Although Project Ire is a prototype, Microsoft says the ‚AI agent‘ can (in some cases) reverse engineer any type of software on its own to determine if it’s malicious.
Microsoft says it’s developed a prototype AI program that can reverse engineer malware, automating a task usually reserved for expert human security researchers.
The prototype, dubbed Project Ire, was designed to tackle one of toughest assignments in security research: “Fully reverse engineering a software file without any clues about its origin or purpose,” the company said in a Tuesday blog post.
In one Microsoft test, Project Ire was able to correctly identify 90% of malicious Windows driver files. In addition, the AI program flagged only 2% of benign files as dangerous. “This low false-positive rate suggests clear potential for deployment in security operations, alongside expert reverse engineering reviews,” the company says.
Project Ire stands out from traditional antivirus engines, which often work by scanning files and programs for strings of computer code, known patterns, or certain behaviors, tied to past malware detections. The problem is hackers are constantly evolving their techniques to conceal malicious functions, making new attacks harder to catch.
