Results 11 - 20
of
32
Potentia est scientia: Security and privacy implications of energy-proportional computing
- In HotSec
, 2012
"... The trend toward energy-proportional computing, in which power consumption scales closely with workload, is making computers increasingly vulnerable to informa-tion leakage via whole-system power analysis. Saving energy is an unqualified boon for computer operators, but this trend has produced an un ..."
Abstract
-
Cited by 5 (3 self)
- Add to MetaCart
(Show Context)
The trend toward energy-proportional computing, in which power consumption scales closely with workload, is making computers increasingly vulnerable to informa-tion leakage via whole-system power analysis. Saving energy is an unqualified boon for computer operators, but this trend has produced an unintentional side effect: it is becoming easier to identify computing activities in power traces because idle-power reduction has lowered the effective noise floor. This paper offers preliminary evidence that the analysis of AC power traces can be both harmful to privacy and beneficial for malware detection, the latter of which may benefit embedded (e.g., medical) devices. 1
Exposing Security Risks for Commercial Mobile Devices
"... Abstract. Recent advances in the hardware capabilities of mobile handheld devices have fostered the development of open source operating systems and a wealth of applications for mobile phones and table devices. This new generation of smart devices, including iPhone and Google Android, are powerful e ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Recent advances in the hardware capabilities of mobile handheld devices have fostered the development of open source operating systems and a wealth of applications for mobile phones and table devices. This new generation of smart devices, including iPhone and Google Android, are powerful enough to accomplish most of the user tasks previously requiring a personal computer. Moreover, mobile devices have access to Personally Identifiable Information (PII) including a full suite of location services, camera, microphone, among others. In this paper, we discuss the cyber threats that stem from these new smart device capabilities and the online application markets for mobile devices. These threats include malware, data exfiltration, exploitation through USB, and user and data tracking. We will present the ongoing GMU efforts to defend against or mitigate the impact of attacks against mobile devices. Our approaches involve analyzing the source code and binaries of mobile applications, hardening the device by using Kernel-level network and data encryption, and controlling the communication mechanisms for synchronizing the user contents with computers and other phones. We will also explain the enhanced difficulties in dealing with these security issues when the end-goal is to deploy security-enhanced smart phones into military and tactical scenarios. The talk will conclude with a discussion of our current and future research directions. 1
Comprehensive behavior profiling for proactive android malware detection
- in Proc. of Information Sec. - 17th Int. Conf. (ISC 2014), ser. Lecture Notes in Comp. Sci
"... Abstract. We present a new method of screening for malicious Android applications that uses two types of information about the application: the permissions that the application requests in its installation manifest and a metric called percentage of valid call sites (PVCS). PVCS measures the riskines ..."
Abstract
-
Cited by 2 (2 self)
- Add to MetaCart
(Show Context)
Abstract. We present a new method of screening for malicious Android applications that uses two types of information about the application: the permissions that the application requests in its installation manifest and a metric called percentage of valid call sites (PVCS). PVCS measures the riskiness of the application based on a data flow graph. The information is used with machine learning algorithms to classify previously unseen applications as malicious or benign with a high degree of accuracy. Our classifier outperforms the previous state of the art by a significant mar-gin, with particularly low false positive rates. Furthermore, the classifier evaluation is performed on malware families that were not used in the training phase, simulating the accuracy of the classifier on malware yet to be developed. We found that our PVCS metric and the SEND SMS permission are the specific pieces of information that are most useful to the classifier.
Toward Securing Sensor Clouds
"... We aim to secure smart sensor networks, where computationally powerful sensing devices such as smartphones or cognitive radios interact with the cloud. In previous work, we have proposed a large-scale brokering framework, and we are researching several facets of securing sensors in the context of th ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
We aim to secure smart sensor networks, where computationally powerful sensing devices such as smartphones or cognitive radios interact with the cloud. In previous work, we have proposed a large-scale brokering framework, and we are researching several facets of securing sensors in the context of this framework. In this paper we discuss initial results for three portions of this effort, challenges that remain for secure sensor networks, and specific directions we are currently pursuing. In particular, we discuss our work on (i) Sensor risk assessment, relating to the possession and environment of the smartphone sensors, (ii) New malware threats and defenses installed on the sensor network proper, and (iii) Defense against the side-channel analysis on the Software-as-a-Service infrastructure.
SIDE CHANNELS ENABLED BY SMARTPHONE INTERACTION
, 2012
"... As smartphones become ever more present and interwoven into the daily comput-ing of individuals, a broader perspective of the differences between computer secu-rity and smartphone security must be considered. As a general purpose computer, smartphones inherently suffer from all the same computer sec ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
As smartphones become ever more present and interwoven into the daily comput-ing of individuals, a broader perspective of the differences between computer secu-rity and smartphone security must be considered. As a general purpose computer, smartphones inherently suffer from all the same computer security issues as tradi-tional computers; however, there exists fundamental differences between smartphones and traditional computing in how we interact with smartphones via the touchscreen. Smartphones interaction is physical, hand-held, and tactile, and this thesis shows how this interaction leads to novel side channels. This is demonstrated through the study of two side channels: One based on exter-nal smartphone observations via photographic and forensic evidence, and the other based on internal smartphone observations via the smartphone’s on-board sensors. First, we demonstrate a smudge attack, a side channel resulting from oily residues remaining on the touch screen surface post user input. We show that these external observations can reveal users ’ Android password patterns, and we show that prop-erties of the Android password pattern, in particular, render it susceptible to this
CHARACTERIZING ANDROID PERMISSIONS AND ANALYZING THEIR PRIVACY-INTRUSION
, 2014
"... Characterizing Android permissions and analyzing their privacy-intrusion ..."
(Show Context)
Soundcomber: AStealthy andContext-Aware Sound Trojanfor Smartphones
"... We explore the threat of smartphone malware with access to on-board sensors, which opens new avenues for illicit collection of private information. While existing work shows that such “sensory malware ” can convey raw sensor data (e.g., video and audio) to a remote server, these approacheslack steal ..."
Abstract
- Add to MetaCart
(Show Context)
We explore the threat of smartphone malware with access to on-board sensors, which opens new avenues for illicit collection of private information. While existing work shows that such “sensory malware ” can convey raw sensor data (e.g., video and audio) to a remote server, these approacheslack stealthiness, incursignificantcommunication and computation overhead during data transmission andprocessing, andcan easily be defeatedby existing protections like denying installation of applications with access to both sensitive sensors and the network. We present Soundcomber, a Trojan with few and innocuous permissions, that can extract a small amount of targeted private information from the audio sensor of the phone. Using targeted profiles for context-aware analysis, Soundcomber intelligently “pulls out ” sensitive data such as credit card and PIN numbers from both tone- and speech-based interaction with phone menu systems. Soundcomber performs efficient, stealthy local extraction, thereby greatly reducing the communication cost for delivering stolen data. Soundcomber automatically infers the destination phone number by analyzing audio, circumvents known security defenses, and conveys information remotely without direct network access. Wealsodesignandimplementadefensivearchitecture that foils Soundcomber, identify new covert channels specifictosmartphones,andprovideavideodemonstration ofSoundcomber. 1
Applied Computer Security AssociatesThe Association for Computing Machinery
, 2011
"... COMPUTER ..."
Implementing and Optimizing an Encryption Filesystem on Android
"... Abstract—The recent surge in popularity of smart handheld devices, including smart-phones and tablets, has given rise to new challenges in protection of Personal Identifiable Information (PII). Indeed, modern mobile devices store PII for applications that span from email to SMS and from social media ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract—The recent surge in popularity of smart handheld devices, including smart-phones and tablets, has given rise to new challenges in protection of Personal Identifiable Information (PII). Indeed, modern mobile devices store PII for applications that span from email to SMS and from social media to location-based services increasing the concerns of the end user’s privacy. Therefore, there is a clear need and expectation for PII data to be protected in the case of loss, theft, or capture of the portable device. In this paper, we present a novel FUSE (Filesystem in USErspace) encryption filesystem to protect the removable and persistent storage on heterogeneous smart gadget devices running the Android platform. The proposed filesystem leverages NIST certified cryptographic algorithms to encrypt the dataat-rest. We present an analysis of the security and performance trade-offs in a wide-range of usage and load scenarios. Using existing known micro benchmarks in devices using encryption without any optimization, we show that encrypted operations can incur negligible overhead for read operations and up to twenty (20) times overhead for write operations for I/Ointensive programs. In addition, we quantified the database transaction performance and we observed a 50 % operation time slowdown on average when using encryption. We further explore generic and device specific optimizations and gain 10 % to 60 % performance for different operations reducing the initial cost of encryption. Finally, we show that our approach is easy to install and configure across all Android platforms including mobile phones, tablets, and small notebooks without any user perceivable delay for most of the regular Android applications. Keywords-Smart handheld devices, Full disk encryption, Encrypted filesystem, I/O performance. I.
Hey,You, GetOffofMy Market: DetectingMalicious Apps in Official and AlternativeAndroid Markets
"... In this paper, we present a systematic study for the detection of malicious applications (or apps) on popular Android Markets. To this end, we first propose a permissionbased behavioral footprinting scheme to detect new samples of known Android malware families. Then we apply a heuristics-based filt ..."
Abstract
- Add to MetaCart
(Show Context)
In this paper, we present a systematic study for the detection of malicious applications (or apps) on popular Android Markets. To this end, we first propose a permissionbased behavioral footprinting scheme to detect new samples of known Android malware families. Then we apply a heuristics-based filtering scheme to identify certain inherent behaviors of unknown malicious families. We implemented both schemes in a system called DroidRanger. The experimentswith 204,040appscollectedfromfivedifferent Android Markets in May-June 2011 reveal 211 malicious ones: 32 from the official Android Market (0.02 % infection rate) and 179 from alternative marketplaces (infection rates ranging from 0.20 % to 0.47%). Among those malicious apps, our system also uncovered two zero-day malware (in 40 apps): one from the official Android Market and the other from alternative marketplaces. The results show that current marketplaces are functional and relatively healthy. However, there is also a clear need for a rigorous policing process, especially for non-regulated alternative marketplaces. 1
