Saturday, January 16, 2021

ESET – Machine learning and math can’t trump smart attackers

When fighting black-hat hackers for decades, we learn a thing or two about them. Obviously, they are bad, and they like to play with code. But most importantly, they’re continually learning and we need to keep up if we want to protect our customers’ businesses from their sticky fingers.

Now, if we were a post-truth security vendor, we would talk a lot about how our machine learning makes us fit for the fight, or how mathematics can predict an attacker’s every move. We would also try to downplay the fact that even advanced technologies can be fooled by adversaries.

But at ESET, we value the truth. No matter how smart a machine learning algorithm is, it has a narrow focus and learns from a specific data set. By contrast, attackers possess so-called general intelligence and are able to think outside of the box. They can learn from context and benefit from inspiration, which no machine or algorithm can predict.

Take self-driving cars as an example. These smart machines learn how to drive in an environment with road signs and pre-set rules.

But what if someone covers all the signs or manipulates them? Without such a vital component, the cars start to make wrong decisions that can end in a fatal crash, or simply immobilize the vehicle.

In cyberspace, malware writers specialize in such malicious behavior. They try to hide the true purpose of their code, by “covering” it with obfuscation or encryption. If the algorithm cannot look behind this mask, it can make a wrong decision, labeling a malicious item as clean – causing a potentially dangerous miss.

However, recognizing the mask doesn’t always reveal the code’s true nature, and without executing the sample there is no way of knowing what is under the hood. To do this ESET uses a simulated environment – known as sandboxing – deprecated by many of the post-truth vendors. They claim their technology can recognize malice simply by looking at a sample and doing the “math”.

How would that work in real life? Try and determine a house’s price just by looking at a picture of it. One can use some features, such as the number of windows or floors to get a rough estimate. But without knowing where the house is located, what is inside, and other details, there is a high probability of error.

On top of that, the mathematics itself contradicts these post-truth claims – by referring to what’s known as an “undecidable problem”, i.e. determining whether a program will behave maliciously according to its external appearance – as demonstrated by the computer scientist who formulated the definition of computer virus, Fred Cohen.

Moreover, in cybersecurity, some problems require so much computational capacity – or are so time-consuming – that even a machine learning algorithm would be ineffective in solving them – making them practically undecidable.

Now put all this information into an equation with a smart, dynamic opponent and the endpoints can end up infected.

ESET has considerable experience with intelligent adversaries and knows that machine learning alone is not enough to protect endpoints. We have been using this technology for years and have fine-tuned it to work with a variety of other layers of protection that are under the hood of our security solutions.

Moreover, our detection engineers and malware researchers constantly supervise “the machine” to avoid unnecessary errors along the way, ensuring that detection runs smoothly without bothering ESET business customers with false positives.

MOST READ

Interior Minister receives new officers

Minister of Interior, General Shaikh Rashid bin Abdullah Al Khalifa, today received some new officers who took the oath in front of him. Chief of...

NPRA: self-sponsorship residence permit to be processed online

Nationality, Passport and Residence Affairs (NPRA) announced on Saturday that applying or issuing self-sponsored residence permits could be through its website www.evisa.gov.bh. The service covers foreign...

Southern Governor visits Isa Town

Southern Governor His Highness Shaikh Khalifa bin Ali bin Khalifa Al-Khalifa has today paid an inspection visit to Isa Town to assess citizens’ needs. In...

BTEA urges compliance with mandatory precautionary measures

Bahrain Tourism and Exhibitions Authority (BTEA) urged all hotels and hospitality facilities to adhere to the instructions stated in the ministerial edicts issued by...

Bahrain Records 1.40% Rise in Q3 2020 Constant Prices

Bahrain’s economy recorded a slight improvement of 1.40% in constant prices in the third quarter of 2020, compared to the second quarter of the...

AGU’s College of Graduate Studies Launches Termly Journal

The College of Graduate Studies at the Arabian Gulf University (AGU) launched the first edition of its termly journal under the management and supervision...

BIC to host first Open Track Day of the new year on Saturday

Bahrain International Circuit (BIC) continues its busy start for 2021 as it hosts the first Open Track Day of the new year on Saturday...

The Crown Prince and Prime Minister, HRH Prince Salman bin Hamad Al Khalifa visits new Passenger Terminal

The directive of the Crown Prince and Prime Minister, His Royal Highness Prince Salman bin Hamad Al Khalifa to transfer operations to Bahrain International Airport’s (BIA)...

Gulf Air Moves Entire Operations to the New Bahrain International Airport Terminal

Gulf Air, the national carrier of the Kingdom of Bahrain, announces that starting from 28 January 2021 it plans to move its entire operations...

Ebrahim K. Kanoo Honours Bahraini Graduates

Ebrahim K. Kanoo held an internal ceremony to celebrate the successful completion of the first batch of its Bahraini graduate trainee program ‘Tomooh’.  ‘Tomooh’ (Arabic...

Bahrain launches Mobile Vaccination Units

The Ministry of Health Bahrain has started to provide COVID-19 vaccinations at your home, the first of its kind in the region. The service...

Registration for COVID-19 Vaccine and Vaccination Certifications can be obtained via ‘BeAware Bahrain’ App

In support of national efforts to combat the spread of the novel coronavirus (COVID-19), BeAware Bahrain App users can now register for government-approved COVID-19...

Electricity Minister praises AGU’s successful energy consumption experience

Electricity and Water Affairs Minister, Wael bin Nasser Al-Mubarak, and the Electricity and Water Authority (EWA) Chief Executive Officer, Shaikh Nawaf bin Ibrahim Al...

New National Committee for Geospatial Information Governance (NCGIG) Holds Inaugural Meeting

In line with the Kingdom of Bahrain’s commitment to develop its geospatial information sector, the newly formed National Committee for Geospatial Information Governance (NCGIG)...