AI-Based Malicious App Automatic Analysis System 'OnAppScan'
Automating App Analysis Process to Improve Analyst Efficiency
Antivirus Solution 'OnVaccine'... 99% Detection Rate of Malicious Apps

"The battle is being reproduced beyond desktop PCs into the mobile domain as well. As attacks become automated and intelligent, response technologies must also be advanced."


Recently, as obfuscated malicious applications (apps) designed to bypass mobile device security solutions have increased, related damages have grown. Most malicious apps apply techniques such as encryption and obfuscation of the application package (APK) itself, making it difficult to analyze how the app operates and what actions it performs. For example, attackers replace key code with arbitrary values to make it unrecognizable during decompilation. They leave commonly used syntax in the development language intact but change only important parts, making it hard to understand what functions the code performs. In other words, they maintain the functions necessary for phishing crimes while making it difficult for mobile antivirus to detect them.

[AI Revolution](71) Catching Malicious Apps with AI... Secureon View original image

There is a company providing differentiated security solutions using artificial intelligence (AI) to catch such malicious apps. That company is Secuiron, an AI-based security firm. Yudonghun, CEO of Secuiron, introduced, "To overcome the limitations of existing signature-based malicious app detection solutions, we have researched various heuristic detection technologies (simplifying complex tasks into simple judgment tasks), and as a result, we were able to develop the AI detection system, the core technology of our current company brand 'On' solution."


Secuiron's representative service is the AI-based malicious app automatic analysis system OnAppScan. OnAppScan is a product based on Secuiron's proprietary AI detection system that automates the app analysis process and assesses risk levels, enabling field analysts to work more efficiently.


The signature-based detection and analysis systems mainly used in the industry previously analyzed malicious apps to extract patterns and update them. This approach is vulnerable to detecting new and variant malicious apps. Obfuscated apps that change code in various ways, such as altering variables and command patterns and mixing logic, are difficult to detect and analyze with typical pattern-based engines. Therefore, manual analysis by analysts has been used to supplement this. Analyzing intelligent malicious apps requires skilled experts and a lot of time and effort.


Secuiron solves this problem with AI technology. Even obfuscated malicious apps, which have been altered in various ways, are executable, so a machine learning engine analyzes mainly the information necessary for execution to determine whether the app is malicious. Machine learning technology changes the analysis process from the traditional 'manual analysis → manual judgment' to 'automatic judgment → manual verification,' reducing dependence on individual analysts' capabilities and saving resources such as time required for analysis.


CEO Yu explained, "We are conducting research to develop XAI (explainable artificial intelligence)-based verification and tracking technology that can verify on what basis the machine learning engine judged the risk level, enabling the establishment of an automatic judgment and automatic verification system."


Recently, they released 'OnAppScan V2.0.' It has strengths in analyzing voice phishing malicious apps by applying advanced analysis interference technologies such as obfuscation and compression unpacking prevention techniques. The new feature, Voice Phishing Detector, heuristically analyzes key files embedded in voice phishing malicious apps to determine whether they are malicious.

[AI Revolution](71) Catching Malicious Apps with AI... Secureon View original image

Another service from Secuiron is the machine learning antivirus solution 'OnAV.' This product also uses the independently developed AI detection system. It features a 'Cross Validation System (CVS)' that combines machine learning inspection, pattern inspection, and reputation inspection, achieving high detection rates while minimizing the resources required for detection. It is specialized in detecting new and variant malicious apps.


OnAV has also obtained global certifications such as 'AV-TEST' and 'AV-Comparatives.' In particular, the global security product performance evaluation organization 'AV-Comparatives' is well known for its strict evaluation criteria. Participating companies must meet standards of a comprehensive detection rate of over 99% and fewer than 10 false positives to receive certification. OnAV recorded a comprehensive detection rate of 99.7% and is the only domestic company to have received certification for five consecutive years.


Hot Picks Today

"It Has Now Crossed Borders": No Vaccine or Treatment as Bundibugyo Ebola Variant Spreads [Reading Science] "It Has Now Crossed Borders": No Vaccine or Treatment as Bundibugyo Ebola Variant Spreads [Reading Science]

CEO Yu said, "Our services have received good evaluations from global certification organizations for their high detection rates of potential malicious apps and unknown new and variant malicious apps compared to other companies. We will continue to strive to develop security solutions that overcome the limitations of existing security technologies to respond to increasingly evolving security threats."


한글 기사 보기
This content was produced with the assistance of AI translation services.

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.

Today’s Briefing