STE WILLIAMS

DEF CON Machine learning tools can create custom malware that defeats anti-virus software.

In a keynote demonstration at the DEF CON hacking convention Hyrum Anderson, technical director of data science at security shop Endgame, showed off research that his company had done in adapting Elon Musk’s OpenAI framework to the task of creating malware that security engines can’t spot.

The key to the system is to take legitimate-looking code and change just a few tiny parts of it to convert the software into attack code. Even changing small details can fool AV engines, he said, citing research by Google and others to show how changing just a few pixels in an image can cause a computer to mistake a bus for an ostrich.

“All machine learning models have blind spots,” he said. “Depending on how much knowledge a hacker has they can be convenient to exploit.”

So the team built a fairly simple mechanism to develop weaponised code by making very small changes and firing them at a security checker. By monitoring the response from the engine they were able to make lots of tiny tweaks that proved very effective at developing malware that could evade security sensors.

With 15 hours of training the software ran over 100,000 samples past an unnamed security engine. They were able to get 60 per cent of the malware samples past the security system’s defences.

This software-generation software will online at the firm’s Github page and Anderson encouraged people to give it a try. No doubt security firms will also be taking a long look at how this affects their products in the future. ®

Sponsored:
The Joy and Pain of Buying IT – Have Your Say

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/07/31/ai_defeats_antivirus_software/