By Michael Bentley, Lookout
Historically, mobile-device malware detection has required security researchers to write a heuristic, then scan binaries for a match. Rinse, recycle, and repeat until the entire malware family can be detected. This approach has been effective, but it does not scale to Lookout’s challenge of analyzing more than 30 million applications. In this session, Michael explains how Lookout took an entirely different approach: using graph data modeling techniques. One significant outcome of this approach is a new data model that has the powerful ability to track variants of malware that are under active development. This model also allows Lookout to extract more metadata about malware families through the discovery of relationships that were previously unknown.