Forget signatures for malware detection. SparkCognition says AI is 99% effective

Most big companies (Avast,Kaspersky, ect) use some sort of Machine Learning ("AI") when scanning for new malware. They just don't rely 100% on it like this new products that market "Artificial intelligence" as a "perfect god" that will remove all malware from the world. That's just their marketing plays to put themselves on the market. Signature will never be obsolete., because there is no best between Signatures/heuristics(Static analysis), behavioral analysis and Machine Learning. All techniques of detecting malware will always have their pros and cons.
 
  • Like
Reactions: inuyasha, Der.Reisende, Parsh and 10 others
For the average person who doesn't download very much and doesn't stray too far from the websites, they're comfortable on (Facebook, Youtube, Reddit, etc.), I'd say using signatures for malware detection will keep them safe.
For people who are more curious about malware and the internet or companies, things such as Default-Deny products and Emsisoft's Behaviour Blocker are possibly more necessary to keep their system safe.
 
  • Like
Reactions: frogboy, XhenEd and _CyberGhosT_
_CyberGhosT_ said:
You have said this many times, and again, I will say:
It does at first as it is learning, but as with VoodooShield, the FP's go away.
As an actual user I can tell you I don't hear anything FP related from it these days.
I did for the first "approximately" 90 days maybe and it was intermitten not constant FP's.
I compare it to the FP's of VS because it was a similar pattern, and duration but as we know they
are two very different software. Just wanted to make myself very clear ;)
Click to expand...
You are right, the FPs do go away. They do not interfere with a good user experience. I only mentioned FPs in order to put this product's impressively high detection rate into proper perspective.
 
  • Like
Reactions: Parsh, Winter Soldier, _CyberGhosT_ and 2 others
Winter Soldier said:
With all my respect for the machine learning, and for its great importance in cybersecurity, I think the most effective approach is multi-layered.
The antivirus should use signatures, behavioral analysis, sandbox, and yes, even machine learning.
Click to expand...

Agreed 100%. Malware is way too unpredictable. It's like a battlefield, where you need infantry, marines, the air force, etc. to win a war, which we call security layers. It's complicated with the beginner user in mind though, who doesn't have the infrastructure, resources or knowledge to think like this.
 
Last edited:
  • Like
Reactions: Winter Soldier, Der.Reisende, Solarquest and 2 others
Solarquest said:
Just a little comment from my side...When I check new samples on VT most of the time these are first and many times only detected by next-gen AV that (also) use AI...So somehow, sometimes AI works.;)
Click to expand...

If you have more false postives you will detect a lot more malware too.
 
  • Like
Reactions: XhenEd and erreale
Well for me the detection rate of this product is ZERO! They won't let me test it so it can't detect anything. Besides for me 99% isn't acceptable. I run a small business and have critical data on my machines. I can't accept a 1% risk. Is that possible. I think so. But that is not for this thread.
 
  • Like
Reactions: XhenEd
Peter2150 said:
Well for me the detection rate of this product is ZERO! They won't let me test it so it can't detect anything. Besides for me 99% isn't acceptable. I run a small business and have critical data on my machines. I can't accept a 1% risk. Is that possible. I think so. But that is not for this thread.
Click to expand...
sure you can get 100% with a hermetically sealed offline computer.
 
  • Like
Reactions: Parsh and XhenEd
mekelek said:
you can't have the whole cake unfortunately.
Click to expand...

Questionable. Depends on what cake are you willing to accept for dinner.

Peter2150 said:
Well for me the detection rate of this product is ZERO! They won't let me test it so it can't detect anything. Besides for me 99% isn't acceptable. I run a small business and have critical data on my machines. I can't accept a 1% risk. Is that possible. I think so. But that is not for this thread.
Click to expand...

Agreed. But the weak point will always be the space between the keyboard and the chair, unless that space is filled with void. So you have to get ready for disaster mitigation as best as you can...
 
  • Like
Reactions: Parsh, XhenEd and frogboy
mekelek said:
better having a few false positives than being infected...

would love to test something with an AI but they all focus on companies :(
Click to expand...

The problem is this AI only engines have lots of them, that's why most companies just use the Ai as a complement in their analysis system and not as a main feature.
 
  • Like
Reactions: Parsh, Amelith Nargothrond, XhenEd and 2 others
mekelek said:
sure you can get 100% with a hermetically sealed offline computer.
Click to expand...

Nope it is actually possible. But it's not detection it's preventing anything getting on in the first place. Also it's not an install and forget it solution. It takes a bit of work and also care and feeding.
 
  • Like
Reactions: XhenEd
Amelith Nargothrond said:
.....


Agreed. But the weak point will always be the space between the keyboard and the chair, unless that space is filled with void. So you have to get ready for disaster mitigation as best as you can...
Click to expand...

Absolutely. But that is why I have some overlap in my setup. Some of it is duplication, but I like to look at it as a 2nd chance to get it right. Also I have Macrium running hourly incrementals. So I am never far in time from "mitigation"
 
  • Like
Reactions: XhenEd
quality over quantity. my company is carrying a few of these next gen av's but theres a big problem with most of them. they eat the CPU. mostly occupy it like 80 to 100%.

and it really bogs down the system.... and coming from a place that still has people using win xp.....

has anyone here used cylance before? seen a few demo's and it looks to be quite good
 
  • Like
Reactions: XhenEd and Handsome Recluse
You must log in or register to reply here.

You may also like...