At Trustlook, we monitor live feed from VirusTotal (VT). On ...
San Jose, Calif., Nov. 12, 2018, Trustlook, the global leader of AI-powered cybersecurity, today announced the release of Revere, a new kernel-level security solution which provides efficient and reliable security protection for Internet of Things (IoT) devices.
Today’s IoT devices like smart door locks, webcams, smart speakers, drones, and cars, which run on Linux or Android operating systems, are vulnerable to zero-day attacks, enabling hackers to simply access users’ privacy and life safety.
Current evidence shows that the number of IoT device attacks is overgrowing. According to the Kaspersky Lab IoT report, the number of malware detection for IoT devices in the first half of 2018 was more than triple the amount of IoT malware seen in the whole of 2017, and in 2017 there were ten times more than in 2016. A recent F5 Networks report suggests that IoT devices have become the number one attack target on the Internet, surpassing the total amount of attack to web and application servers, email servers, and databases.
The most reliable security solutions are built into the operating system. “Trustlook has discovered in practice that putting the security module in the kernel is faster and more responsive than not using kernel. It is difficult to hide things from the kernel,” said Trustlook CEO Allan Zhang.
The new Revere solution can protect the system from the foundational layer: When a program makes a system call to the kernel, the Revere module can collect the behavior data of the program. Based on newly input data, a built-in AI model, which has been well trained on a large amount of training data samples, will make accurate predictions of various types of abnormal behaviors, such as privilege escalations, malware downloads, DOS/DDOS network attacks, brute-force password cracking, system file tampering, and privacy data theft, thereby preventing various types of zero-day attacks.
Key benefits of the new Revere solution include:
- Secure and fast: Revere is more secure and response faster than traditional security engine, especially for time-sensitive applications, such as smart speakers that contain sensitive data or cars that involve personal safety.
- Compatible: Revere applies to most Linux-based IoT devices as its security examination will be finished in kernel.
- Intelligent: Trustlook Security Lab collects all types of IoT device attack behavior data to train AI models and upgrade remotely to maintain its predictive protection against the latest attacks. Revere’s zero-day attack detection and prevention is beyond the capability of most traditional signature-based security engines.
- Efficient: Revere’s on-device detection model consumes a relatively small amount of resources and delivers stable performance. For example, on an IP camera running embedded Linux, Revere consumes less than 1% of CPU capacity in standby mode, less than 3% during most active operations, and occupies at most 5MB of memory.
Trustlook currently provides an SDK-based solution for Revere, while developing a cloud service platform, which allows vendors to monitor the system security in real time. In the future, Trustlook will provide customers with a full-stack IoT security solution from devices to the cloud.
Trustlook is the global leader in next-generation cybersecurity products based on artificial intelligence. The company’s innovative SECUREai engine delivers the performance and scalability needed to provide total threat protection against malware and other forms of attack. Trustlook’s solutions protect mobile devices, network appliances, and IoT. For many years, Trustlook has served Huawei, Amazon, Qualcomm and other leading hardware and software vendors.
Find out more at: trustlook.com