Google took advantage of the RSA Conference 2023, which brings together players from the world of IT security, to present Code Insight, an analysis and reporting tool based on AI, to a whole panel of professionals.
VirusTotal, a site owned by Google “which allows the analysis of suspicious files and facilitates the rapid detection of viruses, worms and Trojan horses”, now offers a malware detection tool named Code Insight. It leverages the broad Sec-PaLM language model hosted in Google Cloud to make the work of cyber defenders easier.
To read – Cybersecurity: France is the 5th country most targeted by ransomware attacks
Recent advances in machine learning and LLMs are creating a new generation of security software like Code Insight. This one generates “a natural language summary” suspicious bits of code that the experts will give him to study, which should greatly speed up their task. Currently, this feature only scans a subset of PowerShell files, which sometimes expose significant security vulnerabilities, but the company says other file formats will be supported very soon.
Google puts AI at the service of virus detection with Code Insight
To illustrate the capabilities of Code Insight, VirusTotal provides an example on its blog of a Discord bot used to steal user credentials. When presented with a PS1 file of dubious origin, the application explains in terms anyone can understand how the malicious code works, what its purpose is, and the what to do if he complied on your computer.
That said, sometimes developers need to install programs that request extended rights on their system. They are most often harmless, but can be considered malicious by antivirus. Code Insight can tell the difference between this software and real malware. It helps experts recognize false positives from false negatives, by “conducting its independent analyzesrelying solely on the content of the processed file, without accessing antivirus results or metadataā€¯.
Source : VirusTotal
