Just two weeks after launching its first antimalware for Linux, Microsoft have taken run in this to detect security threats of main rival of its operating system
His new product is called Project Freta, and the Redmond company describes it as a free service from Microsoft Research to detect evidence of the presence of rootkits, crypto mining software and other forms of advanced malware in Linux virtual machines running ‘in the cloud’.
A novel approach to detecting unknown malware
Instead of focusing on the type of attacks that can be easily detected thanks to existing anti-malware software, Project Freta is committed to take volatile memory captures from virtual machines, as a fingerprint, which then uploads to the ‘cloud’ for analysis.
Microsoft Research’s intention is that as your dataset grows through analysis of thousands of virtual machines, learn to better detect (by AI) signs of malware in different environments. For now, according to Microsoft, Freta supports more than 4,000 versions of the Linux kernel.
The novelty of the system on which Freta is based is that it allows you to circumvent the measures that malware creators have been using until now to circumvent, in turn, security tools.
The goal is that viruses, rootkits, and other types of malicious software cannot manipulate detection systems to hide from them … because, after all, no anti-malware is being installed on the system.
A project that has a long way to go
Mike Walker, director of New Security Initiatives at Microsoft, stated that Project Freta will allow companies to participate in regular detection sweeps for malware not previously known by cybersecurity companies.
Actually, we can test how it will be to use this platform Accessing the website freta.azurewebsites.net: once we log in with our Microsoft account, we can check how the malware detection reports of the test snapshots already uploaded by Microsoft are or upload and analyze our own.
This news was originally published at explica.co