Acronis PE Analyzer Integrated Into VirusTotal, Subsidiary of Google

Acronis International GmbH, in cyber protection and hybrid cloud storage currently celebrating its 15-year anniversary, announced its machine learning-based malware detection engine, PE Analyzer is integrated into VirusTotal.

A subsidiary of Google, VirusTotal is a free online service that examines suspicious files and URLs to facilitate the quick detection of viruses, worms, trojans, and other kinds of malicious content.

The latest addition to Acronis’ catalog of AI-based anti-malware capabilities, the PE Analyzer engine is capable of detecting any kind of Windows PE malware using machine learning models. Executable-based malware is still a threat to Windows OSs, as security vendors worldwide report it is growing steadily year over year. Anti-virus testing laboratories, like AV-TEST GmbH, register around 400,000 new malware samples a day, including various trojans, backdoors, ransomware, and crypto-jackers.

Acronis’ machine learning model is based on a Gradient Boosting Decision Tree combined with several neural network models, which creates a file portrait of these threats based on various static characteristics. The ML-based detection model is fast, as the model itself is small and effective at the same time. The ML model can work independently, without an Internet connection, and provides a high detection rate over time without regular updating.

Before joining VirusTotal, scanners must provide a certification or independent reviews from independent security laboratories that follow the testing standards set by the Anti-Malware Testing Standards Organization (AMTSO). As an AMTSO member, Acronis sent the engine to AV-TEST, which confirmed PE Analyzer’s effectiveness at detecting PE malware, while generating minimal false positives.

Developed as a component of a new cyber protection suite that Acronis is releasing in 2019, PE Analyzer will undergo continuous enhancements before the launch, based on insights generated by its VirusTotal use. Once the new suite is released, the detection engine will continue to be improved to deliver additional value to the VirusTotal community.

“Given how quickly data threats are evolving, the nature of data protection is fundamentally changing. Solutions must prevent the malicious attacks that target backups to be effective, which is why Acronis has invested in developing our proactive defensive technologies,” said Oleg Melnikov, Acronis technology officer. “Our mission is to protect all data, however, and incorporating our ML-based engine into VirusTotal is the best way to ensure the entire security industry can benefit from Acronis PE Analyzer’s detection capabilities.“

Acronis introduced its AI-based technology earlier in 2018 when it enhanced its anti-ransomware solution, Acronis Active Protection. That anti-ransomware technology, which is integrated into Acronis’ secure backup solutions, such as Acronis Backup and Acronis True Image, can identify and stop zero-day ransomware attacks in real-time and was recently expanded to defeat cryptomining malware as well.