Artificial Intelligence Security Software

  • Thread starter Deleted member 2913
  • Start date
Status
Not open for further replies.
D

Deleted member 2913

Thread author
AI security software, I could find or know & if I am correct -

VoodooShield - VoodooShield™ - The User-Friendly Toggling Computer Lock.
You all know VoodooShield

DeepArmor - A Cognitive Approach to Anti-malware - SparkCognition Inc
Currently in Beta

Deep Instinct - A Cognitive Approach to Anti-malware - SparkCognition Inc

FireEye - Cyber Security & Malware Protection | FireEye

Cylance - Cylance | Advanced Threat Prevention Built on Artificial Intelligence

Most of these products are, request a demo i.e no direct trial version, for business, etc...

VoodooShield, we all know.

Any other AI security software? And anyone using any? How is it protection & usability wise?
Share your experience if you are using one, your work place is using one, etc...
 

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
Do you know what is Fuzzy logic?

Fuzzy logic is also known as nuanced logic.
We know that a computer works by using the boolean logic, i.e. it works on two values: zero and one (binary logic). The statement, therefore, can only be true or false, without alternatives. Fuzzy logic is used in the study of artificial intelligence to introduce a intermediate value and then a variable can take a value of, for example, 0.2 or 0.6. An evolution of boolean logic that allows a statement to be true, false or partly true or partly false.
This implementation in antivirus AI allows you to have positive uncertainty: a suspect file may be malware or non-malware, but also likely malware.
This uncertainty may run additional algorithms levels in a pyramidal scheme until it gets a logical reasonable conclusion.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
I think the implementation of Artificial Intelligence alone is difficult and will take time to master it, nowadays majority of antivirus rely on their signatures and cloud to obtain a concrete AI; something that is not on the concept table.

The best example goes on DeepArmor which shows the true AI without relying on signatures, so only matter of time to produced unique and accurate pattern of information.
 

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Providing one's opinion is the fastest way to get feedback when the content is incorrect, so please feel free to correct me as it has been 25 years ago I followed a AI-course as "knowledge engineer"(the IT-guy interviewing the expert to get the business rules for the 'inversion engine' which fed the 'prediction engine' ).

We use fuzzy logic in more daily appliances than we think: for instance digital camera's have fuzzy logic software to make fairly good pictures in common conditions. In the AV industry most Av's already provide ML/Ai with fuzzy logic to reduce the number of malware samles human malware analyst have to analyse in detail.

With some applications fuzzy logic's "fairly good" is just not good enough (e.g. medical analysis systems or security endpoint proctection systems). Therefor Machine Learning/Artificial Intelligence is great in determining good and bad, but had its limitation (again please correct me when I am wrong with my 'old' knowledge) in determining grey-ware. This is the reason "pure" ML/AI solutions are whitelisting or central managed solutions.

ML/AI are brought with a lot of marketing bravado, but in fact are the logical next step in AntiVirus heuristics/generic fingerprints and reputation services. In future all AVs will have a combination of these mechanisms and probably have a local whitelist which is used as cache and cloud based false negative/positive check (with automatic sample collection when unknown).

Avast Free is one of the many 'traditional vendors' applying Machine Learning in the cloud already (link). I think you have to enable hardened mode to change from blacklisting to whitelisting. Because Avast already has a central whitelist the chances of running into false positives are slim IMO (since most software is signed nowadays). Comodo offers similar innovative features, but (in my experience) your mileage may vary when using new Comodo features (stability issues).

VoodooShield Free is also pretty amazing in auto-pilot mode (less restrictive as smart mode, but in practice nearly as effective). VoodooShield already has a cloud AV-blacklist scan, but lacks a cloud based whitelist like Avast to reduce False Positives. Dan showed pictures of cenrtal management feature for the corporate market. When central management is realised a cloud based whitelist is just a step further.
 
Last edited:

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
@Zero Knowledge.

Would be interesting to know what your experience is when using Avast (Reputation service on, Cyber capture on block, Hardened mode on moderate) or VoodooShield (in AUTO-pilot mode). Do you install new software, if so how many programs per week/month on average?

Regards Kees
 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
@Zero Knowledge.

Would be interesting to know what your experience is when using Avast (Reputation service on, Cyber capture on block, Hardened mode on moderate) or VoodooShield (in AUTO-pilot mode). Do you install new software, if so how many programs per week/month on average?

Regards Kees


I have never used Avast but I have tried VoodooShield but not in the last 1.5 years so my opinion is very obsolete.

I download a lot of programs and try them out. Most of the time new apps are flagged as bad reputation because they are new.

I use Kaspersky Total Security and it does a very good job. Again most apps are flagged because they are new and unknown to the AV.

I did not test Cylance against new malware. The false positives put me off the product.

I am trying to get licenses for SentinalOne, Crowdstrike Falcon and Carbon Black. But they hate dealing with single user licenses.

I will update this forum if I do get licenses for said products and I will test them this time.
 

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
With some applications fuzzy logic's "fairly good" is just not good enough (e.g. medical analysis systems or security endpoint proctection systems). Therefor Machine Learning/Artificial Intelligence is great in determining good and bad, but had its limitation (again please correct me when I am wrong with my 'old' knowledge) in determining grey-ware. This is the reason "pure" ML/AI solutions are whitelisting or central managed solutions.
Agree, fuzzy logic checks systems starting from a limited and inaccurate description, as their behaviour: no need a concept is precise, because it has meaning.
Quantifying a process seemingly accurate, show it exact and well-understood, but often
the complexity and accuracy are inversely proportional and, in fact, when the the complexity of a problem grows, the possibility of analysing it in precise terms decreases.
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
An evolution of boolean logic that allows a statement to be true, false or partly true or partly false.
This implementation in antivirus AI allows you to have positive uncertainty: a suspect file may be malware or non-malware, but also likely malware.
Besides VooDoshield, I've seen CrowdSource Falcon ML do that work. Seen that in VirusTotal results of new malware samples shared on MT
BkrHiMV.jpg


It's pretty impressive and can be the future if it proves it's mettle progressively. Currently it misses some not-so-sophisticated malware samples
 

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
Besides VooDoshield, I've seen CrowdSource Falcon ML do that work. Seen that in VirusTotal results of new malware samples shared on MT
BkrHiMV.jpg


It's pretty impressive and can be the future if it proves it's mettle progressively. Currently it misses some not-so-sophisticated malware samples
Voodooshield AI uses IBM Watson technology, if I'm not wrong :)
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I noticed that @_CyberGhosT_ has been using DeepArmor for a while, and he seems to like it. In fact, it is one of the key components in his new config. Maybe CG can share his experiences...

I tried out DeepArmor only very briefly, a month or two ago, it looked good, but I just didn't have the time and patience to be an early beta guinea pig.
 

Parsh

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Dec 27, 2016
1,480
Voodooshield AI uses IBM Watson technology, if I'm not wrong :)

I didn't know that!
Here's from a 2011 post from some forum-
VoodooAi uses IBM Watson in the initial stages, and Microsoft Azure for the final analysis

That's awesome. I'm actually gonna use Watson for AI in my current Final Year Project #engineering :-D
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top