The good old times, the winning quality of antivirus solution depended on how fast would they find out about a new threat, then add its fingerprint to the signature files (to be able to block it) and finally distribute it to its customers. Too many steps where each could go wrong.
Today, with >1 million new viruses every day – the game is pretty much over, at least for the signature-based antivirus programs.
Deep learning enters the scene… With such a number of new cyber threats, it is about fighting the unknown. Combined with the unlimited processing power of hyperscalers, a new generation of antivirus solutions was born.
Google started experimenting with ML-based antivirus solutions as part of the Google Mail (of course in combination with a signature database), and managed to increase the recognition rates of infected attachments by another 10%. This is a massiv uplift!!
They use a distinct TensorFlow deep-learning model trained with TensorFlow Extended and a custom document analyzer for each file type.