To Customer Support To Customer Support

Machine Learning In Security: Good & Bad News About Signatures

  • 30 March 2016
  • 6 replies
  • 7 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
30th March 2016  By Gunter Ollmann
 
Why security teams that rely solely on signature-based detection are overwhelmed by a high number of alerts.
 First in a series of two articles about the history of signature-based detections, and how the methodology has evolved to identify different types of cybersecurity threats.
 
Used in the context of an outdated and manually intensive technology focused on older classes of threats, there’s little wonder why vendors would seek to distance the legacy term “signature” from their advanced detection technology. Vendors haven’t necessarily been deceptive in the labeling of their latest generation of techniques; it’s often just easier to create a new label for something than to fully explain the context and evolution of what preceded it.
 
Over the years, signature-based systems have changed and advanced, but the core concepts still lie at the heart of all modern detection systems – and will continue to be integral for the foreseeable future. To understand what a “signature system” is in reality, we need to understand the evolution of the detection path as directed and discovered by human intervention.
 
Full Article

6 replies

Baldrick
Rank
Userlevel 7
Very interesting article...but very releavnt as we see more and more 'machine learningf' or machine based AI come to the fore...I am in fact testing one of these new breed of application and I have to say I am impressed...but even with this...there is not a 100% cast iron guarantee that they will always get the 'nasties'.
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
Well the way things are heading Baldrick I think it has to go that way with the nasties getting more and more complex.
Baldrick
Rank
Userlevel 7
But what happens as and when machine learning or AI gets into the malware domain...that does not bear thinking on to much, eh?
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
You read my mind, that is a nightmare situation and it hardly bares thinking about although it will come at some point.
 

Baldrick
Rank
Userlevel 7
LOL...and you read mine!
 

Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
durantash
Rank
Userlevel 7
Badge +37
Hi ,

when upload a file for webroot , webroot Cloud & ML can Automatically analyze it ?

Regards ,

Amir
Security Softwares & Antivirus Business & Market Analyzer * Write near 5000 Topics about AntiVirus on my Blog ( Persian Language ) : www.disna.ir ( more than 500 topics about Webroot ) * Do you know Where is Durantash ? my profile picture is part of Durantash ( Ziggurat , Chogha Zanbil )

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.