However, we believe that the process presented in this post can be translated to other pure AI products as well. We chose Cylance for practical reasons, namely, it is publicly available and widely regarded as a leading vendor in the field. In this post we will show how we can reverse the model of an AI based EPP product, and find a bias enabling a universal bypass. A brain so powerful that it could not be fooled by any other mechanism. Such is the story of many “silver bullets” we have seen over the years, and inevitably such will be the story of AI and machine learning.ĪI has been touted as the silver bullet to end them all with significant marketing force - after all, if we can teach a machine to think like a human analyst, only with the addition of big data and almost infinite processing power, then surely, we will be able to create an invincible mechanism. With time, the silver appears to be just coating that soon starts wearing off and some brave souls start seeing it for what it is - another tool, hopefully an effective one, in the never-ending process which is cyber security. The mere whisper of its name adds trust to your product, gets you appearances in the most influential conferences, and helps seal that much-needed funding round. A few years and millions of marketing dollars later, it grows and becomes an absolute powerhouse. It starts small, with a few enthusiastic parent companies hailing the newborn prince as our savior, telling the stories of its invincible power. Once every few years, the cyber security world is blessed with the birth of a baby silver bullet. Read the full post to understand the research process itself, the inner workings of an advanced AI based EPP and how we found the universal bypass. This method proved successful for 100% of the top 10 Malware for May 2019, and close to 90% for a larger sample of 384 malware. Namely, by appending a selected list of strings to a malicious file, we are capable of changing its score significantly, avoiding detection. Combining an analysis of the feature extraction process, its heavy reliance on strings, and its strong bias for this specific game, we are capable of crafting a simple and rather amusing bypass. Namely, if you could truly understand how a certain model works, and the type of features it uses to reach a decision, you would have the potential to fool it consistently, creating a universal bypass.īy carefully analyzing the engine and model of Cylance’s AI based antivirus product, we identify a peculiar bias towards a specific game. TL DRĪI applications in security are clear and potentially useful, however AI based products offer a new and unique attack surface. If you have access to the enterprise edition and can confirm the fix, please let us know in the comments box at the bottom of the page. The vendor has told us the enterprise edition (CylancePROTECT) has been fixed, but we were unable to verify that. Just append these into any malicious executable to make Cylance believe it’s benign.Īs of today, the bypass is still exploitable on the home edition (Cylance SmartAV). Some more goodies include the “special sauce” - the list of strings that appears in Rocket League’s executable and are part of Cylance’s Model. We can now reveal that the undisclosed game we’ve used is “Rocket League”, but many others work just as well (we’ve tried Fortnite, for example). We took this opportunity to make some of the yet unpublished materials public. We had the honour to present our findings in today’s BSides Sydney ( Slides).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |