Future Android security apps will learn from your phone to catch out the bad guys
Malicious software might not be as huge of a problem as some reports would like you to believe, but that doesn’t mean that we shouldn’t take the time to protect our smartphones from potential attacks.
Fortunately, Zimperium, a new mobile security startup, seems to be taking mobile security seriously and is showing other developers the way forward.
Its new Android app, named zIPS or Zimperium intrusion prevention system, aims to keep Android devices secure by learning how they typically operate and identifying when something strange is happening. This kind of technique has been used to spot malware on PCs for quite a while, but implementing a similar system on Android is more difficult, as we’re constantly connecting to new networks and regularly installing and updating our software.
The bad news is that Zimperium is currently only offering its software to business clients, although the company expects to roll out a consumer version at some point in the future. But for interest’s sake, let’s see how this technology works.
As already mentioned, the app installed on the device scans, in real-time, for threats by monitoring any changes to your handset’s behaviour. If, for example, a malicious app attempts to self-modify, or a device on your wireless network attempts to intercept your data, zIPS will notice this departure from normal operations and notify the user. Common Android security, on the other hand, relies much more heavily on simply checking incoming file signatures that can be compared with known bad code, and therefore struggles to respond to some of the more advanced threats.
The second part of the software is the zCONSOLE, which is used by the license owner to observe any threats and monitor the linked Android devices. Although clearly designed for businesses, this could be pretty useful for families looking to protect all of their Android devices.
Zimperium is also keeping its eye on the future of the “Internet of Things”, which could be particularly vulnerable to security exploits as the devices are always online. The idea of real-time protection and centralized monitoring could be especially useful in this evolving technology.
Keep your eyes peeled for the consumer version in the, hopefully, not too distant future.