In view of COVID-19 precaution measures, we remind you that ImmuniWeb Platform allows to easily configure and safely buy online all available solutions in a few clicks.

Total Tests:
Stay in Touch

Weekly newsletter on AI, Application Security & Cybercrime

Your data will stay confidential Private and Confidential

AV is dead! Long live AV…

Tuesday, February 21, 2017 By Read Time: 2 min.

Malware complexity, sophistication, volume and cavalier users are all eroding traditional Av’s effectiveness - does cognitive computing hold the key?

Anti-Virus has come a long way since it was created back in the late 90s, but so has the malware industry. Back in the 90s it was a hobbyist game, with a few proof of concept viruses doing the rounds, such as EXEBug, that introduced CMOS modification to prevent clean booting, and the first Windows virus WinVer 1.4. Norton Anti-Virus was created in December 1990, and pointed the way that the soon-to-be AV industry would take.

AV is dead! Long live AV…

Fast-forward to 2005, and more than 123 new malware threats were discovered every day, according to Panda Software, a 240 per cent increase over 2004. Runaway growth in malware had begun, and the trend has continued up to the present, with McAfee reporting that they recognised new threats at a rate of 245 per minute in Q3 2016, or more than four per second.

AV is dead! Long live AV…

Needless to say, this exponential increase in volume has spelled trouble for the traditional signature-based methods of virus detection, which have been feeling the pressure from polymorphic malware and the increasing availability of encryption.

The most recent industry assessments from AV insider site Virus Bulletin (VB) show just how that pressure is translating into decreasing proactive antivirus detection rates.

AV is dead! Long live AV…

Compare the proactive detection midpoints in these two images - Jun-Dec 2015 and late 2016. In the first, the proactive detection midpoint hovers around 80 per cent, and the reactive midpoint sits at roughly 90-95 per cent. Then note the 2016 version, where reactive detection has dropped a little to the 90 per cent line, but proactive detection has dramatically dropped to 67-70 per cent.

AV is dead! Long live AV…

The scourge of ransomware has - if anything - raised the stakes of late, with a single click putting entire enterprise datacentres at risk. A survey recently found that out of 60 companies that suffered successful ransomware attacks during the last 12 months, 100 per cent reported they were running antivirus at the time of the attack. Incidentally, it wasn't just AV that came up short - victims reported that 95 per cent of the attacks bypassed the victim’s firewall(s); 77 per cent of the attacks bypassed email filtering; 52 per cent of the attacks bypassed anti-malware; and 33 per cent of the attacks were successful even though the victim had conducted security awareness training.

It’s no surprise that the major anti-malware companies including Sophos, McAfee and Kaspersky have been hunting the next big weapon in this arms race, and it seems that machine learning, and ultimately AI could well be it.

Ilia Kolochenko, CEO of High-Tech Bridge said: “Machines cannot replace humans, however can significantly help to automate various tasks and analyse huge amount of data to gain meaningful data to support a decision. This applies both for White and Black Hats: humans cannot be entirely replaced, but a lot of existing processes can be optimised, accelerated and improved.

In the past, Black Hats were using programming to develop viruses, while White Hats were using programming to develop antiviruses. Unfortunately, nothing can be done to prevent cybercriminals from leveraging the power of machine learning and big data in the future too. I predict we will see the AI equipped cyber-criminal of the near future utilising ever-more sophisticated attack techniques as a result.

High-Tech Bridge’s ImmuniWeb is based on its proprietary machine learning technology (Artificial Neural Networks) used for intelligent automation of vulnerability scanning and detection. The platform detects at least twice as many vulnerabilities than any automated solution would, including the most sophisticated ones that usually require human intelligence.

ImmuniWeb also provides the same quality, reliability and comprehensibility as manual penetration testing, but in a twice shorter period of time and thus at much more competitive price.

Mark Mayne has covered the security industry for more than 15 years, editing news for SC Magazine and editing SecurityVibes UK. Mark has a background in national news journalism and tech reporting, and has run b2b and b2c editorial sites.

User Comments
Add Comment

How it Works Ask a Question