AI profiler trained on 2.2 billion malicious codes.
“2.2 billion pieces of malicious code data were trained on artificial intelligence (AI). Just as fingerprints left at a crime scene catch a criminal, AI can analyze the traces left in the code to identify the hacker.”
Hacking leaves evidence. It is no different from the actual crime scene. Just as profilers in movies don't miss any traces, AI can play that role in the cyber world. Recently, security company Sands Lab developed an 'AI Profiler' technology that traces back malicious code. Ki-Hong Kim, CEO of Sands Lab (pictured), explained, “This is the principle of AI extracting specific codes from a file and analyzing it, just as DNA is analyzed by extracting the blood of a criminal.”
The official name of AI Profiler, 'binary reverse engineering-based attacker profiling technology', is a technology that has not been available in Korea until now. On the 8th, it obtained 'NET certification (new technology certification)' from the National Agency for Technology and Standards under the Ministry of Trade, Industry and Energy. NET certification is a certification granted by the government to companies that have been developed for the first time in Korea or have led commercialization by innovating existing technologies. The reason Sands Lab was able to complete the related technology is because of data. Sands Lab does not sell only solutions like other security companies do. It operates 'Malwares.com', Asia's largest malicious code inspection site. There are 2.5 million new malware gathered through Malwares.com every day.
Sands Lab thought about how to teach AI to teach malicious code efficiently. This is why the 'reverse engineering technique' was applied. Using the reverse engineering technique, it is possible to extract the original malicious code that is close to the machine language from the infected file. After that, it goes through a 'vectorization' process so that AI can learn the data well. CEO Kim explained, “Vectorization is to make the extracted attack code information into numeric data.” In this way, Sands Lab's AI Profiler was able to learn a total of 2.2 billion malware.
Current code tracking accuracy reaches 99%. It is also possible to understand the progress of an attack by analyzing all tactics, techniques, and procedures (TTP) that are important in responding to hacking. CEO Kim said, "Unlike existing solutions that only detect malicious code, we can predict future attacks based on new malicious code data." Nevertheless, it is explained that it is about 23% cheaper than the existing hacking response cost. The AI Profiler will be commercially available on the Malwares.com service next year.
Sands Lab will challenge the technology special listing in the second half of next year based on the AI technology it has accumulated. Last September, Kiwoom Securities was selected as the listing manager and is preparing for a technology evaluation in the first half of next year. Another good news is that its parent company, K-Sign, a password authentication management company, is diversifying its business. Recently, K-sign is expanding its business areas, such as blockchain management service for apartment houses and distributed identity authentication (DID) service for remote work. In other words, there are not a few fields that can create synergy with Sands Lab's data and AI technology. CEO Kim said, "We will introduce a service similar to Google's 'Virus Total', a global malicious code inspection platform."
