© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

Amazon introduces 'Mithra' an AI threat detection tool


Amazon has developed and launched Mithra, an AI tool to identify potentially malicious domains to protect customers from digital threats.

Amazon has to deal with cyberattacks and other cybersecurity risks on a daily basis to protect its AWS customers. Over the years, the cloud provider has gathered knowledge and insight into malicious activities on the internet and implemented threat intelligence and analysis in real-time.

Due to hackers’ continuously evolving tactics, techniques, and procedures (TTPs), Amazon is constantly trying to improve its ability to observe and react to these threats.

On Monday, the company revealed Mithra, a massive internal neural network that uses algorithms for threat intelligence. It has a massive graph database containing 3.5 billion nodes and 48 billion edges to identify malicious domains. Furthermore, it has a reputation scoring system to rank evil-looking domains.

“By assigning a reputation score that ranks every domain name queried within AWS on a daily basis, Mithra’s algorithms help AWS rely less on third parties for detecting emerging threats, and instead generate better knowledge, produced more quickly than would be possible if we used a third party,” CJ Moses, Chief Information Security Officer (CISO) at Amazon, says in a blog post.

Mithra observes up to 200 trillion DNS requests in a single AWS region, detecting an average of 182,000 new malicious domains per day. Those websites will receive a score and end up on a list, which Amazon promises to share with customers and organizations that may be targeted or potentially compromised by threat actors.

Amazon’s AI threat detection tool not only detects malicious domains but can also predict malignant domains weeks or months before they show up on threat analysis from other security companies. “This world-class capability means that we can see and act on millions of security events and potential threats every day,” Moses states.

Mithra is compatible with Amazon's other cybersecurity services, like Amazon’s MadPot honeypot network. MadPot is one of the sources from which Mithra obtains its data about hacker activities. Amazon also uses Mithra to power its GuardDuty threat detection service. GuardDuty analyzes data from Mithra and third-party sources to detect malicious activity in AWS customers’ cloud environments.

Mithra runs on internal systems inside Amazon, and it’s not a service that customers will have to pay for directly.


Leave a Reply

Your email address will not be published. Required fields are marked