Malware detection through artificial intelligence and neural networks?

12. November, 2019

artificial-intelligenceOnly a few current technologies are granted such a disruptive potential as artificial intelligence (AI). The imitation of human intelligence is a declared goal of many types of software development and is researched and promoted with various methods. Possible scenarios describe images in which individual occupational groups and service areas are only available via software.

The pure mathematical computing power of current systems has been unimaginable for a long time. However, human intelligence is unbeatable in some areas e.g. in the fast recognition of patterns, similarities and interpretation of context-dependent information, as well as in interpolation when only partial data is available. Neural networks try to optimize these weak points and to control them better by special artificial algorithms. At first glance, this has resulted in good results for individual applications. More precisely, however, the solutions are usually optimized for their specific context and cannot reach the flexible creativity of the biological models when the respective topic is left.

Dynamic and far-reaching changes: Ransomware, Phishing, Crypto-Mining

A common feature with new malware are the usually very creative approaches to the often deep system-related vulnerabilities. For a long time now, technology and software bugs have not been the only focus – phishing and the exploitation of human vulnerabilities offer a great gateway. The pattern recognition has already achieved significant success, but when it comes to calculating and combining different subcomponents, software algorithms are being pushed to their limits. In addition, security software that runs directly on the computer or smartphone does not have unlimited resources for complex neural networks – another point that speaks against the use of AI directly at the endpoint.

The pragmatic success model: the combination of several approaches and the network effect

Some computationally intensive pseudo-intelligent methods such as statistical recognition or qualitative pattern analysis complement very well the human skills and experience of qualified security experts. With timely analysis of many different security incidents and manual filtering of false positives, possible developments can be identified. The reduced information is then distributed to the various security systems as quickly as possible.

Another factor is crucial for a quick analysis and detection – the network effect. The more information clients and other sensors can evaluate, the better the results because statistical outliers and novel events become more visible. IKARUS works beyond its own in-house departments with renowned manufacturers such as FireEye and PaloAlto to achieve such a scale effect.

Security services: rapid detection and distribution is required

IKARUS pursues a future-proof combination: technological partnerships with other market leaders coupled with local data processing and service provision. This results in optimally adapted security solutions with local cloud services. Thus, IKARUS solves the contradiction between fast and high quality automated analyses: Security solutions for web and email gateways efficiently prevent attacks from reaching the endpoints at all.

Although artificial intelligence may be a widely used buzzword, other qualities are currently crucial for the important result in the area of security services.


The IKARUS scan.engine uses sophisticated and powerful scanning technologies to analyse all kinds of content. Its multi-architecture support includes Linux, Windows and Android platforms.

IKARUS with ATP uses the signatureless analysis methods and sandboxes of FireEye and PaloAlto in addition to the analysis methods of the IKARUS scan.engine for signatures, contents and behavior. All types of attachments are specifically examined for hidden attacks and executed for testing purposes.

IKARUS does not only protect against threats on website or in downloads. The different filter options such as viruses, URLs, file types, countries or browser filters also allow you to consistently implement your company policies.

Account Management
Indicators of Attack
Gefahren durch vertrauenswürdige Services
Threat Intelligence
SQL Injection
SMTP Smuggling
Cyber-Risiken in der Ferienzeit
Dynamische Cybersicherheit
Harmony Mobile by Check Point
EU Machinery Regulation
Sergejs Harlamovs, Malware-Analyst bei IKARUS

Plugin IdaClu accelerates malware analysis

IdaClu: IKARUS malware analyst Sergejs Harlamovs wins Hex-Rays plugin contest


IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Sales Hotline:
+43 (0) 1 58995-500


Support hotline:
+43 (0) 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm

Remote maintenance software:
AnyDesk Download