New Blog Post | Using fuzzy hashing & deep learning to counter malware detection evasion techniques

%3CLINGO-SUB%20id%3D%22lingo-sub-2592214%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Using%20fuzzy%20hashing%20%26amp%3B%20deep%20learning%20to%20counter%20malware%20detection%20evasion%20techniques%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2592214%22%20slang%3D%22en-US%22%3E%3CDIV%20id%3D%22tinyMceEditorJasonCohen1892_0%22%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Figure1-File-properties-of-first-vs-new-GoldMax-variant.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F298763i5492AB02B4CB6231%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Figure1-File-properties-of-first-vs-new-GoldMax-variant.png%22%20alt%3D%22Figure1-File-properties-of-first-vs-new-GoldMax-variant.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2021%2F07%2F27%2Fcombing-through-the-fuzz-using-fuzzy-hashing-and-deep-learning-to-counter-malware-detection-evasion-techniques%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECombing%20through%20the%20fuzz%3A%20Using%20fuzzy%20hashing%20and%20deep%20learning%20to%20counter%20malware%20detection%20evasion%20techniques%20%7C%20Microsoft%20Security%20Blog%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EWe%20have%20previously%20discussed%20how%20we%20apply%20deep%20learning%20in%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2019%2F09%2F03%2Fdeep-learning-rises-new-methods-for-detecting-malicious-powershell%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Edetecting%20malicious%20PowerShell%3C%2FA%3E%2C%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2020%2F05%2F08%2Fmicrosoft-researchers-work-with-intel-labs-to-explore-new-deep-learning-approaches-for-malware-classification%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Eexploring%20new%20approaches%20to%20classify%20malware%3C%2FA%3E%2C%20and%20in%20detecting%20threats%20via%20the%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2020%2F07%2F23%2Fseeing-the-big-picture-deep-learning-based-fusion-of-behavior-signals-for-threat-detection%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Efusion%20of%20behavior%20signals%3C%2FA%3E.%20In%20this%20blog%20post%2C%20we%20discuss%20a%20new%20approach%20that%20combines%20deep%20learning%20with%20fuzzy%20hashing.%20This%20approach%20utilizes%20fuzzy%20hashes%20as%20input%20to%20identify%20similarities%20among%20files%20and%20to%20determine%20if%20a%20sample%20is%20malicious%20or%20not.%20Then%2C%20a%20deep%20learning%20methodology%20inspired%20by%20natural%20language%20processing%20(NLP)%20better%20identifies%20similarities%20that%20actually%20matter%2C%20thus%20improving%20detection%20quality%20and%20scale%20of%20deployment.%3C%2FP%3E%0A%3CP%20class%3D%22%22%3EThis%20model%20aims%20to%20improve%20the%20overall%20accuracy%20of%20classifying%20malware%20and%20continue%20closing%20the%20gap%20between%20malware%20release%20and%20eventual%20detection.%20It%20can%20detect%20and%20block%20malware%20at%20first%20sight%2C%20a%20critical%20capability%20in%20defending%20against%20the%20wide%20range%20of%20threats%2C%20including%20sophisticated%20cyberattacks.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2592214%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%20Defender%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EThreat%20Protection%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft
 

Figure1-File-properties-of-first-vs-new-GoldMax-variant.png

Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion...

We have previously discussed how we apply deep learning in detecting malicious PowerShell, exploring new approaches to classify malware, and in detecting threats via the fusion of behavior signals. In this blog post, we discuss a new approach that combines deep learning with fuzzy hashing. This approach utilizes fuzzy hashes as input to identify similarities among files and to determine if a sample is malicious or not. Then, a deep learning methodology inspired by natural language processing (NLP) better identifies similarities that actually matter, thus improving detection quality and scale of deployment.

This model aims to improve the overall accuracy of classifying malware and continue closing the gap between malware release and eventual detection. It can detect and block malware at first sight, a critical capability in defending against the wide range of threats, including sophisticated cyberattacks.

0 Replies
www.000webhost.com