ZingBox, an Internet of Things security startup whose founders have ties to Cisco and Stanford University, is working on software that guards IoT devices from threats on the Internet.
The company’s focus is on upgrading routers and gateways with intelligence to detect when IoT devices are behaving abnormally, indicating that they might be compromised, says May Wang, CTO of the company and a co-founder who spent 14 years at Cisco in its office of the CTO where she was a principal architect.
The problem of IoT security has to take three characteristics into account, she says. First, there are a huge number of IoT devices and a great variety of types of IoT devices with different hardware and software. Eighty percent of them have security concerns. Second, many of these devices are in mission-critical roles but have limited compute, memory, bandwidth and power so are unable to protect themselves. Third, these devices are connected online, putting them at high risk of compromise as they try to deal with critical missions.
The answer ZingBox has come up with takes a network perspective on security-as-a-service. It is an agent placed on routers and gateways that collects network data about traffic to and from these devices. The data is analyzed by ZingBox’s analysis engine, which evaluates threats, formulates responses and pushes security rules for the routers and gateways to enforce.
IoT devices run pretty much autonomously with very little human intervention, she says, and most talk machine-to-machine as they carry out one or two specific tasks, so the network traffic they generate is very predictable.
ZingBox has built a database of IoT device properties and behaviors which it uses to perform anomaly detection on live IoT traffic. The algorithm used to do this is trying to find the .1% of traffic that is anomalous.Wang says it uses smart sub-sampling of the traffic rather than examining every single packet in order to streamline the analysis and at the same time keep the false positive rate low. That enables ZingBox scale to handle the enormous amounts of data that massive deployments of IoT devices can generate, she says
With consumer IoT booming, ZingBox is designing its software to provide auto-protection for non-technical households to use it. “No IT expertise needed,” she says.