on this page
- 17 Nov
In this briefing, I will discuss the malware problem from the detection and the prevention perspectives. There are various types of malwares these days. Some of them are very dangerous such as zero-day, spy-ware, ransomware and warfare malware. Some of malware categories are less invasive and destructive such as adware. The targets of malware are also various such as desktops, mobile devices, servers, network devices. The goals are also various which can be commercial, political or just show off.
In recent times, huge efforts were put to detect malware using machine learning and other contemporary science and tools such as deep learning, AI and other top notch and state-of-the-art technologies. This type of detection assumes that the malware had already got in through the network and we are trying to detect and maybe prevent it.
I agree that we should assume malware, especially new and unknown before will get in, but there should be ways to prevent its execution, even though it had gotten in.
Machine Learning and companion or competitor technologies have achieved high rates of accuracy in malware detection that can reach up to 99%, but is this really enough?
To give machine learning the credit it deserved, I will go over our most recent research using machine learning to detect malware using the best available datasets. After being in this for a while I have reached a conclusion that this might not be the right path to reach full resilience against malware execution against the well of the computer and its owner.
In this briefing, I argue that a more effective approach in detection and prevention malware is to rely on the Operating System to prevent the execution of any instruction coming from a malicious piece of code.