Adding AI/ML to Mobile Security

Many organizations are turning to artificial intelligence (AI) and machine learning (ML) to boost their cybersecurity systems, but you mostly hear about how AI is used to monitor networks and perform the time-consuming tasks that are overwhelming for humans.

But as more of the workforce relies on mobile devices for completing tasks, there is a need for AI and ML to play a role in mobile security. ML/AI, at its core, is designed to improve predictive capabilities based upon a substantial number of items as well as facets of inputs, explained Dave Cundiff, vice president, member success at Cyvatar.ai, in an email comment.

This means smaller and smaller nuanced patterns can be leveraged to determine the disposition of a file, behavior, command and other elements, allowing for a more nimble approach to application and mobile technology development while still providing increasingly better security at the endpoint.

“However, the mobile endpoint is not the only area of use,” Cundiff said. “Leveraging ML within the application design process to identify risky development or coding patterns can help better protect the end user by preventing potential compromise, rather than protecting at the device level.”

The Role of AI and ML

For any technology, device or network, automated systems excel at learning, remembering, comparing and processing large amounts of information quickly. This is because algorithms can be modified and new algorithms can be introduced, allowing existing and new data sets to acknowledge and react to signals in new ways.

“If the mobile app has its own AI engine, then it can have the complete business logic and user interaction all within the app or its back end,” said Baber Amin, COO with Veridium. “Alternatively, the underlying mobile OS could provide privacy enhanced anomalous signals to registered apps.”

While AI and ML are emerging technologies for many other uses, we aren’t seeing widespread use for mobile security yet. As Cundiff pointed out, traditional security for mobile has been slow to adopt newer technologies, which means mobile security is falling further behind the curve on keeping current with potential threats. This lack of security maturity increases risk in the daily lives of end users. When AI and ML are used, however, they provide a greater ability to identify predictive potential attacks, as well as improve application development to better prevent potentially vulnerable applications.

The Slow Integration in Mobile Security

AI and ML are typical of back end services that must be integrated during the development process, David Stewart, CEO for Approov, explained in an email interview, so the technologies are not widely deployed, especially for apps that are already in production.

“Also,” Stewart added, “implementation and ongoing execution costs are likely high, so AI/ML are more likely to be used by certain types of sectors, while others are constrained by budgets that preclude AI.”

What also may be holding integration back is training the algorithms for mobile security. As Amin explained, depending on how it is implemented, ML algorithmic training could be done in one or more of the following ways:

  • Mobile app and associated service can do it on their own. There are certain limitations with this approach, unless the app has a large and diverse data set.
  • Underlying mobile app OS. They have large data sets that cross populations, but they won’t be able to provide application specific anomaly detection. Training would be the responsibility of multiple stakeholders in IT, security and engineering, and would use both good and known bad inputs to determine the level of effectiveness.

“Mobile devices have a large set of high-fidelity sensors, e.g. gyro, GPS, accelerometer, gesture sensors,” said Amin. “With a constant stream of signals coming in, a model can be built that is continually processing and fine tuning the base line. This allows for more dynamic security decisions, ability to detect real time threats, and, even more importantly, tailor the security response to the present context.”

As mobile security affects an increasing number of devices around the globe, it must be thought of as any other type of security system would. After all, mobile sets up a much larger attack surface than other technologies.

“For defenders to have any chance of securing as much of that surface as possible,” said Cundiff, “ML/AI are necessary tools to exponentially increase a defenders ability to predict and prevent threats.”

Featured eBook

The Dangers of Open Source Software and Best Practices for Securing Code

More and more organizations are incorporating open source software into their development pipelines. After all, embracing open source products such as operating systems, code libraries, software and applications can reduce costs, introduce additional flexibility and help to accelerate delivery. Yet, open source software can introduce additional concerns into the development process—namely, security. Unlike commercial, or … Read More