Security Research Institute, Edith Cowan University
Traditional firewalls are losing their effectiveness against new and evolving threats today. Artificial intelligence (AI) driven firewalls are gaining popularity due to their ability to defend against threats that are not fully known. However, a firewall can only protect devices in the same network it is deployed in, leaving mobile devices unprotected once they leave the network. To comprehensively protect a mobile device, capabilities of an AI-driven firewall can enhance the defensive capabilities of the device. This paper proposes porting AI technologies to mobile devices for defence against today’s ever-evolving threats. A defensive AI technique providing firewall-like capability is being presented. The possibility of tracing both outbound and inbound network packets to a specific mobile app is being explored. This ability of isolating network traffic to specific apps plays an important part in data cleansing for use in AI. With such isolated network data, accurate models can be trained up individually for each app. It would then be possible to build up a baseline of what normal traffic looks like for an app and any deviation from this baseline can be detected. In our proposed model, anomalies deemed malicious can be blocked for a specific app while leaving others unaffected.