via University of Oxford
A new method that could automatically detect and kill cyberattacks on our laptops, computers and smart devices in under a second has been created by researchers at Cardiff University.
Using artificial intelligence in a completely novel way, the method has been shown to successfully prevent up to 92 per cent of files on a computer from being corrupted, with it taking just 0.3 seconds on average for a piece of malware to be wiped out.
Publishing their findings in the journal Security and Communications Networks, the team say this is the first demonstration of a method that can both detect and kill malicious software in real-time, which could transform approaches to modern cybersecurity and avoid instances such as the recent WannaCry cyberattack that hit the NHS in 2017.
Using advances in artificial intelligence and machine learning, the new approach, developed in collaboration with Airbus, is based on monitoring and predicting the behaviour of malware as opposed to more traditional antivirus approaches that analyse what a piece of malware looks like.
“Traditional antivirus software will look at the code structure of a piece of malware and say ‘yeah, that looks familiar’,” co-author of the study Professor Pete Burnap explains.
“But the problem is malware authors will just chop and change the code, so the next day the code looks different and is not detected by the antivirus software. We want to know how a piece of malware behaves so once it starts attacking a system, like opening a port, creating a process or downloading some data in a particular order, it will leave a fingerprint behind which we can then use to build up a behavioural profile.”
By training computers to run simulations on specific pieces of malware, it is possible to make a very quick prediction in less than a second of how the malware will behave further down the line.
Once a piece of software is flagged as malicious the next stage is to wipe it out, which is where the new research comes into play.
“Once a threat is detected, due to the fast-acting nature of some destructive malware, it is vital to have automated actions to support these detections,” continued Professor Burnap.
“We were motivated to undertake this work as there was nothing available that could do this kind of automated detecting and killing on a user’s machine in real-time.”
Existing products, known as endpoint detection and response (EDR), are used to protect end-user devices such as desktops, laptops, and mobile devices and are designed to quickly detect, analyse, block, and contain attacks that are in progress.
The main problem with these products is that the collected data needs to be sent to administrators in order for a response to be implemented, by which time a piece of malware may already have caused damage.
To test the new detection method, the team set up a virtual computing environment to represent a group of commonly used laptops, each running up to 35 applications at the same time to simulate normal behaviour.
The AI-based detection method was then tested using thousands of samples of malware.
Lead author of the study Matilda Rhode, now Head of Innovation and Scouting at Airbus, said: “While we still have some way to go in terms of improving the accuracy of this system before it could be implemented, this is an important step towards an automated real-time detection system that would not only benefit our laptops and computers, but also our smart speakers, thermostats, cars and refrigerators as the ‘Internet of Things’ becomes more prevalent.”
Original Article: Scientists create new method to kill cyberattacks in less than a second
More from: Cardiff University
The Latest Updates from Bing News & Google News
Go deeper with Bing News on:
Real-time cyberattack detection system
- The cyber path forward for manufacturers
Christina Hoefer, VP, Global Industrial Enterprise, Forescout Technologies, explains how manufacturers can become more cyber secure.
- Here’s Why Companies Are Switching To a Managed Security Service Provider For Their Cybersecurity
Cybersecurity is an important part of any business. You need to protect your customers, your data, and your reputation. But you don’t have to do it alone. That’s where managed security services come ...
- How identity segmentation can reduce the attack surface for healthcare organizations
One of the most effective methods to reduce the attack surface is segmentation. But, what type of segmentation should be used — network-centric or identity-centric?
- Why edge and endpoint security matter in a zero-trust world
In February, Nvidia was hit with a cyberattack by Lapsus$, an international hacking group known for their cyberattacks on enterprises. The group was able to gain access to multiple systems and at ...
- Hospitals are for healing humans. But protecting and healing hospitals needs machines
But while other businesses worry about reputational damage when they're hit by a ransomware attack, hospitals have to worry about canceled operations and ambulances backing up outside the emergency ...
Go deeper with Google Headlines on:
Real-time cyberattack detection system
Go deeper with Bing News on:
Cyberattacks
- It’s Time For The C-Suite To Protect Themselves Against Cyberattacks
If you're an executive, lead by example and demonstrate that security is a top priority in your organization’s culture.
- Vietnam records over 5,400 cyberattacks in five months
Vietnam was hit by 5,463 cyberattacks in the first five months of this year, according to the Ministry of Information and Communications.
- Wimbledon security chiefs 'on high alert' amid fears over Russian cyberattacks
More info Wimbledon bosses are said to be on “high alert” amid fears of Russian security attacks following the All England Club’s ban on players hailing from the nation amid the war in Ukraine. The ...
- Kingston Technology Calls Anew For Stronger Online Security Habits In Light Of Rising Cyberattacks
Middle East places second in top countries or regions with largest average total data breach costs, next to United States
- Cybersecurity advisory warns of Chinese cyberattacks
The National Security Agency, Cybersecurity and Infrastructure Security Agency, and Federal Bureau of Investigation issued a joint cybersecurity ...