Licensed malware ‘vaccine’ generator for cybersecurity platform

Access to artificial intelligence and machine learning is rapidly changing technology and product development, leading to more advanced, efficient, and personalized applications by leveraging vast amounts of data. giant.

However, the same capabilities are also in the hands of the bad guys, who use AI to create malware that evades detection by widely used algorithms online. protect tools. Government agencies, banking institutions, critical infrastructureand the world’s largest companies and their most used products are increasingly threatened by malware that can evade anti-virus systems, hijack networks, temporarily cease operations and disclose personal and sensitive information.

A technology developed at the Department of Energy’s Oak Ridge National Laboratory and used by the US Naval Information Warfare Systems Command, or NAVWAR, to test the capabilities of security tools commercial license has been granted to cybersecurity company Penguin Mustache to create this technology. Evasive.ai . platform. The company was founded by the creator of the technology, former ORNL scientist Jared M. Smith, and his business partner, entrepreneur Brandon Bruce.

“One of ORNL’s core missions is to advance the science behind national security,” said Susan Hubbard, deputy head of science and technology at ORNL. “This technology is the result of our deep AI expertise applied to a major challenge—protecting the nation’s economic and cyber security.”

Smith, who worked in ORNL’s Cyber ​​Intelligence and Resilience Division for six years, created this technology—the adversarial malware input generator, or AMIGO—at the request of the Department of State. room. AMIGO was created as an assessment tool for a challenge given by NAVWAR for artificial intelligence applications that automatically detect and isolate cybersecurity threats. NAVWAR is an operational unit in the Navy that focuses on secure networks and communications.

“ORNL’s Cyber ​​Intelligence and Resilience Division is a global leader in security technology,” said Moe Khaleel, deputy lab director of the lab’s National Security Science Directorate. network security. “Bringing AMIGO to market will help protect our nation’s critical infrastructure from attack.”

“We’ve tested AMIGO in a real-world environment. It’s been thoroughly tested and validated to a high level of technical readiness,” Smith said. “The core technology is designed to build evasive malware, like viruses, that can bypass existing detection technology.”

Based on more than 35 million malware samples—some publicly available and others never seen before—AMIGO creates malware with optimal evasion along with the necessary training for security system to detect such malware in the future.

Smith likens this process to vaccine development. “It’s as if we created a million virus variants and a million vaccines to protect against them—we could narrow that down to one vaccine and immunize everyone. They are protected from the threat, but also protected by all the natural course of a future threat.”

Luke Koch, who in 2019 worked on the AMIGO development team through the DOE Office of Science’s SULI, or the University of Science Laboratory Internship program, is currently a doctoral student at the Research Center Bredesen Interdisciplinary and Graduate Education, a collaboration between ORNL and the University of Tennessee, and a graduate research assistant in the ORNL Cybersecurity Research Group. With Smith’s direction, Koch wrote the binary device code used in AMIGO.

“The commercialization of cybersecurity is important because our competitors are always looking for weaknesses throughout the supply chain,” said Koch. “A single flaw can disable an expensive and intelligent defense system.”

As the public increasingly understands the power of AI, the team is eager to see AMIGO integrated into Evasive.ai and deployed by national security agencies to protect assets and infrastructure government.

“Bad actors used artificial intelligence to power their attacks,” Bruce said. “As open AI tools improve, attempts to penetrate security systems will increase in number and sophistication.”

In addition, long-term use of the Evasive.ai platform can provide a more complete understanding of the mechanisms that contribute to adverse patterns. This insight will make the next generation of machine learning more solid defense.

And what do these have to do with penguins? The company’s playful name is a joke about the problem of a small mutation that helps the virus evade existing defenses—a penguin disguised with a mustache.