Google has unveiled the launch of 'Magika', a new AI-powered file identification tool designed to track down and identify malicious files and correspondence in a bid to tackle growing malware threats.
The tool, which Google confirmed will be open sourced, is a custom deep-learning model able to complete “precise file identification” within milliseconds, even when running on a CPU.
Magika outperforms other existing file detections systems by about 20% when evaluated on a 1M files benchmark encompassing over 100 file types, according to Google.
Similarly the tool performs well on textual files, including code files and configuration files, which other tools have traditionally struggled with.
For Melissa Ruzzi, it's another tool in the armory of those who have a stake in the cyber security landscape.
“AI can help improve security by finding patterns and analyzing data much faster than any human can,” Melissa Ruzzi, director of AI at SaaS security company AppOmni, told ITPro.
“With the constant growth in complexity and volume of attacks, humans need the help from AI to keep up,” she added.
Magika can identify a varied set of files
This new AI offering has already been rolled out internally, according to Google - and so far the results have been promising. Users have reported an improvement of 50% in file identification accuracy based on a weekly average of “hundreds of billions of files” compared to its previous system of file identification.
It’s allowed the tech giant to scan 11% more files and reduce the number of unidentified files to 3%.
"Internally, Magika is used at scale to help improve Google users’ safety by routing Gmail, Drive, and Safe Browsing files to the proper security and content policy scanners," the company said in a blog post.
There are certain limitations to the tool, however. The current threat landscape is varied and companies are often vulnerable on a dizzying amount of levels. As Ruzzi was careful to point out, Magika isn’t going to be a quick fix for every threat out there.
“This is not a silver bullet – a lot of other entry points, like stolen credentials and vulnerabilities, will still be present,” Ruzzi said.
“Attackers often move laterally -- they first steal private credentials and then try using them to log into the workspace, which works a lot of time because people tend to use the same password or similar passwords for their personal and work accounts.”
While Magika could offer a solid rebuttal to the likes of phishing attacks, which have surged in recent years, there are myriad other entry points that cyber criminals and threat actors can leverage to gain unauthorized access.
Magika shows Google is being proactive in AI-powered cyber tools
Though its threat protection is far from comprehensive, Magika is a sign that AI-driven cyber security is increasingly becoming a focus for big players like Google.
By open sourcing the model and making it freely available on GitHub, Google is offering something to the cyber security community as a whole, allowing developers to use and modify Magika with other software.
Google is also looking to integrate Magika with VirusTotal so as to complement its existing code insight function by acting as a pre-filter for file identification.
As security threat mitigation processes go, file identification is a difficult one, with variation in file structures often demanding tailor made systems.
RELATED WHITEPAPER
This can make the construction and implementation of file identification software time-consuming and error prone.
Though cyber security professionals will have to bear in mind the areas which Magika leaves vulnerable, it's still a useful tool in streamlining the file identification process as part of broader cyber security procedures, according to Ruzzi.
“The cyber security domain is very complex and unique, so specific AI needs to be developed for this field,” Ruzzi said.
The more companies use AI for cyber security, Ruzzi said, the better it can get, as companies will benefit from access to a more holistic, more specialized set of tools.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Foreign AI model launches may have improved trust in US AI developers, says Mandiant CTO – as he warns Chinese cyber attacks are at an “unprecedented level”News Concerns about enterprise AI deployments have faded due to greater understanding of the technology and negative examples in the international community, according to Mandiant CTO Charles Carmakal.
-
Adopting more security tools doesn't keep you safe, it just overloads your teamsNews Security tool sprawl makes it harder to manage environments and overwhelms teams
-
Google’s Big Sleep AI model just found a zero-day vulnerability in the wild — but don’t hold your breath for game-changing AI bug hunting tools any time soonNews Google clarified it was the first undiscovered memory safety bug to be flagged by an AI agent, touting this as a significant step in using AI for vulnerability research
-
Australia and Google turn to AI to protect critical infrastructureNews Australia's CSIRO partners with Google to develop homegrown AI security tools for infrastructure
-
Google Workspace just got a slew of new zero trust features to help supercharge user security – here's what you need to knowNews New Zscaler integrations across Chrome Enterprise, Google Workspace, and Google Security Operations aim to enhance enterprise security and access
-
Google says Microsoft can’t be trusted after email security blunders
News Google has fired a broadside at Microsoft amid concerns over the tech giant's repeated security blunders
-
Google forced to delete billions of incognito browsing records after privacy controversyNews Google has agreed to delete data it gained improperly through its private browsing function
-
Google spent $10 million on bug bounty payouts last year — here's what flaws researchers uncoveredNews Google’s Vulnerability program paid rewards to 600 researchers in 2023, with Android flaws earning a third of the total
