Rohde & Schwarz and Saint Security bring AI to network protection

Machine learning and AI are becoming important in securing data networks as cybercriminals around the world incessantly release new malware types that can morph and look like harmless files which are difficult for antivirus engines to detect.

As a result, Rohde & Schwarz’s Cybersecurity business division has teamed up with a firm developing network protection software, Saint Security to provide artificial intelligence, machine learning and big data-based profiling methodologies to fight advanced persistent threats (APTs).

The aim of the technology partnership is to identify and block various types of malware and this runs on the DPI engine R&S PACE 2 extracting file content and metadata to identify potentially dangerous executables caused by APTs.

Kihong KIM, CEO of Saint Security, writes:

“The ability of extracting file content extended the functionality of the network-based advanced malware response solution MNX to analyse all network traffic, services and protocols across all ports with an extremely fine granularity.

“The extracted information is key to better identify and investigate multi-stage, advanced persistent threats such as malicious emails or ransomware.”

Saint Security’s network protection software intercepts possible APTs in a network. In order to fingerprint malicious activity and to unlock the full potential of their AI-based analysis methodologies, they decided to embed Rohde & Schwarz Cybersecurity’s DPI engine to analyse the observed network traffic.

The DPI engine extracts file content and metadata such as files attached to emails (e.g. .pdf, .exe or .doc) or sent through files transfers from within the traffic in real time. This enables Saint Security to identify potentially dangerous executables caused by APTs and set up advanced security and traffic management policies.