Using Deep Learning to Identify Security Risks of Personal Mobile Devices in Enterprise Networks

Abstract

In bring-your-own-device (BYOD) and guest wireless networks, the use of mobile devices within industry, government, and academic enterprise networks represents a difficult security challenge for system administrators. Devices not owned by the enterprise can pose additional risk. Our prior research demonstrated a dynamic anomaly detection method that used side-channel analysis of ping responses to infer whether devices were compromised. Initial results showed promise for a limited dataset. Our extension of this prior work now uses deep learning, twice as many features, and analyzes ten times more malware. Additional experiments demonstrate that our deep learning model generalizes to the detection of unseen threats across multiple families of malware.