1. Introducing deep learning to Intercept X Early Access Program
Karl Ackerman
Principal Product Manager
Sep 2017

2. Intercept X addresses the critical problems faced by IT
ADVANCED
MALWARE
ACTIVE ADVERSARY
LIMITED
VISIBILITY
The threats remain only the tactics change. Adversaries continue to adjust how they attack organizations and their objectives shift. The proliferation of new malware is at record levels and the tools available to the adversaries are more and more sophisticated. It is now easy for someone to learn the basics of how to attack a company and for them to leverage online services to launch automated attacks. When breached organizations now often have regulatory requirements to understand how it happened and if critical data was at risk or PII data was involved.

3. Early Access Program Feature Summary
Phase I - Active Adversary
Phase II – Deep Learning
Credential Theft Protection
Process Protection
New Registry Protections
Improved Process Lockdown
Deep Learning Model
False Positive Mitigations
Directed Clean-Up
In this presentation we will focus on Phase II of the early access program, the introduction of deep learning to detect malicious executables. With this update comes new false positive suppression and a quarantine management capability to allow admins to easily restore a legitimate application if it is classified as malicious.
Join the Community Forum

4. When can machine learning help
The problem has to be well defined and the question clear, we need sufficient data and the results have to be accurate
Is this Malware, an unwanted application or legitimate software?
We have a good question
Do we have enough data?
Is it accurate enough to use?
If you don’t have a good question then getting an answer is hard, so have a good question.
For ML to work it needs training data, we have plenty of data
ML provides a probability of classification, and with malware classification the accuracy has to be really really high. False Positives create a big problem when it prevents your users from doing their day to day work. Bricking a machine is not acceptable.

5. Why cyber security is transitioning to machine learning
The Volume of malware is staggering
1990’s - Signature based Anti-Virus
1-1 map of ‘checksums’ to malware
String Scanning
Requires a Victim to report the malware so a new signature can be built
,000,000
Total malware
The volume of malware is simply astounding, 400K unique malware samples per day pass through sophos labs. The days of check-sum checking is long gone.
Circa – 1992
1,500
Circa ,000

6. As volume grew AV responded with decision trees
“ Signature-based scanning only detects known malware”
Symantec– ‘Heuristic Techniques in AV Solutions: An overview’ Feb 2002
“ The virus problem will be with us forever”
Dr Alan Solomon – ‘Computer Virus History 1‘ 2002
Polymorphic malware becomes common
AV responds by building decision trees
Malware authors respond by encrypting
AV responds with software emulators
By 2005 – AV companies with just ‘check summers’ were dead
By 2015 decision trees are beginning to fail
Seen on 100 network workstations
Has suspicious headers
Malicious
Legitimate NO
YES
Is digitally signed
Contains Encrypted Data
In response to increased volume AV companies built string scanning to look for known components of malware and eventually built large complex decision trees to identify malware.
These decision trees depend on humans to identify the questions to ask when trying to determine if something is malware or not.
Traditional AV is playing a game of 20 questions, only the number of questions has grown beyond 20

7. Machine Learning Basics
Example of tradition ML approach
Training data- Question what gender is the person?
Answer
Height
Male
6’ 0”
5’ 11”
5’ 7”
Female 5’
5’ 6”
5’ 5”
5’9”
Training data- Question what gender is the person?
Answer
Height
Weight(lbs)
Shoe size
Male
6’ 0”
180 22
5’ 11”
190 11
5’ 7”
170 12
165 10
Female 5’
100 6
5’ 6”
150 8
5’ 5”
130 7
5’9” 9
Using a mathematical algorithm to create a prediction model
Identify the attributes you will measure
Determine the statistical correlation between the answer and the attributes
Leverage training data to increase the accuracy of the prediction
After the training period you get a model
The model can now evaluate attributes of new data to make a prediction
Reverend Thomas Bayes published this approach over 200 years ago(1763), it began getting used by computer scientists in the 1980’s
Test data
Answer
Height
Weight(lbs)
Shoe size ? 6’
130 8
Test data
Answer
Height ? 6’
Naïve Bayes model would predict the test subject is female

8. Traditional machine learning ‘False positive’ rate was abysmal… (Circa 2012)
Traditional machine learning depends on an expert to identify the attributes to measure
Machine learning was not ready yet
The detection rate was pretty good
But legitimate software gets identified as malware too often
Machine learning model evaluation (k Nearest Neighbor)
Source – ‘Analysis of Machine Learning techniques used in behavior-based malware detection’ 2009
Malware
Legitimate software
True positive
Real malware detected
94.3%
False positive
Legitimate software that is detected as malware
8.1%
False negative
Undetected malware
5.7%
True negative
Legitimate software that is detected as good
91.9%

9. When can machine learning help
The problem has to be well defined and the question clear, we need sufficient data and the results have to be accurate
Is this Malware, an unwanted application or legitimate software?
We have a good question
Do we have enough data?
With over 400,000 new malware per day we have plenty of data
Is it accurate enough to use?
Traditional machine learning fails this test
If you don’t have a good question then getting an answer is hard, so have a good question.
For ML to work it needs training data, we have plenty of data
ML provides a probability of classification, and with malware classification the accuracy has to be really really high. False Positives create a big problem when it prevents your users from doing their day to day work. Bricking a machine is not acceptable.

10. “ “ Machines take me by surprise with great frequency - Alan Turing
Despite that fact its become a marketing buzzword, Machine Learning is not a new concept. Alan Turing was a famous computer scientist who was working on this as far back as WW2.
Alan Turing was English computer scientist who lived during the 2nd World War and passed away in early 1950’s. He was well known for many things, very influential in the development of theoretical computer science, and may be best known for the creation of the Turing Machine – Alan called it an “automatic machine” and it worked through mathematical models of computation.
- Alan Turing

11. Deep Learning Artificial Neural Network
Deep Learning is a machine learning algorithm. An artificial neural network is a computational model used in computer science and other research. The goal of these two working together is to solve problems, and make connections in the same way that the human brain would but would much too complex to program in a traditional way. An easy way to conceptualize this idea is to think of a strong memory from your childhood.
I like to think back to when I was young. I used to visit an Italian bakery every other weekend with my father and eat a delicious cannoli. I can almost taste the crispy shell, the soft filling and the sweet chocolate chips. To this day, when I walk by an Italian bakery, that same childhood memory comes rushing back. Perhaps, it is the smell wafting down the street or the large storefront window with delicious pastries being displayed. It is a combination of many different senses working together that trigger the memory for me.
Deep learning neural networks function in much the same way. They tie together clusters of attributes in just the right combinations that trigger a “hit.” This methodology happens to be able to ingest many more memories (or malware samples in this case) than a human brain or other anti-malware solutions on the market.

12. Introducing deep neural networks
Allows organic learning
learn complex features from raw data
Eliminates the bias introduced by the human identification of attributes
Smaller model, faster and more accurate
Traditional machine learning
Attributes identified by experts
Similarity and correlation determined by statistical evaluation
Each step required a human to identify what to measure
ML can make human like processes better, and when allowed to learn on it’s own it is amazing.

13. Deep neural networks for malware detection(Today)
‘A quantum leap over traditional machine learning’
Invincia , Josh Saxe – ‘A quantum leap over traditional machine learning’ June 2017
Self learning
Deep learning automates the identification process and eliminates human bias
Intrinsically scales
Hundreds of millions of malware examples used in training
Adding over 400K per day
Memory requirements remain constant
Gets even better with more data
Unparalleled accuracy
Proven ability to detect never before seen malware better than traditional AV
Eliminates the need for a victim to report the new malware
Machine learning model evaluation (Deep learning)
Source – Sophos Labs testing of new executable malware, 2017
Malware
Legitimate software
True positive
Real malware detected
>99%
False positive
Legitimate software that is detected as malware
<1%
It is here that deep learning neural networks come to the rescue. Deep learning, named after the complex, interconnected neural pathways of the human brain, Unlike other types of traditional machine learning, our deep learning model processes data through multiple analysis layers, each one making the model considerably more powerful. This allows it to uncover the best combination and manipulation of inputs that would otherwise be impossible for humans to determine. There are lots of different types of machine learning, deep learning is just one type of model, but one we rely on heavily here at Sophos.
Some stats we see with Neural Networks. Expect to see some 3rd party documents and evaluation.
False negative
Undetected Malware
<1%
True negative
Legitimate software that is detected as good
>99%

14. When can machine learning help
The problem has to be well defined and the question clear, we need sufficient data and the results have to be accurate
Is this Malware, an unwanted application or legitimate software?
We have a good question
Do we have enough data?
With over 400,000 new malware per day we have plenty of data
Is it accurate enough to use?
Yes it is
If you don’t have a good question then getting an answer is hard, so have a good question.
For ML to work it needs training data, we have plenty of data
ML provides a probability of classification, and with malware classification the accuracy has to be really really high. False Positives create a big problem when it prevents your users from doing their day to day work. Bricking a machine is not acceptable.

15. Intercept X - Deep learning neural network
Faster
Deep learning detections in miliseconds per file
Traditional ML milliseconds per file
Smaller
Deep learning models are about MB
Traditional ML models can get huge 500 MB-10 GB
Smarter
Deep learning provide proven higher detection rates that improves with more data
Traditional ML has Lower detection rates and diminishing returns with more data

16. Intercept X will classify into three categories
Potentially unwanted applications (PUA)
Spy-ware
Ad-ware
Browser tool garbage
Sophos deep learning classifies software as Malicious, PUA or Legitimate
Knowing that it is not malware but still unwanted allows admins to make security decisions quicker
No one wants to authorize malware
But some administrators will need to authorize PUA’s
Deep learning classification
Malware
Legitimate Software
Potentially Unwanted Application
Multi-variant classification model
Admins need to know

17. Augmented deep learning, pushing the envelope
False positive suppression
Sophos Live Protect
The most current Sophos Labs opinion on new and rare software (requires on-line connection)
Suppression rule updates
Encapsulate the sophos labs false positive suppress rules in small updates available to the endpoint. (available off-line)
Customer override
Admins can suppress a detection for known legitimate software, by hash, file name/path and certificate (available off-line)
File metadata reaches Sophos to improve the deep learning model over time (requires on-line connection)
Admins can disable files submission to Sophos
Why FP suppression is important
Allows deployment with minimal training period
Allows use of a more aggressive detection model
Dramatically lowers false positive rate
Results in less frequent updates to the deep learning model over time
Augmented deep learning
Malware
Potentially unwanted
Exclude Sophos FP suppression
known legitimate applications
Exclude customer curated allowed applications
FP suppression,
Allows us to push a more aggressive model while maintaining low FP.
Deploy on Day 1, no training required.
If a FP happens you have the tools to suppress and restore immediately
Quarantine
Legitimate software

18. But… malware is more than just executables
Only 56% of malware is an executable that can be evaluated by machine learning
Most attacks involve more than one approach to compromise the system
A drive-by exploit installs a dropper on the device that then deploys malware
An office document or pdf with a macro, connects to a command and control server, performs rapid file encryption or deploys malware
Active adversaries can ‘live off the land’ and never deploy files
Leverage existing vulnerabilities to penetrate the system
Migrate to a privileged process
Load malware directly into running processes
Extract critical documents and user authentication credentials
File based malware
Fileless malware Active adversaries
Portable executables
Documents and media files
Scripts, Java, web pages
Other
Exploit driven attacks
Application behavior abuse
56%
30%
11% 3%
90% of breaches use an exploit

19. Prevent ransomware attacks
CryptoGuard – Behavior monitor
Simple and comprehensive
Universally prevents spontaneous encryption of data
Restores files to known state
Simple activation in Sophos central
CRYPTOGUARD
Exploit Kit or Spam with Infection
Command & Control Established
Local Files are Encrypted
Ransomware deleted, Ransom Instructions delivered
Exposure Prevention
Web protection
Download reputation
Device control
Runtime Detection
Runtime behavior
Exploit Detect & Prevent
Malicious Traffic Detection
Synchronized Security
Behavior
Intercept X
Monitor ALL Processes
Restore encrypted files
Execution Prevention
File analytics
Heuristic evaluation
On-device emulation
Signature checking

20. Prevent active adversaries
Credential theft protection
Active adversary protections
Code cave prevention
Malicious process migration
Process privilege escalation
APC filter (prevent Atom Bombing exploit variants)
Improved application lockdown
Powershell abuse from browsers
HTA apps
Prevent dumping of credentials from memory
Protect the credential database on disk and registry
Registry protections
Sticky key mitigation
Application verifier protection (Double Agent)

21. Stopping exploit techniques
400,000 new malware per day1
Traditional Anti-Virus
File Analytics
Heuristics
URL Blocking ∞
>70% of
companies
breached2
>90% of data breaches use exploits2
More
questions
than answers
SIEM, EDR, UEBA
Anomaly Detection
Security Operations Center
Forensic breach assessment teams
>6800 vulnerabilities per year3
Nearly 200 days
from vulnerability
to patch4
Patch management
Vulnerability Scanning
Device Management
Patch testing and deployment
>30% increase from 20153
10’s
Very few new
exploit methods
per year
Sophos - Intercept
Exploit and Ransomware prevention
Incident Response Report
Automatic Root Cause Attribution
Available Exploit Methods
1 – Virus Total 2 – NSS Labs
3 – Gartner 4 – White Hat Security
Anti-Exploit – Targets the root of the problem

22. Preventing abuse of legitimate applications
Application lockdown
Automatic classification of applications
Browsers
Browser plugins
Java applications
Media players
Office applications
Enforces application behavior fences
Prevents malicious use patterns
Word running a macro to launch power shell to download a application from the internet
Continuous behavior monitoring

23. Root Cause Analysis Understanding the Who, What, When, Where, Why and How

24. Core features – Sophos Intercept X
Exploit Prevention
Enforce data execution prevention
Mandatory address space layout randomization
Bottom-up ASLR
Null page(Null Deference protection)
Heap spray allocation
Dynamic heap spray
Stack pivot
Stack pivot (memory protection)
Stack-based ROP mitigations(caller)
Structured exception handler overwrite(SEHOP)
Import address table filtering (IAF)
Load library
Reflective DLL injection
Shellcode
VBScript god mode
WOW64
Syscall
Hollow process
DLL jacking
Squibdlydoo applocker bypass
APC protection (Double pulsar/AtomBombing)
Process privilege escalation
Active Adversary Mitigations
Credential theft protection
Code cave prevention
Man-in-the-browser protection (Safe browsing)
Malicious traffic detection
Meterpreter shell detection
Anti Ransomware
Ransomware file protection (CryptoGuard)
Automatic file recovery (CryptGuard)
Disk and boot record protection (WipeGuard)
Application lockdown
Web browsers (including HTA)
Web browser plugins
Java applications
Media applications
Office applications
Deep Learning
Deep learning malware detection
Deep learning PUA detection
False positive suppression
Live protection
Respond Investigate Remove
Root Cause Analysis
Sophos Clean
Synchronized Security
Deployment
Alongside existing AV
Integrated with Sophos Endpoint Agent
Operating Systems
Windows 7
Windows 8
Windows 8.1
Windows 10
Mac OS – Features include
CryptoGuard
Malicious traffic detection
Synchronized security
Root cause analysis

25. Free 30-day Trial www.Sophos.com/Intercept-X