Microsoft created AI to analyze software: how it detects malicious files.

Microsoft has released a new prototype of an autonomous AI agent called Project Ire, which can independently analyze software for maliciousness. This system can perform reverse engineering without prior information about the file, simplifying the analysis process.

Operation of Project Ire and its tasks

The AI agent Project Ire uses decompilers and other tools to gather data and assess the security of files. An important feature is the transparent chain of evidence in the system's operation. The main goal of the project is to reduce the number of errors and fatigue for analysts, accelerate response to threats, and increase protection against new types of attacks.

Tests and results

In tests on Windows drivers that contained both malicious and safe files, Project Ire correctly classified 90% of files, with only 2% false positives categorizing safe files as malicious. In another experiment involving 4,000 files, the system accurately detected 9 out of 10 malicious files, identifying only a quarter of all real threats.

Microsoft acknowledged that the test results are far from ideal, but sees potential for future improvement and deployment of the system. Earlier reports were made about an AI malware that managed to bypass Windows antivirus.

Information about new rules for artificial intelligence in the EU

New rules regarding the use of artificial intelligence in the European Union have come into effect. Stay updated with news from Korrespondent.net on Telegram and WhatsApp directly in our channels.