Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart...
Transcript of Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart...
![Page 1: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/1.jpg)
Paranoid Android:Why is the security on my smart phone so dumb?
Herbert Bos
Vrije Universiteit Amsterdam
![Page 2: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/2.jpg)
systemsnetworkssecurity networks
security
research
courses
Herbert BosVrije Universiteit
![Page 3: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/3.jpg)
Sponsored by these fine EU projects:
4-Feb-113
Security ConferenceSURFcert / SURFibo 2011
![Page 4: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/4.jpg)
Smartphones
• Q3 2010: 80 million sold worldwide
• Rich set of features and applications
4-Feb-11 4
– navigation
– ehealth
– games
– browsing
– control
– camera (pics+video)
– movies / music
– e-wallet
– access codes
+ thousands of others
![Page 5: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/5.jpg)
Smartphones: Information security risks, opportunities and recommendations for users
4-Feb-11 5
• Risks
• Opportunities
• Recommendations
![Page 6: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/6.jpg)
Risk 1: Data leakage
• a stolen or lost phone with unprotected memory allows an attacker to access the data on it.
18th of May 2011 6BTG Conference
![Page 7: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/7.jpg)
Risk 2: Improper decommissioning
• the phone is disposed of or transferred to another user without removing sensitive data, allowing an attacker to access the data on it.
18th of May 2011 7BTG Conference
![Page 8: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/8.jpg)
Risk 3: Unintentional data disclosure
• most apps have privacy settings but many users are unaware (or do not recall) that the data is being transmitted, let alone know of the existence of the settings to prevent this.
18th of May 2011 8BTG Conference
![Page 9: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/9.jpg)
Risk 4: Phishing
• an attacker collects user credentials (e.g. passwords, creditcard numbers) using fake apps or (sms,email) messages that seem genuine.
18th of May 2011 9BTG Conference
![Page 10: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/10.jpg)
Risk 5: Spyware
• the smartphone has spyware installed allowing an attacker to access or infer personal data.
18th of May 2011 10BTG Conference
![Page 11: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/11.jpg)
Risk 6: network spoofing
• an attacker deploys a rogue network access point and users connect to it. The attacker subsequently intercepts the user communication to carry out further attacks such as phishing.
18th of May 2011 11BTG Conference
![Page 12: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/12.jpg)
Risk 7: Surveillance
• spying on an individual with a targeted user’s smartphone.
18th of May 2011 12BTG Conference
![Page 13: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/13.jpg)
Risk 8: diallerware
• an attacker steals money from the user by means of malware that makes hidden use of premium sms services or numbers.
18th of May 2011 13BTG Conference
![Page 14: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/14.jpg)
Risk 9: Financial Malware
• malware specifically designed for stealing credit card numbers, online banking credentials or subverting online banking or ecommerce transactions.
18th of May 2011 14BTG Conference
![Page 15: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/15.jpg)
Risk 10: Network Congestion
• network resource overload due to smartphone usage leading to network unavailability for the end-user.
18th of May 2011 15BTG Conference
![Page 16: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/16.jpg)
Risk 1: Data leakage
![Page 17: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/17.jpg)
Risk 2: Improper decommissioning
![Page 18: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/18.jpg)
Risk 3: Unintentional data disclosure
![Page 19: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/19.jpg)
Risk 4: Phishing
![Page 20: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/20.jpg)
Risk 5: Spyware
![Page 21: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/21.jpg)
Risk 6: network spoofing
![Page 22: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/22.jpg)
Risk 7: Surveillance
![Page 23: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/23.jpg)
Risk 8: diallerware
![Page 24: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/24.jpg)
Risk 9: Financial Malware
![Page 25: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/25.jpg)
Risk 10: Network Congestion
![Page 26: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/26.jpg)
Opportunities
18th of May 2011 26BTG Conference
![Page 27: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/27.jpg)
Recommendations: Consumers
18th of May 2011 27BTG Conference
![Page 28: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/28.jpg)
Recommendations: Employees
18th of May 2011 28BTG Conference
![Page 29: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/29.jpg)
Recommendations: High Officials
18th of May 2011 29BTG Conference
![Page 30: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/30.jpg)
Another perspective
18th of May 2011 30BTG Conference
![Page 31: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/31.jpg)
Why Protect Smartphones?
• They are used to:
– Store sensitive data
– Used like PCs++
– Perform calls
– E-wallets
• Packed with sensors
– GPS, Mic, camera, accelerometer, etc.
• Large codebases, and many users
![Page 32: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/32.jpg)
OperatingSystems
Smartphones Like PCs
Internet
Applications
![Page 33: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/33.jpg)
E-Payments
Smartphones Unlike PCs
SensitiveInformation
Hardware 3G
Password, PIN,Credit Card No
![Page 34: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/34.jpg)
Our Targets
• Create a solution that enables multifaceted security with fixed overhead
– Including support for heavyweight mechanisms like Dynamic Information Flow Tracking
• Enable backup and recovery of device data
• Attackers cannot disable the check
![Page 35: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/35.jpg)
Our Approach
• Faithfully replicate smartphone execution in remote servers
• Apply security checks on replicas
….
![Page 36: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/36.jpg)
new security model
4-Feb-11 36Security ConferenceSURFcert / SURFibo 2011
![Page 37: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/37.jpg)
Recording and Replaying in a Nutshell
4-Feb-11 37Security ConferenceSURFcert / SURFibo 2011
….
recordnondeterministic inputs
1
compress
2 3
transmit
4
replay
Proxy
![Page 38: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/38.jpg)
Disconnected Operation
• Connectivity not always available
– Events stored in local storage
– Transmit on reconnection
– Risky?
Data are stored on the device
– We use tamper-evident storage
![Page 39: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/39.jpg)
Security Server
• Any detection technique
• The same as applying the check on the device
• Checks can be added transparently
• A server can host many replicas
![Page 40: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/40.jpg)
Marvin: A Paranoid Android Prototype
![Page 41: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/41.jpg)
Security Server
• Replica hosted on Android QEMU emulator
– Virus scanner
• Detects viruses stored in the file system
– Information flow tracking
• Detects memory corruption attacks QEMU emulator
Android OS
Applications
![Page 42: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/42.jpg)
Results
4-Feb-11 42Security ConferenceSURFcert / SURFibo 2011
![Page 43: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/43.jpg)
Data Generation Rate for Various Tasks
64B/s121B/s
Data generated by various tasks
![Page 44: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/44.jpg)
Marvin Data Generation Rate
≈100Bs
User operated device for 1 day
![Page 45: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/45.jpg)
Performance
• Idle operation and performing calls
– CPU load and battery life are not affected
• During high usage like browsing
– CPU load average increased by ≈15%
– Battery consumption increased by ≈30%
• Other activities
– minimal overhead
![Page 46: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/46.jpg)
Conclusions
• Smartphones are valuable targets, and they will be under attack
• Current security solutions are not sufficient for security sensitive organizations
• Outsourcing security is feasible, and can provide multifaceted security
![Page 47: Heavyweight protection for lightweight devices...Paranoid Android: Why is the security on my smart phone so dumb? Herbert Bos Vrije Universiteit Amsterdam systems networks security](https://reader034.fdocuments.us/reader034/viewer/2022042114/5e90f1c8b1fc4a2541109273/html5/thumbnails/47.jpg)