University of Gloucestershire researchers developing unique AI-powered business malware solution

Researchers at the University of Gloucestershire have made ground-breaking progress in the fight against malicious cyber-attacks with new research designed to intelligently and automatically identify and stop malware that targets businesses’ computer networks.

Malware is the collective term for damaging software that includes viruses, ransom and spyware code, designed to cause extensive damage to data and computing systems, or gain unauthorised access to a network. The University’s School of Computing and Engineering has developed a new malware security solution − CloudIntell – which uses Artificial Intelligence and cloud computing to work independently or alongside conventional security mechanisms.

Malware is a growing problem for industry, as illustrated by statistics from the ‘Cyber Security Breaches Survey 2020’ which show that 46% of businesses and 26% of charities have reported cyber security breaches or attacks over the past 12 months. As in previous years, this is higher amongst medium-sized firms (68%), larger businesses (75%) and high-income charities (57%).

It is against this backdrop that Dr Qublai Ali Mirza, course leader in cyber-security at the University of Gloucestershire, has been collaborating with several organisations in South West England and internationally, to develop a novel security solution that is highly responsive and accurate in detecting and eliminating malware attacks.

Dr Ali Mirza explains:

“Most cyber-security mechanisms are very limited in terms of how they can prevent malware attacks, and any enterprise network infection usually takes around six months or more to identify. To solve this, we’re developing a software product that learns from the normal behaviour of a network while also predicting, detecting and extracting any malware infections the moment any attempted system infiltration occurs.

“As part of this we’re examining the techniques used by malware authors and building a comprehensive study of malicious files and how they behave in a system or networked environment. Our initial research has extracted unique malware artefacts from infected networks, which we are then using to train multiple algorithms and predict, detect and prevent further attacks, while also isolating any infections. As well as enhancing malware detection accuracy, this mechanism makes decisions instantaneously, something which is crucial to stopping the spread of malware.

“Safeguarding the security of enterprise networks (that are made up of varied devices and platforms) requires multiple tools, configurations and policies, along with computational and people resources from a variety of suppliers to manage all of these requirements.”

The research developments have already been singled out for praise by early industry supporters of the project.

Fatima Hussain, Manager of Event Management and Analytics at the Royal Bank of Canada, said:

“Dr Ali Mirza’sresearch has the potential to become an innovative security product which harnesses the power of AI and scalability of cloud computing. Over the past few years, he has been working closely with industry and incorporating industrial problems as the baseline for his academic research.

“The development of these smart security solutions is quite thorough and involves not only new solutions with a solid analytical basis, but also applications that are equally applicable and implementable for enterprise level security.”

Dr Jules Pagna Disso, Group Head of Cyber Risk Intelligence at international bank BNP Paribas, added:

“CloudIntell offers a potentially unique security mechanism for enterprise networks. It has the capability to be self-aware and, using a limited digital footprint, can detect a number of threats, attacks and anomalies with a good level of accuracy.”

In June, the University plans to discuss CloudIntell with a local business audience at its C11 Cyber Security and Digital Innovation Centre. Equipped with cutting edge technologies, high speed broadband and state-of-the-art digital security, C11’s mission is to fire the growth and advancement of the cyber community, in a discreet environment. It is the region’s leading Cyber Security and Digital Innovation Centre.