Deep Instinct is revolutionizing cybersecurity with its unique Deep learning Software – harnessing the power of deep learning architecture and yielding unprecedented prediction models, designed to face next generation cyber threats.

FROM AV TO DEEP LEARNING: THE EVOLUTION OF CYBER SECURITY

Past

The AV Era: Based on signatures and heuristics. Highly labor intensive and only effective against known threats.

Present

The Machine Learning Era: Now able to detect zero day malware. However detection capabilities are only based on human selected features and is therefore limited.

Future

The Deep Learning Era: Even higher detection rates are achieved with the ability to skip human engineering and analyze all the available raw data in a file.

The era of Antivirus solutions: The AV software isolates suspicious files based on existing file signatures, heuristic analysis and file reputation. This is only effective against known malicious threats and vulnerabilities.

As AI technologies start to mature, we enter the era of Machine Learning: Endpoint protection, detection & response is made possible by machine learning-based static analysis, heuristic behavioral analysis, and memory protection. Indeed a big step forward, but still not optimal. Machine Learning systems rely on feature engineering which is limited to the knowledge of the security expert who has to handcraft the features for detection. Machine learning-based solutions are still producing low detection rates for new malware and high false-positive rates.

Enter Deep Learning: The autonomy of the training and prediction stages are enhanced with Deep Learning, so that the algorithm can analyze all the raw data in a file, and is not limited by an expert’s capabilities. This represents a quantum leap in computer science. For cybersecurity this enables a more advanced level of protection; with higher detection rates of unknown malware, lowest false-positive rates and the ability to detect prior to execution, effectively in zero-time. 

Read More

Deep Learning Vs Machine Learning

 
Machine Learning
Deep Learning
General
Domain Expert
Machine Learning

Feature Engineering & Extraction
Requires a human domain expert to define and engineer features for conducting classification.

Deep Learning

Autonomous
Looks at all the raw data in a fully autonomous manner.

Extent of Analysis
Machine Learning

A Fraction of Available Data is Analyzed
By converting the data into small vector of
features, e.g. statistical correlations, it is
inevitably ignoring most of the data.

Deep Learning

Processes 100% of Available Raw Data
one of the major strengths of deep learning is the massive number of characteristics from the raw data that it processes to obtain a decision.

Scalability
Machine Learning

Limited in its Scalability
although machine learning can scale across diverse datasets, there is an information threshold, which if reached, additional data training doesn’t provide any further accuracy.

Deep Learning

Improves on With More Exposure
The deep neural network continually improves as the training data set constantly grows, it is the only method that benefits from scaling into hundreds of millions of training samples.

Cybersecurity
File Coverage
Machine Learning

Limited File Types are Covered (only PE)
Today, only PE files are supported. As the feature extraction process is time and cost intensive, it’s difficult to extend the range of file type coverage.

Deep Learning

Coverage for Most File Types
Deep learning is input-agnostic, and therefore not file type dependent. This allows deep learning to be easily applied without requiring substantial modifications or adaptations.

Number of False Positives
Machine Learning

High Level of False Positives Due to the feature selection approach, these models routinely misidentify benign files as malicious (false positives), resulting in a significant and unnecessary resource drain.

Deep Learning

Low Level of False Positives
As the deep learning algorithm analyzes 100% of the data and is not subject to human error, false positives are dramatically diminished.

Susceptibility to Adversarial Attacks
Machine Learning

Highly Susceptible 
Traditional machine learning uses engineered features. These can be easily modified by attackers to bypass the AI model, as has been documented with commercial Next-Gen AVs.

Deep Learning

Minimally Susceptible
End-to-end deep learning models, using raw features such as raw byte content, are more robust and resilient to adversarial attacks.

Learn More