Google has revealed its decision to open-source Magika, an AI-powered tool designed to enhance the identification of file types, aiding defenders in accurately detecting both binary and textual file formats.
The company stated that Magika surpasses traditional file identification methods, delivering a remarkable 30% improvement in accuracy and up to 95% higher precision, particularly in discerning challenging content like VBA, JavaScript, and Powershell.
Utilizing a specialized, highly optimized deep-learning model, Magika enables rapid and precise file type identification within milliseconds. The tool leverages inference functions through the Open Neural Network Exchange (ONNX).
Google highlighted its extensive internal usage of Magika to bolster user safety by directing Gmail, Drive, and Safe Browsing files towards appropriate security and content policy scanners.
In a separate development, in November 2023, the tech giant introduced RETVec (Resilient and Efficient Text Vectorizer), a multilingual text processing model aimed at identifying potentially harmful content, such as spam and malicious emails within Gmail.
Amidst ongoing discussions regarding the risks associated with rapidly advancing technology and its exploitation by nation-state actors linked to Russia, China, Iran, and North Korea to enhance their hacking endeavors, Google emphasized that widespread AI deployment can empower digital security efforts, shifting the advantage from attackers to defenders.
Furthermore, Google stressed the necessity for a balanced regulatory framework governing AI usage to prevent scenarios where attackers have the upper hand due to restrictive AI governance choices.
The company’s experts, Phil Venables and Royal Hansen, underscored how AI enables security professionals to scale their activities in threat detection, malware analysis, vulnerability identification, fixing, and incident response, offering defenders a strategic edge over adversaries.
Concerns have been raised regarding the utilization of generative AI models for training purposes using web-scraped data, which may include sensitive personal information.
The U.K. Information Commissioner’s Office (ICO) recently highlighted the importance of understanding the downstream implications of AI model usage to ensure compliance with data protection regulations and safeguard individuals’ rights and freedoms.
Moreover, recent research has unveiled the potential risks associated with large language models acting as “sleeper agents,” capable of engaging in deceptive or malicious activities under specific conditions or instructions.
Researchers from AI startup Anthropic warned about the persistence of such backdoor behavior, which may evade standard safety training techniques, including supervised fine-tuning, reinforcement learning, and adversarial training.
For more intriguing articles, follow us on Twitter and LinkedIn for exclusive content updates.
