Microsoft has introduced Project Ire, an autonomous AI agent designed to automate malware classification by fully reverse engineering software files. This prototype uses large language models to identify whether software is malicious or benign. Project Ire aims to enhance malware detection at scale, accelerate threat responses, and minimize the manual labor required from analysts. The system employs various specialized tools for low-level binary analysis, control flow reconstruction, and interpretation of code behavior, connected through a tool-use API for updating understanding of files.
Project Ire automates what is considered the gold standard in malware classification: fully reverse engineering a software file without any clues about its origin or purpose.
The system uses decompilers and other tools, reviews their output, and determines whether the software is malicious or benign.
Project Ire is an effort to enable malware classification at scale, accelerate threat response, and reduce manual efforts taken to examine samples.
Its tool-use API enables the system to update its understanding of a file using a wide range of reverse engineering tools, including Microsoft memory analysis sandboxes.
Collection
[
|
...
]