Advanced AI solution for enterprise malware detection

• ProLion GmbH
• Cybersecurity, anti-malware solutions
• Vienna, AT

• Detect and prevent ransomware attacks
• Monitor the storage usage

• Custom software development
• Product development

• Web
• Distributed backend

An application that runs on an enterprise’s datacentre storage systems (SAN) and does real time monitoring of the SAN I/O activity. It employs an advanced AI solution for anomaly detection that allows blocking malware from corrupting enterprise data.

• Provide a powerful solution that protects against all threats (both known and new / unknown).
• Ensure the best malware detection accuracy, while keeping false positives at minimum (or zero).
• Deliver real-time detection and protection that spans across the whole SAN network.
• Keep SAN performance unaffected.

• AI anomaly detection techniques that determine what is “normal” traffic and allow it to pass while “suspicious” traffic is blocked.
• Model training and evaluation with extensive real data, collected from production SAN logs.
• Processing and enhancement of collected data set, to obtain an even greater synthetic “real-like” dataset.
• Setting up of simulated SAN environments; and release of malware to collect footprints.
• Model parameters tweaking, to ensure highest precision and recall scores.
• Implementation of distributed architecture, with sensors on each SAN node and dedicated processing nodes to run the detection model.
• Development of a home-grown decision tree variant that is both accurate and lightweight enough for the use case.
• Hyperparameter tuning to minimize the model while maintaining the accuracy.