How does the project ire works
Microsoft defender monthly scans more than a billion active equipment that requires regular manual review of software by experts, resulting in errors and cautious fatigue. Therefore, the architecture of the project Ire allows to argue at several levels from low-level binary analysis, which controls the high-level interpretation of flow reconstruction and code behavior.
The project starts by identifying the IRE file type and structure, then using the tool rebuilds the control flow graph of the software like the tool. Aung And Ghidara. It analyzes major functions through an API, forcing a detailed “series of evidence” to show how it reached its decision. A built-in verifier cross-check the conclusions to ensure accuracy against specialist inputs to a cross-check, before the system classifies the system software as malicious or gentle.
“Project Ire, as an autonomous AI prototype, proceeds beyond existing devices that depend on reverse engineering software to detect dangers. Unlike the current TDIR tools on the market, which depends on the signature of the known machine learning or AI model and known threats, the project IRE appears on the signing of a file. Said, “It enables to identify the new or pre -determined malicious code to examine the surface of the attack using AI agents and give a clear ‘series of evidence’ for action. The agent AI element turns from human-supported to completely autonomous approaches, while still maintains a human in the loop. “
