SpartanTec, Inc. Charleston: Will Artificial Intelligence Affect The Future Of Malware

The prospect of artificial intelligence driven systems becoming more attractive as we move towards the future. Artificial Intelligence could assist us in making decisions, provide power to smart cities, but also infect computers with various nasty malware strains.

Let’s look at what the future holds for malware.

What is Artificial Intelligence in Malware?

It’s easy to picture an AI-driven malware-like case where the AI is “gone rogue” and causing chaos. A malicious AI-controlled program would not send robots back in time. It would be more sneaky.

AI-driven malware refers to conventional malware that has been modified by Artificial Intelligence in order to be more efficient. AI-driven malware uses its intelligence to infect computers faster or make attacks more efficient. AI-driven malware is not a program that follows pre-written code. Instead, it can think for itself.

How can AI help to reduce malware?

Artificial Intelligence can be used to enhance malware in many ways. Some of these methods can be figurative while others are real-world.

DeepLocker Demonstrates Targeted Ransomware

Deeplocker is an AI-driven malware that has been deemed one of the most dangerous. Deeplocker was created by IBM Research as a proof of concept so it won’t be out there in the wild.

DeepLocker was created to show how AI can infiltrate ransomware onto a target device. Although ransomware developers may be able to launch a “shotgun blast” against a company, it’s unlikely they will infect all the computers. The alert might be too early for malware to reach most prominent targets.

DeepLocker was a teleconferencing program that smuggled in WannaCry. However, it didn’t activate any payload. Instead, it performed its duties as a Teleconferencing Program.

It would scan faces of people who used the software as it performed its task. It was designed to infect one person’s computer so it watched everyone who used the software. It would detect the target’s face and activate the payload. WannaCry would lock the computer down.

Adaptive Worms that Learn from Detection

AI is one possible use of AI in malware. A worm that “remembers each time an antivirus will detect it” is one example. Once it has learned what actions caused an antivirus to detect it, it stops performing the action and looks for another way to infect the PC.

This is especially dangerous because modern antivirus systems tend to follow strict guidelines and definitions. This means that worms don’t need to find a way into the system in order to set off alarms. It can then inform other strains about the weakness in the defense so that they can infect other computers more easily.

Independence from the Developer

Modern malware is very “dumb”. It can’t think for itself and make decisions. It does the tasks the developer assigned it before the infection occurred. The developer must broadcast the next set of instructions to the malware if they want the software to do something else.

This communication center is known as a “command & control” server (C&C). It must be kept secret. If the server is found, it can lead to arrests.

A C&C server is unnecessary if the malware is able to think for itself. The malware is released by the developer and the developer can just relax while the malware does the rest. The developer does not need to be careful about giving commands and can simply “set and forget” his malware.

Monitoring User Voices to Get Sensitive Information

An AI-driven malware can gain control of a target’s microphone and listen to what is being said nearby. The AI takes what it has heard and transcribes it into text. It then sends that text back to the developer. This makes it easier for developers who don’t need to listen to hours of audio recordings to discover trade secrets.

How can a computer “learn”?

Machine learning is a method by which malware can learn from its actions. This is an area of AI that deals with how computers learn from each other’s efforts. Because they don’t have to code for every situation, machine learning is a useful tool for AI developers. They tell the AI what is right and what is not and then allow it learn by trial and error.

AI-trained by machine learning faces an obstacle and will try different ways to get past it. It will initially fail to overcome the challenge. However, the computer will report on what went wrong and how it can improve. It eventually learns and tries many times to get the correct answer.

Machine learning is used by malware developers to find the best way to attack a system. The system logs any errors and makes a note of what caused them. The malware will continue to adapt its attack methods in the future for better results.

How can we defend ourselves against malware-driven AI?

Machine-learning AI exploits the way antiviruses currently work. This is the big problem with machine learning AI. Antiviruses like to follow simple rules. If a program falls within a certain niche, the antivirus blocks it.

AI-driven malware will not work according to hard and established rules. It will continue to probe the defenses in an attempt to get through. Once it is in, it will be able to perform its task without any interruption until the antivirus has received updates that are specific for the threat.

What’s the best way of fighting this “smart malware”? AI-driven antivirus programs are a great way to put out fire with fire. These programs don’t rely on static rules to detect malware like the current ones. They analyze the program’s behavior and stop it if it is acting maliciously according to the antivirus.