Consumers are becoming increasingly concerned about the hacking of their devices and data as they hear about more data breaches and have their own experiences with issues such as ransomware, identity theft and botnet attacks.
Concerns about data security also have been shown to increase with ownership of more connected devices. Currently, U.S. broadband households own an average of 10.4 connected devices — including entertainment, smart home, smart speaker and connected health devices.
Enterprise security applications have applied advanced artificial intelligence for some time, but the financial constraints of the consumer market make it challenging to afford the cost of enterprise-grade security solutions.
Data security solution companies like Cujo AI and Dojo recently have expanded their direct-to-consumer offerings with carrier-grade, cloud-supported security solutions that include a software agent designed to sit on the carrier-provided residential gateway/router to provide network security for consumers.
These robust emerging solutions for the connected home apply machine learning technology to identify devices on the home network, detect anomalous endpoint behavior, monitor and detect incoming threats, identify unreliable phishing websites, and enable more robust digital parenting.
AI for Device Identification
Device identification on the home network is foundational to providing endpoint security, network security, and digital parenting. Solutions vary with respect to identification capabilities, ranging from identifying only basic MAC addresses to detailed device types, model, brand and operating system classifiers.
When a security agent is running on the network and leveraging cloud intelligence, it can tap on every endpoint connection and see the header info for every protocol handshake with the device.
In the best architectures, such as Comcast’s collaboration with Asus and Cujo AI, router hardware and firmware are optimized for the network security application to ensure that throughput, latency, memory and CPU utilization are not diminished to a degree that results in erosion of the user experience. As with all machine learning, the more data the software application has available to process, the smarter it gets.
AI for Endpoint and Network Security
The device information then informs a device profile that enables security software to identify unreliable device behavior without having to decrypt and examine the data packets. This kind of IoT device behavioral analysis identifies deviations from acceptable device behavior, alerts the user, and quarantines infected devices from the network.
Certain categories of devices, such as networked cameras, have a unique attack profile that often begins with remote access of the camera. AI enables learning the unique attack profiles, detecting them in real-time by looking at destination URLs and protocols employed, and enacting blocking strategies such as remote access protection.