AI developed that destroys cyberattacks in 0.3 seconds

The team of researchers hope that the method, which both detects and kills harmful software in real-time, could help protect computers and smart devices

A new method that uses AI to detect and block cyberattacks in under a second has been invented by researchers at Cardiff University.

The method has been shown to successfully prevent up to 92% of files on a computer from being corrupted, taking just 0.3 seconds on average to destroy malware.

Publishing their findings in the journal Security and Communications Networks, the team from the University of Cardiff say this is the first demonstration of a method that can both detect and kill malicious software in real-time.

It is hoped the new method could transform approaches to modern cybersecurity, particularly for schools and universities that are perceived as high-risk.

Using advances in artificial intelligence and machine learning, the new approach, developed in collaboration with Airbus, is based on monitoring and predicting the behaviour of malware. This is opposed to more traditional antivirus approaches that analyse what a piece of malware looks like.

Prof Pete Burnap, co-author of the study, explains: “Traditional antivirus software will look at the code structure of a piece of malware and say ‘yeah, that looks familiar’. But the problem is malware authors will just chop and change the code, so the next day the code looks different and is not detected by the antivirus software.

“We want to know how a piece of malware behaves so once it starts attacking a system, like opening a port, creating a process or downloading some data in a particular order, it will leave a fingerprint behind which we can then use to build up a behavioural profile.”

By training computers to run simulations on specific pieces of malware, it is possible to make a very quick prediction in less than a second of how the malware will behave further down the line.

Once a piece of software is flagged as malicious the next stage is to wipe it out, which is where the new research comes into play.

To test the new detection method, the team set up a virtual computing environment to represent a group of commonly used laptops, each running up to 35 applications at the same time to simulate normal behaviour and added thousands of samples of malware.

Lead author of the study, Matilda Rhode, now head of innovation and scouting at Airbus, said: “While we still have some way to go in terms of improving the accuracy of this system before it could be implemented, this is an important step towards a real-time detection system.”

“This system would not only benefit our laptops and computers, but also our smart speakers, thermostats, cars and refrigerators as the ‘Internet of Things’ becomes more prevalent.”

Read more: UCL’s edtech accelerator programme launches in the Americas

Leave a Reply

Free live webinar & QA

The digital difference - Build a culture of reading with ebooks & audiobooks

Free Education Webinar with OverDrive

Friday, June 24, 2PM London BST

In this webinar, hear from Havant Academy Librarian Joanna Parsons to learn how she uses ebooks and audiobooks to help boost reading among her secondary students.