As hackers start getting better and better, both Microsoft and Intel have worked together to combat these security rodents. The two companies have worked together to find a new way for the computer to detect a virus by training their antivirus program to "see" certain signs of malicious behavior within the computer code.
The new approach by Microsoft and Intel works by first converting the malware's programming code into 2D images. These images can reveal certain patterns sensed by an AI-powered program to reveal traits indicating malicious behavior.
According to Microsoft's blog post, if the malware binaries are actually plotted in grayscale images, the texture, as well as the structure patterns, can then be used to classify binaries as being either benign or even malicious.
In order to pull this method off, the companies work by first converting the malware's programing into a certain one-dimensional stream of digital pixels. Once this is done, their study then explains that each byte in the malware's own code can then be imaged to work to a different level of pixel intensity.
The researchers then proceed to expand the pixel streams into 2D images just by using the malware's own file size. The file size conversion is done by determining the width and height. This sort of method has allowed the Microsoft-Intel's antivirus program to properly see the malware's own characteristics and evolve to train itself to discern using its own extended capabilities.
This certain approach was given the name STAMINA and is already showing some pretty promising results. In a certain test using the real-world malware samples, the antivirus was actually able to achieve an accuracy of 99.07 percent with only a false-positive rate of just 2.87 percent.
The companies actually developed STAMINA in order to address the certain drawbacks that they are experiencing with today's antivirus technology. This specific detection approaches can also be utilized in disassembling a piece of malware into metadata in order to find traces and signals of certain dangerous behavior.
Although effective, hackers still seem to find a way to consistently come up with certain bypasses that can hide the malicious intentions inside the data. The whole anti-virus detection has become a cat-and-mouse game for hackers and the anti-virus.
Fight against malware
STAMINA is working towards adding a new tool in order for it to ferret out the malware. Microsoft said that the joint research with Intel is actually a good starting ground for even more potential collaborative work.
Microsoft used the example of the researchers' plan to collaborate in order to further accelerate the platform's utilization making it capable of allowing deep learning models that the program can deploy on client machines while only needing minimal performance impact.
However, the company is still aware that their approach still has key limitations. This includes trouble dealing with files of larger sizes. Converting those larger files into 2D images would then require them to convert billions of pixels which would result in making the process less practical to use.