Microsoft quietly launched an AI agent that can detect and reverse engineer malware
Briefly

Microsoft quietly launched an AI agent that can detect and reverse engineer malware
"Project Ire is an AI agent capable of reverse engineering software files to investigate whether they're malicious and analyze their origins, even if they don't match any previously-cataloged threats. Powered by a combination of large language models (LLMs) and specialized cybersecurity analysis tools, the agent is intended to automate classification to ease cybersecurity analyst . In recent tests, Project Ire was exposed to known samples from a database hackers have used for living off the land attacks, alongside harmless Windows drivers."
"In a broader test, researchers exposed Project Ire to 4,000 files that were unclassified by Microsoft's automated systems and would normally have to be reviewed by highly-skilled reverse engineers. Project Ire achieved a precision score of 0.89, meaning 90% of the files it marked as malicious were indeed threats, alongside an overall recall score of 0.26 meaning it discovered around 25% of all the malware in the sample."
Project Ire is an autonomous AI agent that reverse-engineers software files to determine maliciousness and origins, even for previously uncataloged threats. The agent combines large language models with specialized cybersecurity analysis tools to automate classification and reduce analyst workload. In targeted tests it correctly flagged 90% of files with a two percent false positive rate and identified kernel-level malicious features and command-and-control behavior. Project Ire achieved a 0.89 precision on 4,000 unclassified files and a 0.26 recall, operating autonomously on data not present in its training set and succeeding where other automated tools could not.
Read at IT Pro
Unable to calculate read time
[
|
]