OnQ Blog

The rise of machine learning against malware

Jul 31, 2015

Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries.

Have you ever wondered how new and innovative technologies are born? How things that are impossible today become the technologies of the future?  At Qualcomm Research, dreaming up and inventing technological breakthroughs consumes us. We embrace coming up with and executing on ideas that “the experts” said were impossible and turning them into reality. Our biggest achievement thus far in mobile security is just one example…

While considering the importance and rising need to combat the threat of malware in a smarter and more efficient manner, a researcher in Qualcomm Research’s Silicon Valley office, Rajarshi Gupta posed the question “What if we created a technology that was always on and working behind the scenes and could be trained to identify anomalous behavior immediately?”  

At the time, this was a different way of approaching security on mobile—it would be like giving smartphones and tablets their own immune system. In the traditional approach to malware protection, established security companies identify malware programs and then “inoculate” devices with updates to the security software that help them identify and contain threats. Rajarshi’s idea involved using machine learning techniques to give phones and tablets cognitive abilities to recognize the threats by themselves.

Rajarshi and a small team presented the idea to the Qualcomm’s R&D council—which reviews seed projects and determines if they’re worth pursuing—and members were immediately intrigued. Would this approach work on mobile?

The council responded with a challenge of its own for the team: prove it can be done on mobile. But what did that entail, exactly? It meant showing that the technology did not have a high rate of false positives, that it did in fact consume low amounts of power, and that it is possible to take a large model and covert it to a small model without giving up the accuracy and classification performance. This would not be a modest undertaking.

To succeed, one needed to have a deep understanding of malware threats, machine learning, and deep learning. The research to come up with a successful and viable prototype would take a few years. It would also require the creation of a larger team—a world class team—made up of the best people in the areas of machine learning, behavioral analysis and security. Fortunately, Qualcomm already had a close, working relationship with the security research community as well as access to some of the most renowned behavioral analysts in the world. The team was assembled and work began.

Initially, the team struggled with convincing people that this approach would be successful. After a lot of work and many late nights, they witnessed their experimental model achieve an extremely high success rate scoring when the model was tested with real-world data by an accredited third party testing lab. It proved that their innovative approach to mobile security, a home grown research effort, worked—success was born!

The little seed project/crazy idea suddenly became very real and things began to ramp up rapidly—funding, team size and research efforts to dramatically accelerate the development needed to share this technology with the world.

Fast forward to the present, and this research area of mobile security is one of high importance and visibility for Qualcomm Research. The cutting edge technology that the Bay area team has developed encompasses what the R&D group is all about…invention. With its next-generation mobile approach to tackling the challenges and risks involved with defending against malicious or anomalous code on mobile, the technology is set to change mobile security. Find out more about this technology for the detection and prevention of even previously unknown malware in the following video:

Advanced Mobile Security Detection

Feb 19, 2015 | 2:06

Opinions expressed in the content posted here are the personal opinions of the original authors, and do not necessarily reflect those of Qualcomm Incorporated or its subsidiaries ("Qualcomm"). Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Qualcomm or any other party. This site may also provide links or references to non-Qualcomm sites and resources. Qualcomm makes no representations, warranties, or other commitments whatsoever about any non-Qualcomm sites or third-party resources that may be referenced, accessible from, or linked to this site.

Marienne Caro

©2021 Qualcomm Technologies, Inc. and/or its affiliated companies.

References to "Qualcomm" may mean Qualcomm Incorporated, or subsidiaries or business units within the Qualcomm corporate structure, as applicable.

Qualcomm Incorporated includes Qualcomm's licensing business, QTL, and the vast majority of its patent portfolio. Qualcomm Technologies, Inc., a wholly-owned subsidiary of Qualcomm Incorporated, operates, along with its subsidiaries, substantially all of Qualcomm's engineering, research and development functions, and substantially all of its products and services businesses. Qualcomm products referenced on this page are products of Qualcomm Technologies, Inc. and/or its subsidiaries.

Materials that are as of a specific date, including but not limited to press releases, presentations, blog posts and webcasts, may have been superseded by subsequent events or disclosures.

Nothing in these materials is an offer to sell any of the components or devices referenced herein.