Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

A mobile security startup is launching software that learns how your smartphone behaves in order to better spot and stop new security threats before they can cause harm or spread to other handsets.

Today, San Francisco-based Zimperium unveiled its zIPS Android app (the “IPS” stands for “intrusion prevention system”), which the company says uses machine learning to watch how your smartphone normally acts and can spot strange changes in its usage, enabling it to detect and prevent attacks, including those that may strike via unprotected Wi-Fi networks. This kind of technique has long been used to spot malware on PCs, but it becomes trickier on smartphones, which can be exposed to ever-growing and changing security issues across different wireless networks.

While the zIPS app is geared toward companies that would deploy the software on employees’ phones and use new companion software called zConsole to manage all the handsets, Zimperium expects to roll out a consumer version in the future, and will perhaps eventually bring zIPS to other devices.

Long combated on computers, malware has begun to hit smartphones, too, as they become a popular (and for some people, predominant) way to get online. Since Android smartphones make up the majority of the market, they’re most affected so far: A recent report from F-Secure found 259 new security threats and variations on existing threats in the third quarter of 2013, 252 of which were focused on Android. According to a Juniper Research report, though, 80 percent of business and personal handsets are still unprotected.

The zIPS software works whether the user is on or offline, says Zimperium CEO and founder Itzhak Avraham, and can protect against malicious apps, such as those that can self-modify, as well as various types of network attacks, like a “man in the middle” attack where a hacker intercepts data being sent between two parties.

Avraham, who previously served as a security researcher for the Israeli Defense Forces and as a white-hat hacker for Samsung, showed me a demo of zIPS in action during a video chat over Skype. Holding two Android Samsung smartphones, he used one to attack the zIPS-running handset, which glowed with a green image meant to look like a radar screen. When Avraham performed a man-in-the-middle attack, a notification popped up on the zIPS display saying that a threat was just spotted and prevented. It also presented information on the type of threat (“MITM” in this case) and the IP address of the attacking device.

Avraham says that attacks such as these aren’t generally spotted by mobile antivirus apps because those apps tend to be designed just to look for incoming file signatures that can be compared with known bad code. “If I download an app, for instance, even if the app itself is benign at that moment in time, I can later download an update that has malicious intent to run outside of the sandbox that the [antivirus] product has access to,” he says.

The zIPS app is trained to recognize such attacks by using existing malware and known attack techniques. This is doable, Avraham says, because while there are tons of different attacks, there are just a few dozen different techniques.

Zimperium, which counts famed hacker-turned-security-researcher Kevin Mitnick among its advisors, hopes its software can eventually be used to prevent hacking on everything from smart TVs to refrigerators, as they are becoming increasingly common in homes (see “CES 2014: Smart Homes Open Their Doors”). Many security experts expect the so-called Internet of things to become a big target for hackers since protections on such devices are typically weak, the devices tend to be plugged in at all times, and it may not be as easy to determine if suspicious activity is taking place as it is on a smartphone or computer.

Internet-connected devices are already gaining some unwelcome attention: between late December and early January, one security software company, Proofpoint, noticed an attack in which hundreds of thousands of malicious e-mails were sent by over 100,000 Internet-connected consumer gadgets, including routers, TVs, and at least one fridge.  

Hear more from Google at EmTech Digital.

Register today

4 comments. Share your thoughts »

Credit: Photo courtesy of Zimperium

Tagged: Computing, Business, Communications, Web, Mobile, Google, iPhone, hacker, mobile security, iOS, smartphone, Android, Internet of Things, security software, BYOD

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me

A Place of Inspiration

Innovations and Ideas Fueling
Our Connected World

June 1-2, 2015
Register »