08 June 2016
Chemring Technology Solutions says it has developed an advanced system of AI that automates volume data pattern analysis for network security.
The firm claims ForensicAI is the world’s first system that can link apparently benign network activity across months to identify hidden malware, delivering what’s described as “extremely high detection and low false alarm rates”.
Developed from military grade cyber security software, Chemring says ForensicAI automates malicious activity pattern identification. It says this allows security analysts to redirect their time more effectively to investigate and stop in-progress malicious activity.
ForensicAI is available as part of the latest upgrade of Perception which is said to be the world’s first bio-inspired network security system. According to Chemring, Perception mimics the fight-or-flight fear response of mammals. Unlike other cyber security solutions, the firm reckons its system is behavioural and not rules-based, adapting automatically to the network’s changing profile to identify malicious activity, thus making it more difficult for malware to evade detection.
Working at very high data rates at the core of the network rather than the perimeter, Chemring explains that ForensicAI constantly reviews the mass of data from Perception’s behavioural analysis. This identifies patterns and common themes that indicate potential live threats and network vulnerabilities.
When anything of interest is found, a detailed alert reports to the analyst what has happened and why it should be investigated.
“ForensicAI is capable of intelligently linking something that happened months ago, followed by other behaviours a few weeks later, with something else in the last few minutes,” says Daniel Driver, head of Perception cyber security at Chemring Technology Solutions.
“As soon as the last piece in that puzzle falls into place, an alert is generated, delivering incredibly high detection rates that other systems would miss as they focus on current activity or cannot effectively process large data volumes gathered over time.”
Hampshire-based Chemring Technology Solutions is a specialist provider of advanced electronic warfare, explosive ordnance disposal and communication information systems. Its customers include the MoD and NATO, as well as governments, national security agencies and commercial users across the world.