OnQ Blog

Future of security: From reactive to proactive

Aug 13, 2015

Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries.

These days, the news is full of stories about security breaches and how privacy violations are on the rise. According to Symantec’s Internet Security Threat report, more than 317 million new malware variants were created in 2014—a 26% increase over 2013. This means that each day hackers are unleashing nearly one million new threats into the wild. And unfortunately, current security solutions are reactive, which means that they only protect against previously identified malware—they simply can’t keep up.

As I explained in my last post, Qualcomm envisions more robust and convenient security solutions that will help seamlessly authenticate users, preemptively protect their devices from malicious attacks, and enhance user privacy through detecting any possible violations.

I’ve already covered seamless authentication in my last post. For this post I would like to focus on the next two aspects of our vision: preemptive protection and enhanced user privacy.

Preemptive protection

Traditional signature-based security solutions can only detect malware that has been previously identified and assigned pre-defined signatures by security service providers. These solutions aren’t able to protect against zero-day malware attacks that result from unknown malware.

Qualcomm envisions security solutions that will provide early detection of unknown malicious attacks through new technologies, such as machine learning-based behavioral analysis. Behavioral analysis complements signature-based security solutions by identifying abnormal behaviors that are associated with transformational and unknown malware.

For example, a malware application could attack your device and try to send an SMS message on your behalf even while your smartphone is just sitting on the table. By using machine learning-based behavioral analysis, the device would know that something is abnormal, detect the malware attempt, and block it.

Enhanced privacy

In many cases, people may need to give access to their personal data in order to enjoy personalized services. Some apps and services may even get access to our personal data without our knowledge. With so much personal information on our devices, Qualcomm believes that people should be able to control their own data while still enjoying a broad range of personalized services.

Future security solutions will enhance user privacy. Your data will stay on the device and will be encrypted, so that only authorized parties can read it. These future solutions will continuously monitor and flag suspicious activities that result in privacy violations or unnecessary sharing of data. A machine learning-based behavioral analysis algorithm would be able to detect a spyware attack if it found, for example, that your flashlight app was trying to access and upload your contact list to a server without your knowledge. Instead of allowing this privacy violation to happen, it would help flag this activity and protect your device.

The same three technology pillars that I mentioned in my previous blog—Cognitive technologies, on-device processing, and hardware-based security—will be essential to enabling preemptive protection and enhanced privacy.

Cognitive technologies will make security more robust and intuitive. Machine learning-based behavioral analysis will be used to detect a variety of anomalies, including malware attacks or privacy violations. Behavioral analysis is designed to monitor device software activities, classify those activities based on a pre-defined behavior model, and detect malicious behaviors accordingly. (Recall my earlier example with the flashlight app, in which your device can detect an application trying to access your contact list without your knowledge.)

On-device processing will enhance user privacy. By taking advantage of on-device intelligence and storing data locally, users can still enjoy personalized services without the need to upload sensitive personal data to the cloud. On-device security solutions will also provide real-time, always-on protection by continuously monitoring device and software activities in order to detect malicious attacks. Implementing security on the device protects against new kinds of malware and phishing attacks without completely relying on cloud databases. Also, on-device security solutions can adapt to device capabilities and user preferences. For example, the solution will detect whether your device has NFC or not and secure the connection accordingly. It will also remember how you use different apps and what kinds of access you normally give to each of them.

Finally, hardware-based security—solutions that rely on robust hardware foundation—help ensure overall system security and device health. Embedding security functions in hardware and firmware provides a high degree of protection without compromising performance and power efficiency.

To learn more about our security vision, visit the Qualcomm Security and Privacy website. You can also watch the Qualcomm IAR webinar titled “The future of security: cognitive technologies to the rescue.”