pi Day: Machine Learning a la Mode

Rational Thoughts Around Irrational Behavior

“Did I ever tell you what the definition of insanity is? Insanity, is doing the exact same [expletive] thing over and over again, expecting [expletive] to change. That is crazy.” – Vaas Montenegro,  Far Cry 3

Pretty rational thought from an irrational person, right? What does this have to do with pi? Well, pi is an irrational and transcendental number; it will continue infinitely without repetition or pattern. 

Wait, it Doesn’t Repeat Itself; That Makes it Not Crazy – Right?

Correct! But, to add more context, put pi in the context of a DAT file.

What’s a DAT File?

Put plainly, a DAT file is a data file created by a specific application. In the context of this article/security conversation, a DAT file is commonly used by legacy antivirus (AV) products to store signatures for malicious hashes; basically, it’s a list.

Well, that seems rational. You need a place to keep a list of malicious things. 

Sure, when you hear/read it, that makes sense. A terrible malware attack happens and then the legacy product adds that malware hash (a hash is a long number derived from a string of text) to its list to prevent future attacks. The legacy product then pushes their “known attacks” list to your endpoints, which triggers the program to scan your systems for the hashes on that list.

From there, it’s rinse and repeat. Day after day, week after week, and so on and so on. Make no mistake, these attacks are then blocked, protecting your machines. But here’s the rub:

According to the AV-Test Institute, over 250,000 new malicious programs are registered each and every day. Every twenty four hours, a quarter of a million new malware variants have to be added to that list (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Blog. Read the original post at: https://threatmatrix.cylance.com/en_us/home/pi-day-machine-learning-a-la-mode.html