Patented Technology

AI Based Malware Detection

Our patented engine combines heuristics, machine learning and deep learning in a multi tier detection stack that extends classic antivirus solutions with an AI based detection layer, integrable via SDK into your existing infrastructure.

US Patent 9,111,094 B2

inlyse-engine v3.4

$ inlyse scan suspicious.pdf

Loading models... OK

Heuristic analysis... DONE

ML classification... DONE

Neural network... DONE

RESULT: MALWARE DETECTED

Confidence: 98.36%

Threat Level: 100 (MALWARE)

5 classifiers12 chunks4.2s

99.8%

Detection Rate

<0.1%

False Positives

<50ms

Analysis Time

Zero-Day

Protection

Why traditional detection is no longer enough

Traditional antivirus solutions rely on signature databases. That means a threat can only be detected once it is already known. Zero day attacks, polymorphic malware and new variants remain invisible.

Our patented technology extends existing solutions with an AI based detection layer. By combining static heuristics, machine learning and deep learning we identify threats by their patterns, regardless of whether a signature exists.

Zero Day Detection

Detects unknown threats through pattern analysis, not signatures.

Multi-Classifier

Multiple independent classifiers evaluate every file in parallel.

Chunk Analysis

Files are broken into correlated segments and analyzed individually.

SDK-Integration

Native C API with bindings for Python, Go, JavaScript and more.

Scan Result

Every scan returns a detailed classification with confidence scores from all classifiers in use, machine readable through the API or as a visual report.

File Information

IDef83fda0-248f-4f55-87a2-54ef4123f4d6

MD58b4598e52197c0b4de454587fc6e81ab

SHA1433442e6559f0baf1fb06caceee1e8ddde245dcf

SHA256bfd6152ebba18511d5b4af968e0187b032cd76bc3f816f1

FilenameNetze+Routing - XTEC.pdf

Size47.82 KB

FileTypeapplication/pdf

Labelbenign

Classification Result

Label:

Benign

Suspicious Score13%

87%

Score Benign

13%

Score Malicious

Das Scoring-System kombiniert Ergebnisse aus Heuristik, Machine Learning und neuronalen Netzwerken zu einem finalen Maliciousness Score.

Automated Analysis

Detailed Analysis Report

When malware is detected, our engine automatically creates a comprehensive analysis report. It includes the object tree, classifier results with confidence values, heuristic findings and MITRE ATT&CK mapping, all in one interactive report.

pdf_embed.pdf

SHA256: da9c3deb08bfc6a2e7930a4c8f1bd81b5ebffbb09b44027c74ea41ebf7149f8b

MALWARE

98.36%

SIZE: 233.6 kB

MIME: application/pdf

Verdict: MALWARE

Object Tree

Shows what we have found inside your file

pdf_embed.pdfMALWARE

has been verified. However PDF, Jpeg, Docx, .xlsxUNKNOWN

has been verified. However PDF, Jpeg, Docx, .xlsx [decrypted]MALWARE

xl/embeddings/oleObject1.binMALWARE

xl/embeddings/Microsoft_Office_Word_Macro-Enabled_Document1.docmCLEAN

Classification

What our classifiers say about this object

ClassifierVerdictConfidence

pdf::cnn::skeleton::classifyCLEAN99.89%

pdf::cnn::bacon::classifyCLEAN98.88%

pdf::features::classifyMALWARE96.86%

pdf::cnn::evosense::classifyCLEAN81.61%

pdf::cnn::allokey::classifyCLEAN78.57%

Heuristics

Noteworthy content/behaviour found in document

NameStatus

Embedded files1 file(s)

Has JavascriptYes

Low complexityYes

Open action1 action(s)

CVE exploitationNo

One-click imageNo

Single urlNo

MITRE ATT&CK Matrix

Tactics and techniques identified in this document

Initial Access

Execution

T1059.007T1059T1203T1204.003T1204.001

Persistence

Privilege Escalation

Defense Evasion

T1027.009

Credential Access

Lateral Movement

Automatically detected, manually understood. When our engine identifies malware and you need a deeper investigation by experienced reverse engineers, our analysts take over.

SDK & INTEGRATION

Integration in a Few Lines of Code

The INLYSE engine is designed as a native C library and can be integrated through SDKs for Python, Go, JavaScript and any other language. On premise or as a cloud API.

1#include "inlyse.h"

3int main() {

4 // Initialize engine with models & license

5 void* env = inlyse_init(

6 "/opt/inlyse/models", 4, "YOUR_LICENSE_KEY"

7 );

9 // Scan file with all classifier modules

10 const struct AnalysisDetails* result =

11 inlyse_scan_file(

12 env, "suspicious.pdf", 1,

13 ALL_CLASSIFIERS, NULL

14 );

16 if (result->label >= MALWARE) {

17 printf("MALWARE detected: %.2f%% confidence\n",

18 result->probability * 100);

19 }

21 inlyse_close(result);

22 inlyse_fini(env);

23 return 0;

24}

C/C++

Python

JavaScript

REST API

Deployment Options

Whether as a cloud API or an on premise engine, INLYSE Malware Detection adapts to your infrastructure.

Cloud API

Scalable scanning interface for cloud infrastructure, SaaS applications and email gateways.

Region: EU-West (Active)

On-Premise SDK

Native C engine for integration into your existing security infrastructure. Air gapped and GDPR compliant.

Hardware / VM / Container

Expand your security architecture.

Integrate our patented AI engine into your existing solution, for detection that goes beyond signatures.

Why traditional detection is no longer enough