We are pleased to share that NICS Lab, a security research group from the Computer Science Department at the University of Malaga, is joining the Crowdsourced AI initiative at VirusTotal. By extending our capabilities using a different AI model for processing PowerShell files, NICS Lab not only strengthens our collective understanding of the code and its behavior, but also provides verdicts on the potential threat level of each file according to model criteria – categorizing them as malicious, suspicious, or benign.
As a reminder, Crowdsourced AI is VirusTotal’s initiative that taps into the power of diverse AI models and community contributions to fortify our cyber defense strategies. Just two weeks ago, we announced the integration of Hispasec’s solution, which is specifically designed for analyzing Microsoft Office documents. As we have explained in the past, these solutions based on AI LLMs can make mistakes, but their contributions are very valuable in complementing other technologies in the analysis and detection of new threats.
This time, the solution offered by NICS Lab serves as a complement to the code explanations already generated by Code Insight, which is based on Google PaLM. As a result, numerous PowerShell file reports will now benefit from the insight of solutions based on two distinct AI models. This essentially encapsulates VirusTotal’s strategy of embracing diverse threat detection solutions to improve understanding and risk assessment.
Let’s explore a few examples:
In this first showcase, we see that two analyses appear in the Crowdsourced AI section: one from NICS Lab and the other from Code Insight. In the case of the former, in addition to the explanation about the file’s behavior, we can observe the “Malicious” verdict highlighted in red.
Read the original article: