hamburger

Deep Application Learning for Cyber Security

Deep Application Learning for Cyber Security

To detect any type of malware in files and links, BitDam deep application learning utilizes a proprietary set of static, dynamic and crowd sourced analytics. This creates multi-dimensional understanding of legitimate application code flows and makes BitDam 100% attack-agnostic. 

1) BitDam Static Application Analysis 

BitDam Static Application Analysis maps application structure forming a base skeleton for the application’s knowledge base, including a list of application modules and components (e.g Microsoft Office modules installed in the windows folder). After the static analysis, BitDam verifies the static learning using proprietary dynamic analysis tools to better understand the application’s skeleton structure to the full extent.

2) BitDam Dynamic Application Analysis

BitDam Dynamic Application Analysis maps behavioral characteristics of the application’s code which are discoverable during run-time of test files, only. BitDam employs a patent-pending engine to determine baseline and deviant application behavior to build a baseline for each application. For this phase BitDam uses a set that was previously assembled from trusted sources (eg. private sources, self created sources etc) further  populating the knowledge base that was built in the previous phase, even though the sources are trusted.  New data added to the knowledge base is subject to our stringent engine findings,  ensuring that no suspect data enters the knowledge base.

3) BitDam Crowd Sourcing

Ongoing benchmarking of application flows from customers, to create an anonymized pool of behaviors, constantly builds up the BitDam application knowledge base, to create a crowd sourced repository of application flows. The sources are varied, from public sources to customers sources – BitDam gathers the new flows that have not been seen in previous stages, for further examination using the engine and a researcher (in order to improve the learning algorithms).

Deep Application Learning for Cyber Security

To detect any type of malware in files and links, BitDam deep application learning utilizes a proprietary set of static, dynamic and crowd sourced analytics. This creates multi-dimensional understanding of legitimate application code flows and makes BitDam 100% attack-agnostic. 

1) BitDam Static Application Analysis 

BitDam Static Application Analysis maps application structure forming a base skeleton for the application’s knowledge base, including a list of application modules and components (e.g Microsoft Office modules installed in the windows folder). After the static analysis, BitDam verifies the static learning using proprietary dynamic analysis tools to better understand the application’s skeleton structure to the full extent.

2) BitDam Dynamic Application Analysis

BitDam Dynamic Application Analysis maps behavioral characteristics of the application’s code which are discoverable during run-time of test files, only. BitDam employs a patent-pending engine to determine baseline and deviant application behavior to build a baseline for each application. For this phase BitDam uses a set that was previously assembled from trusted sources (eg. private sources, self created sources etc) further  populating the knowledge base that was built in the previous phase, even though the sources are trusted.  New data added to the knowledge base is subject to our stringent engine findings,  ensuring that no suspect data enters the knowledge base.

3) BitDam Crowd Sourcing

Ongoing benchmarking of application flows from customers, to create an anonymized pool of behaviors, constantly builds up the BitDam application knowledge base, to create a crowd sourced repository of application flows. The sources are varied, from public sources to customers sources – BitDam gathers the new flows that have not been seen in previous stages, for further examination using the engine and a researcher (in order to improve the learning algorithms).