Mobile Reputation Security prototype from Symantec: A closer look

Symantec announces prototype of Mobile Reputation Security solution, which uses reputation-based security. Initial prototype targets wireless carriers.

Mobile device based security threats (which include viruses and botnets) have seen a rapid increase. As a result, security vendors have shifted their attention to this market opportunity, and are focusing on developing strong mobile security product portfolios. The latest entrant on this front is Symantec, which announced a research prototype of its Mobile Reputation Security solution on Monday. This mobile security solution claims to protect users from malicious files and applications, using reputation based security.

Joe Pasqua, Symantec Research Labs' VP of Research, explains that the solution's need has come about, since smart phones are increasingly being utilized as internet access platforms. Consumers can now download several applications, and devices are becoming open. "For example, after the launch of Android OS, anyone can write and easily distribute applications for mobile phones. This has raised new mobile security challenges for users," says Pasqua.

Pasca claims that wireless carriers and network operators are also concerned about their infrastructure, as a couple of infected handsets can bring down an entire cell phone tower. The initial prototype of Symantec mobile reputation security is primarily geared towards wireless carriers and businesses and end users.   

While developing this mobile security solution, Symantec has to ensure that it causes least network performance degradation. It should also create minimal impact on the end user's mobile device in terms of usage of other applications, battery and memory. To avoid these issues, Symantec claims to have developed a cloud-based model where reputation calculation is undertaken in the cloud, keeping the mobile security application as light as possible.

The Symantec mobile security client installed on devices collects file and application metadata, which mainly includes attributes like origin and author. This data is then sent to Symantec servers (in the cloud) to calculate each file's reputation score (Reputation scores provide several characteristics like good or bad files, user confidence percentage, and file prevalence). Reputation servers in turn, send this information to mobile handsets. Apart from file reputation, users can also get other features like remote wipe, SMS antispam and firewall. The mobile security solution claims to offer flexibility to carriers through a separate console. They may be able to blacklist or whitelist applications, change confidence settings, confine customer to usage of whitelisted or high reputation application, and block (or uninstall) implemented applications. On the other hand, business enterprises can control applications accessed through corporate smartphones.

Pasqua informs that reputation for mobile applications can also change over time, so any white listed application can get into blacklists on the basis of upgraded reputation scores. In the existing reputation system for PCs, Symantec updates reputation scores every three hours.

Although Symantec's mobile security solution is still just a prototype, the company plans to target telecom carriers. "We could offer this mobile security solution as a service from Symantec, but partnership with carriers works as the best approach for end users. We are working on it," says Pasqua. Symantec plan to launch this mobile security solution in 2010.

Read more on Endpoint security