, it looked good, but I just didn't have the time and patience to be an early beta guinea pig.
     
  17. Parsh

    Parsh Level 24
    Trusted AV Tester

    Dec 27, 2016
    1,325
    12,003
    7 Islands of Bombay
    Windows 10
    Default-Deny
    I didn't know that!
    Here's from a 2011 post from some forum-
    That's awesome. I'm actually gonna use Watson for AI in my current Final Year Project #engineering :-D
     
    venustus, Yash Khan, SHvFl and 2 others like this.
  18. harlan4096

    harlan4096 Moderator
    Staff Member AV Tester

    Apr 28, 2015
    2,471
    19,371
    Almería (Spain)
    Windows 10
    Kaspersky
    Sin título.png
    Both?
     
    venustus, Yash Khan, SHvFl and 4 others like this.
  19. tim one

    tim one Level 17
    Trusted AV Tester

    Jul 31, 2014
    826
    8,298
    Europe
    Windows 10
    Emsisoft
    Best wishes for your project :)

    So, next-gen algorithms against next-gen malware, that's the correct way!
     
    venustus, Yash Khan, SHvFl and 3 others like this.
  20. Parsh

    Parsh Level 24
    Trusted AV Tester

    Dec 27, 2016
    1,325
    12,003
    7 Islands of Bombay
    Windows 10
    Default-Deny
    Thanks a lot :-D
    Yes, that should be the correct way to put it. However its the next-gen malware in disguise that the world will fear.
     
    venustus, Yash Khan, frogboy and 2 others like this.
Loading...
Similar Threads Forum Date
Cybersecurity artificial intelligence hype is real AppGuard (Blue Ridge Networks) Nov 1, 2017
The Cybersecurity Vulnerabilities to Artificial Intelligence AppGuard (Blue Ridge Networks) Oct 28, 2017
Artificial Intelligence: Cybersecurity Friend or Foe? Security News May 12, 2017