summarize
Google recently announced the open-sourcing of an artificial intelligence (AI) tool called Magika.Magika utilizes thedeep learning model, improves the accuracy and speed of file type recognition. This tool is primarily geared for use by security defenders to more accurately detect binary and text file types.
Magika Features
Magika employs a custom, highly optimized deep learning model that accurately identifies file types in milliseconds. By using the Open Neural Network Exchange Format (ONNX), Magika enables fast inference capabilities.Google claims that, unlike traditionalDocument RecognitionCompared to the method, Magika improves 301 TP3T in overall accuracy and up to 951 TP3T in recognizing content that is typically difficult to identify (e.g., VBA, JavaScript, and Powershell).
The software uses "customized, highly optimized deep learning models" to accurately identify file types in milliseconds. Magika uses the Open Neural Network Exchange (ONNX) for inference.
Magika in Google Apps
Google says it uses Magika at scale internally to help improve user security by routing Gmail, Drive, and Safe Browsing files to the appropriate security and content policy scanners.
In November 2023, the tech giant launched RETVec (short for Resilient and Efficient Text Vectorizer), a multilingual text processing model for detecting potentially harmful content such as spam and malicious emails in Gmail.
Risks regarding rapidly evolving technology and its misuse by nation-State actors associated with Russia, China, Iran and North Korea to enhancehackerAs the debate over attacks rages on, Google says mass deployment of AI can strengthen digital security and 'tilt the scales'. From Attackers to Defenderscyber securityBalance."
Google Open Source Magika
It also emphasizes the need for a balanced regulatory approach to AI use and adoption to avoid a future where attackers can innovate but defenders are limited by AI governance options.
The tech giant's Phil Venables and Royal Hansen noted that "AI enables security professionals and defenders to expand their efforts in threat detection, malware analysis, vulnerability detection, exploit remediation and incident response. " "AI offers the best opportunity to upend the defender's dilemma and tip the scales in cyberspace to give defenders a decisive advantage over attackers."
AI incyber securityRole of the United Nations in the implementation of the Convention on the Rights of the Child
Google highlights the need to balance regulatory approaches to AI use and adoption to avoid a future where attackers are able to innovate and defenders are limited due to AI governance choices.Phil Venables and Royal Hansen note, "AI allows security professionals and defenders to expand their efforts in threat detection, malware analysis , vulnerability detection, vulnerability remediation, and incident response.AI offers the best opportunity to change the defender's dilemma by tipping the scales in cyberspace and granting the defender a decisive advantage over the attacker."
There are also concerns about generative AI models using web-crawled data for training purposes, which may also include personal data.
The UK Information Commissioner's Office (ICO) stated last month, "If you don't know what your model will be used for, how can you ensure its downstream use respects data protection and people's rights and freedoms?"
What's more, new research shows that large language models can act as "sleeper agents," seemingly harmless but programmed to engage in spoofing or malicious behavior when specific criteria are met or special instructions are provided.
"This backdoor behavior can persist so that it is not removed by standard security training techniques, including supervised fine-tuning, reinforcement learning, and adversarial training (which triggers insecure behavior and then trains to remove it)" in the study, according to researchers at artificial intelligence startup Anthropic.
refer to
1. https://opensource.googleblog.com/2024/02/magika-ai-powered-fast-and-efficient-file-type-identification.html
2. https://google.github.io/magika/
3. https://www.npmjs.com/package/magika
Original article by Chief Security Officer, if reproduced, please credit https://cncso.com/en/google-open-sources-magika-ai-powered-html