Even as advanced and exciting as the last 20 years of the Internet and digital technology has been, the latest innovations, particularly those in antivirus software, are soaring to astounding new heights.
While traditional antivirus protection services have used software signatures to root out viruses and other forms of malware, that has only served as a reactive measure to deployed bad agents. When malware has evolved into new forms, antivirus software has often been slow to match, resulting in catastrophic damage to personal and business systems.
That type of protection is beginning to evolve on its own to a proactive process in response to a 2017 survey by Cisco that found that 95% of all malware analyzed by that company’s defensive grid was fewer than 24 hours old. Clearly no reactive antivirus software can keep up with threats that are being created and launched inside of a single day’s time frame. Hackers and cyber criminals spend days, weeks, months, and years altering their creations to avoid detection.
To match that evolution, companies are beginning to adopt a method called behavior-based analysis, which puts the malware on the defensive for the first time.
Using Artificial Intelligence (AI) components like deep learning that allows machines to develop their own algorithms based on massive amounts of data, antivirus software companies like Bitdefender are moving past the traditional scan-and-quarantine method.
That deep learning process allows machines to identify patterns that might take humans months, years or even a lifetime to recognize, and can be built into recognizing attempts at malicious activities, such as locking users out of their own machines or hardwiring their way into the computer’s startup routine to where they are very difficult to detect or destroy.
By tracking what a piece of malware does rather than trying to determine what it is from its signature and a database that is always going to be at least a day slow on the upkeep, software engineers and programmers are taking the fight to the malware instead of merely waiting until it’s breached a system’s castle walls to start mounting a counteroffensive.
Not only does the analysis neutralize the types of malware, but it also has the capability to root out new, unknown forms as they are released. After all, cyber criminals aren’t holding conventions and press conferences to brag about their new forms of malware. They try to keep their best attempts a secret for as long as possible.
The one danger in this new form of fight against malware is employing it in cloud environments. Although cloud technology has upgraded significantly from where it was even five years ago, it still is far from an instantaneous process, no matter what the advertisers might try to tell you. What it offers inaccessibility it lacks in latency – the actual time that it takes from a signal or data to move physically from your computer to the cloud server and back.
Based on the operating power of the process required for the behavior-based analysis to accurately watch a system or a network, the current cloud environment would not be able to assess threats in real-time.