AI will be used to identify and block various types of difficult-to-find malware.

Machine learning and AI are critical to network security as cybercriminals around the world incessantly release new malware types that can morph and look like harmless files.

The AI runs on the R&S DPI engine, called PACE 2, which extracts file content and metadata to identify potentially dangerous executables caused by APTs.

Kihong Kim, CEO of Saint Security, writes:

“The ability of extracting file content extended the functionality of the network-based advanced malware response solution MNX to analyse all network traffic, services and protocols across all ports with an extremely fine granularity.”

Saint Security’s network protection techniques intercept possible APTs in a network. In order to fingerprint malicious activity and to unlock the full potential of their AI-based analysis methodologies.

The embedded DPI engine from Rohde & Schwarz Cybersecurity provides a deep understanding of the observed network traffic.

The PACE 2 DPI engine extracts file content and metadata such as files attached to emails (e.g. .pdf, .exe or .doc) or sent through files transfers from within the traffic in real time. This identifies potentially dangerous executables caused by APTs and set up advanced security and traffic management policies.

“The extracted information is key to better identify and investigate multi-stage, advanced persistent threats such as malicious emails or ransomware,” said Kim.