The research group at the National Laboratory of Los Alamos has achieved a major breakthrough in the field of cybersecurity by using artificial intelligence (AI) to enhance the analysis of harmful programs on a large scale. Their innovative approach has significantly advanced the classification of malicious software for the Microsoft Windows operating system, setting a new world record in the classification of Malvaria families. The findings of their study, published in the journal ACM TRANSACTIONS ON PRIVACY and Security, present a novel method that utilizes AI to accurately classify malicious programs for Windows.
The key aspect of this method is the use of semi-supervision methods of tensor decomposition and selective classification, which includes the option of refusal. According to Maxim Eren, a scientist at Los Alamos cybersystems, this option of refusal allows the model to say “I do not know” instead of providing incorrect solutions. This enables the model to acquire knowledge and make more accurate classifications.
One of the major advantages of this new method is its ability to work effectively with both large and small data sets simultaneously. This means that it can detect both rare and common families of harmful programs, providing security analysts with confidence in using this technique to identify new threats. Additionally, the model has the capability to reject predictions if it is uncertain, further enhancing its reliability in practical high-risk situations.
Eren emphasizes that their work has set a new world record in simultaneously classifying an unprecedented number of Malvaria families. It outperforms previous work by 29 times and demonstrates its effectiveness even in challenging real conditions of limited data and extreme class imbalance. The availability of this method in the form of a Python library also highlights its advanced nature and paves the way for further improvements in cybersecurity measures.