Intrusion detection app 'trained' to spot malicious behavior
- By William Jackson
- Feb 04, 2014
The mobile security company Zimperium has released an Intrusion Prevention System app for Android devices that uses artificial intelligence to recognize and block malicious behavior on the mobile devices.
“We train our artificial intelligence engine to learn what attack techniques look like,” said Zimperium CEO Zuk Avraham. “Because we don’t detect the exact attack, but the nature of the attack, we can detect zero-day threats.”
The app, named zIPS, is available as a download with a volume-based pricing plan starting at $19 per device per month. Also available is zCONSOLE, a cloud-based unified threat management console that monitors zIPS devices on the enterprise network, turning each device into a mobile sensor that can help provide a picture of malicious activity on the network.
The ability to centrally monitor network activity detected by mobile devices turns bring your own device from an enterprise threat to an advantage, Avraham said. “The more devices you have, the more protected you are.”
zIPS uses machine learning and comes “trained” to spot network or device behavior commonly associated with malicious activity and is intended to detect network attacks, host attacks and client-side attacks. It monitors activity in the mobile browser and other apps, and is capable of detecting malicious activity from malware running outside its own sandbox.
When malicious behavior is identified the device is isolated before an exploit can take place. Policy to respond and protect the device is loaded and executed on the endpoint.
When novel attack techniques are identified, Zimperium exposes the AI engine to the new behavior in its lab and the updated version is pushed to devices. “We don’t program it, it is generating its own program,” Avraham said.
zIPS currently supports Android 2.2 and above and should be installed from Google Play. The company plans to release a beta version for iOS in the near future.
William Jackson is freelance writer and the author of the CyberEye blog.