Qualcomm on Monday announced Snapdragon Smart Protect, a hardware-software product that could make the world a safer place for Android smartphone users.
Snapdragon Smart Protect, which will become available with Qualcomm’s upcoming Snapdragon 820 processor, will provide real-time, on-device machine learning designed to support accurate and effective detection of zero-day malware threats.
Smart Protect is the first application to utilize Qualcomm Zeroth technology. The tech uses an advanced cognitive computing behavioral engine that can pereform on-device real-time malware detection, classification and cause analysis, to augment conventional antimalware solutions.
Adding to Smart Protect’s effectiveness is its ability to operate below the operating system layer on an Android phone.
“It can detect any malware that’s installed on top of the operating system,” noted Rob Enderle, president and principal analyst with the Enderle Group.
“A lot of malware will disable security so it won’t be detected by antimalware products,” he told TechNewsWorld. “By working below the operating system, Qualcomm can be more aggressive in identifying and removing malware.”
Looks for Bad Behavior
Smart Protect is designed to complement existing signature-based antimalware solutions by analyzing and identifying new threats prior to new signature updates. Existing antimalware products can plug into the Qualcomm offering through an API created for that purpose.
Traditional antivirus programs use signatures to identify malicious software. However, it can take a lot of time to create a signature for a malware program, and hackers easily can change a few lines of code in their wares and render a new signature worthless.
“Smart Protect isn’t looking at signatures. It looks at the behavior of the application. If it’s doing something bad, we’ll detect it,” said Qualcomm Director of Product Management Asaf Ashkenazi.
“Instead of looking at what it is,” he told TechNewsWorld, “it looks at what it does.”
Smart Protect also can work to protect a user’s privacy.
“There are a lot of applications that operate in a gray area,” Ashkenazi explained. “The user gives the application permission to do something — then the application abuses that permission.”
Those kinds of abuses can be flagged by Smart Protect so users can decide if they want to continue using the app or not.
“We give power back to the user to control how data is being used by applications,” Ashkenazi said.
Smart Protect will allow phone makers and mobile security software vendors to enhance their existing security products, according to Qualcomm. For operators, it should mean less fraud and network congestion associated with malware traffic. For consumers, it should mean improved protection of personal data with minimal impact on device performance or battery life.
It should allow malware fighters to mitigate threats more effectively.
“It allows us to effectively monitor zero-day attacks,” said Gagan Singh, president of mobile at Avast.
“If something hasn’t been seen before, we can intercept those calls and send a warning to the user,” he told TechNewsWorld.
Leap for Android
In general, mobile users haven’t shown a lot of enthusiasm for securing their phones.
Only 14 percent of smartphone owners had installed antivirus software on their phones, found a Consumer Reports survey released last year.
That may explain why as many as 30 million Android phones could be infected with malware — although Google pegs that number at 5 million.
“Google is doing a good job in improving security in Android and in cleaning Google Play, but there are some things that can still sneak into a phone,” Qualcomm’s Ashkenazi said. “We can protect against those things.”
Protection could improve Android’s security posture significantly.
“This will be a substantial leap for Android security, especially when you consider it will allow us to monitor patterns that we just did not have access to before and will now allow us to proactively call out threats,” Avast’s Singh maintained.
“This could make a huge difference for Android security,” added Enderle, “because the platform has been incredibly vulnerable.”