OnQ Blog

The rise of machine learning against malware [VIDEO]

2015년 7월 31일

Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries.

Advanced Mobile Security Detection

2015년 2월 19일

2:06

Have you ever wondered how new and innovative technologies are born? How things that are impossible today become the technologies of the future?  At Qualcomm Research, dreaming up and inventing technological breakthroughs consumes us. We embrace coming up with and executing on ideas that “the experts” said were impossible and turning them into reality. Our biggest achievement thus far in mobile security is just one example…

While considering the importance and rising need to combat the threat of malware in a smarter and more efficient manner, a researcher in Qualcomm Research’s Silicon Valley office, Rajarshi Gupta posed the question “What if we created a technology that was always on and working behind the scenes and could be trained to identify anomalous behavior immediately?”  

At the time, this was a different way of approaching security on mobile—it would be like giving smartphones and tablets their own immune system. In the traditional approach to malware protection, established security companies identify malware programs and then “inoculate” devices with updates to the security software that help them identify and contain threats. Rajarshi’s idea involved using machine learning techniques to give phones and tablets cognitive abilities to recognize the threats by themselves.

Rajarshi and a small team presented the idea to the Qualcomm’s R&D council—which reviews seed projects and determines if they’re worth pursuing—and members were immediately intrigued. Would this approach work on mobile?

The council responded with a challenge of its own for the team: prove it can be done on mobile. But what did that entail, exactly? It meant showing that the technology did not have a high rate of false positives, that it did in fact consume low amounts of power, and that it is possible to take a large model and covert it to a small model without giving up the accuracy and classification performance. This would not be a modest undertaking.

To succeed, one needed to have a deep understanding of malware threats, machine learning, and deep learning. The research to come up with a successful and viable prototype would take a few years. It would also require the creation of a larger team—a world class team—made up of the best people in the areas of machine learning, behavioral analysis and security. Fortunately, Qualcomm already had a close, working relationship with the security research community as well as access to some of the most renowned behavioral analysts in the world. The team was assembled and work began.

Initially, the team struggled with convincing people that this approach would be successful. After a lot of work and many late nights, they witnessed their experimental model achieve an extremely high success rate scoring when the model was tested with real-world data by an accredited third party testing lab. It proved that their innovative approach to mobile security, a home grown research effort, worked—success was born!

The little seed project/crazy idea suddenly became very real and things began to ramp up rapidly—funding, team size and research efforts to dramatically accelerate the development needed to share this technology with the world.

Fast forward to the present, and this research area of mobile security is one of high importance and visibility for Qualcomm Research. The cutting edge technology that the Bay area team has developed encompasses what the R&D group is all about…invention. With its next-generation mobile approach to tackling the challenges and risks involved with defending against malicious or anomalous code on mobile, the technology is set to change mobile security. Find out more about this technology for the detection and prevention of even previously unknown malware in the following video: