Microsoft introduced a new artificial intelligence (ai) agent on tuesday that can autonomously analyse and classify malware. Dubbed Project Ire, The AI System is currently available as a prototype, although-based tech giant has tested its tested its capabilities in controled environments and in real-world Scenarios. It can fully reverse engineer software without human intervention and conduct analysis at multiple legs to assess where the software is benign or malware. The AI agent is said to have shown a high level of precision in a cybersecurity space where ai generally does not work independent.
Project Ire
In a blog post, the tech giant detailed project Ire and explained its capabilitys. The agentic system was built as a result of collaboration Between Microsoft Research, Defender Research, and Microsoft Discovery & Quantum Divisions. The company says the agent is powered by Several “Advanced Language Models” and a suite of tools designed for binary analysis of software.
Microsoft Says that its Defender Platform Analys more than one billion monthly active devices, which can be challenging for human analysts. However, so far the company has not opted for ai usage in this space, Since Reverse Engineering Software to Detect Malware is a Complex Process.
Unlike Other Areas of Cybersecurity, Assigning Software as Malware Software often come with reverse engineering protections, which do not allow analysts to make a definition assessment on where the software is benign or malicious.
Of course, there are workarounds, but they require investigating Each Sample Incrementally, Building Evidence with Each Each Analysis, and validating the Findings Baseding
As per microsoft, project ire overomes these complexities by leveragging specialized tools that allows that allow the ai agent to reverse engineer software autonomously at differentials. These include low-level binary analysis, control flow reconstruction, and high-level code behavior interpretation.
When functioning, the prototype system first identifies the file type, structure, and potential area of interest. After that, it reconstructs the control flow graph of the software using different frameworks. Then, iteatively conducts function analysis to identify and summarise key functions.
With Each ITERATION, Project Ire also also creates a detailed, Auditable report highlighting the evidence it found. This evidence log can also be reviewed by human analysts and acts as a final line of defense in case of misclassification.
The ai agent has also been equipped with a validator tool that can cross-check the evidence in the report against experts with statements from malware reverses engineers Based on Preliminary Tests, Microsoft Claims That Project Ire Was Able to Correctly Identify 90 Percent of All Files, and Only Flagged Two Percent of Bene Software as Malware, ACHIEVING ACHAIVING 0.98 and a recall of 0.83.
Interestingly, the ai agent has also been tested in real-windenarios. Microsoft asked it to review Nearly 4,000 Unclassified Files. These files were classed to be created after the agent’s training cutoff; So it could not have learned about them from the training date.
Operating fully autonomously, project ire achieved a precision score of 0.89, correctly identifying nine out of 10 files, the tech giant claimed. The False Positive Rate was claimed to be four percent.
“Based on these early successes, the project Ire prototype Said.
