The few protections that exist to secure software supply chains typically utilize arbitrary byte signatures to identify malicious code. While these are fast and efficient, they provide no surrounding context to the source code. This results in overall lower accuracy and a higher false positive rate.
What We Do
At KetPsi Shield, we focus on developing technology that can not only detect malicious code, but can also classify it properly to provide the appropriate remediation for our customers.
Our technology aims at :
Automating malware family classification for better scalability.
Reducing the amount of data needed for effective detection of malware.
Easy portability between different platforms (OS, bytecodes, etc).
Our technology represents binaries (and bytecodes) as graphs. Unlike conventional methods used to identify malware utilizing byte signatures, we use graph based signatures that are easier to automate and provide more precise classification.
Why Quantum?
Our solution is hardware agnostic from the start and will run on current hardware as well as quantum computers. As quantum computing continues to mature, we can readily leverage their amazing potential.
Preliminary Results
In order to test our technology prototype, we used publicly available malware samples and tested our algorithm on both classical and current quantum accelerated computational engines (known as solvers). The task was to properly classify each sample to the correct malware family. By using our system, we automated the entire signature extraction process and used very little data to do so. Using the quantum accelerated solver, we were 90% accurate in classifying the malware to their correct malware family.
When comparing a signature against an unknown code sample, we need to be sure that the similarity scores are as close to the accurate value as possible. In our experiments, the quantum accelerated solver got better scores than the classical in over 90% of the cases (and computed in the same amount of time). Better scores are an indication of more accurate comparison between two pieces of code.
An in-depth look tells us that our results also show that the quantum solver saw upto a 65% improvement at best and about a 5% deterioration at worst over classical. The histogram below shows the spread of the number of cases (comparisons) we did and the improvement we saw.
About Us
The founders are researchers in quantum computing and cybersecurity with over 15 years of combined industry experience. Both founders are PhD Candidates in computer science and will be finishing their degree’s by the end of 2022