In the past, the world has suffered two large attacks on blackmail for ransomware, which locks photos and other files stored on the computer and then asks for a ransom.
Clearly, the world needs a better defense system. Fortunately, such a defense system has begun to appear, and although it is still in its infancy, the development process is still mixed. When these defense systems are perfected, we may also need to thank artificial intelligence.
Ransomware isn't more complicated or more harmful than other malware that attacks your computer, but it can be even more irritating and sometimes even a scourge. Most Trojan viruses don't directly eliminate your electronic files like ransomware machine learning , and they don't extort a few hundred dollars, which makes you tremble.
Despite the system vulnerabilities that need to be fixed on the computer, many people will not update the upgrade security software. However, two recent ransomware incidents have attacked computer users who have not installed the Windows system that was released a few months ago.
Of course, the security monitoring software itself has problems. According to security researchers, of the ransomware attacks this week, only two of the 60 security-supervised software tested successfully intercepted ransomware.
Ryan Kalember, a California security vendor expert, said, "Many legitimate applications run much like malware, especially on Windows systems, so it's hard to distinguish the two."
In the early days, malicious programs such as viruses can be identified and their code matched to known malware databases. But the technology still relies on the database, and once the new variant of malware appears, it can easily avoid monitoring.
As a result, security regulatory software companies began to monitor malware by identifying software operating modes. As for ransomware, the supervisory software can monitor the mode of operation of those files that are repeatedly encrypted and locked. But it also marks normal computer operations like file compression as malicious.
The updated technology involves finding a comprehensive way of operating. For example, Fabian Wosar, chief technology officer of New Zealand security company Emsisoft, said that a program that starts encrypting files without displaying a progress bar on the screen may be marked as a dark running mode. But it is also possible that the risk of locking out some files will result in too late identification of malware.
A better way to identify is to monitor some of the dominant features that are often associated with malware purposes. For example, some programs masquerade as PDF icons to hide the facts of their malware. This malware performance analysis does not require precise code matching, so malware cannot easily escape monitoring. And this monitoring can be performed prior to the operation of potentially dangerous programs.
Machine VS machine
Only two or three features may not correctly distinguish between malware and legitimate software. But what about dozens of features? How many? Even a few thousand?
To this end, security researchers turn to machine learning and are a form of artificial intelligence. The security system analyzes samples of malware and legitimate software and identifies the combined factors of malware.
When new software is encountered, the system automatically calculates the probability that it may be malware and blocks those that have a probability above a certain threshold. If some software wants to pass monitoring, you need to improve the calculation or adjust the threshold. Researchers sometimes encounter new malicious behaviors and make new adjustments on the machine.
An arms race
On the other hand, malware authors can also access these security monitoring tools and adjust the code to determine if malware can escape detection. Some websites have begun offering software testing for major security systems. Ultimately, malware authors may start their own machine learning model to defeat a secure artificial intelligence system.
Alperovitch, co-founder and CTO of California supplier CrowdStrike, said, "Even if a security system provides a 99% guarantee, how to avoid the 1% of multiple attacks is just a mathematical problem."
However, some security software companies using machine learning claim that they have successfully blocked most malware, and not just ransomware. SenTInelOne offers $1 million to block malware.
a fundamental challenge
Why can ransomware spread in recent weeks?
As many software combines running monitoring and machine learning technologies, even some free anti-virus software can block new forms of malware.
However, such software still relies on malware databases, and users are often unable to update the database in a timely manner. New generation service companies such as CrowdStrike, SenTInelOne, and Cylance tend to abandon databases and switch to machine learning.
But these services are primarily for corporate customers, and each computer charges $40 to $50 a year. Smaller companies often do not have such budgets.
Forgot to mention consumers, these security service companies have not yet sold products to them. Although Cylance plans to release a consumer version, the company says it will be a tough sale before someone is attacked by malware or knows a friend or relative.
As Cylance CEO Stuart McClure said: "How can you buy tornado insurance before the tornado attacks?"
MicroBT is a technology company which is based on block chain and artificial intelligence. Focusing on integrated circuit chip and products development, production and sales, and provide corresponding system solutions and technical services. We adhere the ideal"ultimate,win-win,integrity"to provide high quality products and service. Now MicroBT has passed the national high-tech enterprise certification.
As a chip design and produce company, completely design process and independent core technology. The core technology include algorithm,fine optimization of integrated circuit micro-structure ,low power technology, advanced chip packaging technology system level power and cooling technology. These core technologies and engineering methods have been successfully validated and applied in the mass production of our block chain server chips and products.
In addition to the current focus on the area of block chains, MicroBT is also responding to the national chip strategy. According to the company's development strategy and plan, MicroBT is planning to explore and extend its core R&D capabilities to other high-performance computing areas such as artificial intelligence through independent R&D and strategic cooperation.
MicroBT Whatsminer:MicroBT Whatsminer M50S,MicroBT Whatsminer M30S++,MicroBT Whatsminer M21,MicroBT Whatsminer D1,MicroBT Whatsminer M30S,MicroBT Whatsminer M10,MicroBT Whatsminer M31S+,MicroBT Whatsminer M20S
Microbt Whatsminer,M30S Microbt Whatsminer,Whatsminer Miner,M50 Miner,Asic Whatsminer
Shenzhen YLHM Technology Co., Ltd. , https://www.sggminer.com