Zscaler, Inc.
Detecting malicious mobile applications using machine learning in a cloud-based system

Abstract:

Systems and methods for detecting malicious mobile applications using machine learning in a cloud-based system utilize a traffic forwarding technique and a cloud-based Machine Learning (ML) model to assess the security of apps installed on a user device. This architecture enables the cloud-based system to have visibility of user devices, train the ML model in real-time with a vast amount of mobile app data from multiple users, and enforce security on the user devices from the cloud-based system. Advantageously, the ML model is trained with a vast amount of mobile traffic, leading to better accuracy of prediction. The cloud-based system can be multi-tenant (enterprise), have a large user base, be spread over a large geographic area, etc. This provides a great opportunity for training data. Feedback from live production data can be fed back into the ML model.