Modelled On Human Immune System, Darktrace AI Is Internet’s New Digital Antibody

 U.S. Air National Guard photo illustration by Staff Sgt. Kayla Rorick

According to the AV-Test Institute, around 400,000 new malware strains are detected on any given day. Phishing, malicious code (malware) and hacking are some of the top attacks any connected device is vulnerable to. There are solutions to thwarting the incoming attacks, but dealing with insider leakage is much more difficult.


Darktrace, a global artificial intelligence company for cyber defence which was found in 2014, has been creating ripples in the cyberspace with its cutting-edge solutions. Modeled on the immune system of humans, Darktrace’s AI products are smoking out the dormant hackers who ride below the radar and evade detection.


Sign up for your weekly dose of what's up in emerging technology.


In partnership with the University of Cambridge, they have developed an anti-hacking tool which runs on unsupervised machine learning models.

Models can be trained for threats with historical data but hackers come with sneak attacks out of the blue. They intrude and hibernate even before the system can detect them.


Unsupervised machine learning allows the models to detect patterns with very less data. That is how these cyber-ninjas go undetected and there is little to no information known regarding their dwellings.


Digital Antibody

Bridging the gap between automated threat detection and a security team’s response, Darktrace Antigena represents a new era of cyber defence that autonomously fights back.


Darktrace’s Antigena is an autonomous response solution that takes action against in-progress cyber-threats, limiting damage and stopping their spread in real time. The developers say that their technology works like a digital antibody, intelligently generating measured and proportionate responses when a threatening incident arises, without impacting normal business operations. This is a game changer in the cyber security space and it can only become better going ahead.


Powered by Darktrace’s AI, Darktrace Industrial is another well-crafted product which passively monitors network traffic across OT and IT, automatically generating localised models for every user, device and controller in the system. Darktrace Industrial’s self-learning approach means that it can learn ‘normal’ behaviour, irrespective of the type of proprietary protocol or industry application.

“As complex as it is, it has this innate sense of what’s self and not self. And when it finds something that doesn’t belong—that’s not self—it has an extremely precise and rapid response,” said Nicole Eagan, CEO, talking about Darktrace’s capabilities.

Darktrace Cloud is another self-learning cybersecurity managing tool which is compatible with popular cloud platforms like AWS, Azure and Google Cloud. Darktrace Cloud is fully configurable, allowing organisations to see all or selected cloud traffic without requiring access to the hypervisor and with a minimal performance impact. Available for Linux and Windows, Darktrace Cloud is robust and resilient, providing end-to-end coverage across the digital business.

Darktrace’s software maps their customers’ activity using data from physical and digital sensors. Machine learning algorithms run this data over multiple layers which eventually will come up with results to be shared with the clients.

This easy to install; plug and play software assures the user with real-time threat detection and network visualisation. With machine learning, it tries to distil intelligence into the complicated web construct.

Deep Learning For Deep Web

Phishing makes for more than 90% of the cyber attacks. Usually, attackers send tailored emails to the victims which when opened, grants access to the illicit entities.


Spam detection in e-mails is a well known, widely deployed application of machine learning models. So, a deep learning network trained on raw data from threats can thwart future attacks. Firms like Technicacorp have developed DeepInsight which analyses the text to detect any potential phishing baits.

A neural network trained on millions of legitimate and malicious files will be able to predict and prevent any malware activity. What makes this challenging is the nature of the attack. A successful malware attack morphs itself with the files in the system, making it undetectable and even trickier to run pattern recognition machine learning models.

Smart filtering could bait the nefarious actors to honeypots for further analysis. The system could be coupled with packet analysis techniques such as deep packet inspection to dodge Distributed Denial of Service (DDoS) attacks or detection of nefarious scans.


So far, standard techniques like NLP for text analysis along with regression models and others have been deployed.  Machine learning models are getting better with time and robust with agile systems for real-time detection. But, the nature of attacks also, evolve with time. The fact that the attackers can deploy their own machine learning models can’t be ignored which shall keep the cybersecurity professionals on their toes or will be duped into chasing their own tails.

More Great AIM Stories

Ram Sagar
I have a master's degree in Robotics and I write about machine learning advancements.

Our Upcoming Events

Conference, in-person (Bangalore)
Machine Learning Developers Summit (MLDS) 2023
19-20th Jan, 2023

Conference, in-person (Bangalore)
Rising 2023 | Women in Tech Conference
16-17th Mar, 2023

Conference, in-person (Bangalore)
Data Engineering Summit (DES) 2023
27-28th Apr, 2023

Conference, in-person (Bangalore)
MachineCon 2023
23rd Jun, 2023

Conference, in-person (Bangalore)
Cypher 2023
20-22nd Sep, 2023

3 Ways to Join our Community

Whatsapp group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our newsletter

Get the latest updates from AIM