Gloucestershire University researcher develops unique AI-powered business malware solution

Uni of Glos Dr Qublai Ali Mirza[2]

Researchers at the University of Gloucestershire have made major progress in the fight against malicious cyber-attacks with new research designed to intelligently and automatically identify and stop malware that targets business computer networks.

The University’s School of Computing and Engineering plans to discuss its new malware security solution – ‘CloudIntell’ – which uses Artificial Intelligence (AI) and cloud computing to work independently or alongside conventional security mechanisms, with a local business audience at its C11 Cyber Security and Digital Innovation Centre in June.

Malware is the collective term for damaging software that includes viruses, ransom and spyware code, developed to cause extensive damage to data and computing systems, or gain unauthorised access to a network.

This is a growing problem for industry, as illustrated by statistics from the ‘Cyber Security Breaches Survey 2020,’ which show that 46 per cent of businesses and 26 per cent of charities have reported cyber security breaches or attacks over the past 12 months. Like previous years, this is higher among medium-sized firms, larger businesses and high-income charities.

It is against this backdrop that Dr. Qublai Ali Mirza, course leader in cyber-security at the University of Gloucestershire, has been collaborating with several south-west UK and international organisations to develop a novel security solution designed to be highly responsive and accurate in detecting and eliminating malware attacks.

Qublai explains: “Most cyber-security mechanisms are very limited in terms of how they can prevent malware attacks, and any enterprise network infection usually takes around six months or more to identify.

“To solve this we’re developing a software product that learns from the normal behaviour of a network while also predicting, detecting and extracting any malware infections the moment an attempted system infiltration occurs.

“As part of this we’ve been examining the techniques used by malware authors and building a comprehensive study of malicious files and how they behave in a system or networked environment.

“Our initial research has extracted unique malware artefacts from infected networks, which we’re then using to train multiple algorithms to predict, detect and prevent further attacks, while also isolating any infections.

“As well as enhancing malware detection accuracy this mechanism makes decisions instantaneously, something which is crucial to stopping the spread of malware.

“Safeguarding the security of enterprise networks that are made up of varied devices and platforms requires multiple tools, configurations and policies, along with computational and people resources from a variety of suppliers to manage all of these requirements.”

The new research developments have already been singled out for praise by early project supporters.

Fatima Hussain PhD, Manager of Event Management and Analytics at the Royal Bank of Canada, said: “Qublai’s research has the potential to become an innovative security product which harnesses the power of AI and scalability of cloud computing. Over the past few years, he has been working closely with industry and incorporating industrial problems as the baseline for his academic research.

“The development of these smart security solutions are quite thorough and involve not only new solutions with a solid analytical basis, but also applications that are equally applicable and implementable for enterprise level security.”

Dr Jules Pagna Disso, Group head of Cyber Risk Intelligence at international bank BNP Paribas, added: “CloudIntell offers a potentially unique security mechanism for enterprise networks. It has the capability to be self-aware and, using a limited digital footprint, can detect a number of threats, attacks, and anomalies with a good level of accuracy.”