Project Ire: Microsoft’s autonomous malware detection AI agent

Microsoft is working on a AI agent whose main goal is autonomous malware detection and the prototype – dubbed Project Ire – is showing great potential, the company has announced on Tuesday.

Tested on a dataset of known malicious and benign Windows drivers, Project Ire has correctly identified the nature of 90% of all files, and flagged only 2% of benign files as threats, the group of researchers and engineers working on it noted.

In another test, involving nearly 4,000 files that automated systems at Microsoft could not classify at the time and haven’t been manually reviewed by expert reverse engineers, the prototype correctly flagged nearly 9 out of 10 malicious files, had a small false positive rate (4%), but detected roughly a quarter of all actual malware.

“While overall performance was moderate, this combination of accuracy and a low error rate suggests real potential for future deployment,” they pointed out.

About Project Ire

As mentioned before, Project Ire is currently in the prototype phase.

During this experimentation phase of the project, the agent used a variety of advanced language models available through Azure AI Foundry, and has been calling on various reverse engineering and binary analysis tools.

The evaluation process of each sample starts with automated reverse engineering, to determine the file type, its structure, and highlight any areas that deserve a closer look.

Once the triage is complete, the system reconstructs the software’s control flow graph using frameworks like angr and Ghidra.

The graph maps out how the program executes and based on it, the system dives into a iterative analysis of each function with the help of language models and specialized tools.

Summaries of the analyses are added to a “chain of evidence” record, which also provides transparency into how the system arrived at its conclusions. This allows security teams to review the results and helps developers refine the system when it misclassifies a sample.

Project Ire uses Microsoft’s public criteria for deciding whether a sample is malware, a potentially unwanted application, tampering software, or a benign file.

“To verify its findings, Project Ire can invoke a validator tool that cross-checks claims in the report against the chain of evidence. This tool draws on expert statements from malware reverse engineers on the Project Ire team. Drawing on this evidence and its internal model, the system creates a final report and classifies the sample as malicious or benign,” the researchers explained.

Project Ire’s report on a kernel-level rootkit (Source: Microsoft)

There have been several cases where the the AI agent’s reasoning contradicted that of a human expert, and turned out to be correct, Mike Walker, Research Manager at Microsoft, told Help Net Security.

“[What we learned from those instances is] that we can leverage the complementary strengths of both humans and AI for protection,” he added.

“Our system is designed to capture risk reasoning at each step, and it’s critical to have detailed audit trail of line-of-reasoning to allow for deeper investigation of the system.

Project Ire will be leveraged inside Microsoft Defender as a binary analyzer tool for threat detection and software classification.

However, if things go as the researchers hope, Project Ire will ultimately be able to autonomously detect novel malware directly in memory, at a useful scale.

Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!