Introduction Our Topic: Mobile Security Why is mobile security important?
-
Upload
richard-calvin-morrison -
Category
Documents
-
view
216 -
download
1
Transcript of Introduction Our Topic: Mobile Security Why is mobile security important?
Introduction • Our Topic: Mobile Security
• Why is mobile security important?
Research Questions 1. Why aren't current mobile security systems effective at preventing mobile attacks?2. What is the most effective form of attack vector for todays attackers?3. What can be gained from attacking a mobile phone? Do hackers attack phones for the same reason they attack computers?4. Why is mobile security important for the future?5. What kinds of security standards or methods will best prevent future attacks?
Current Risk Communication
• I Phoneo Action Based
An app uses location user will then be asked to allow or disallow
• G Phoneo Permission Based
Lists set of permissions that application is granted
Problems with Risk Communications
• Current methods do not take context into accounto Context is related to a file
The context will contain the history of a file and what other applications have access as well.
Very important because helps prevent cover channel attacks
o Leaves system vulnerable especially cover channel attacks
Why Our Framework?
• Our framework combines the two most common frameworks (I Phone & G Phone).
• Our framework takes context into account.• We feel the context will allow us to be able
to protect users from cover channel attacks.
History of Considerations
• We observed different mobile security systems and found…
• Pre-download – there is very little straightforward interventiono In Andriod – a list of permissions is present but
the user may not understand thato Interventions – Systems try and predict attacks to
directly as opposed to providing users with information (similar to computer antivirus)
o Theoretical solutions suggest any file modified by a permission should be stopped.
What is Considered Dangerous?
• Risky permissions for possibly fraudulent application
• Most Dangerous – permission to send througho Phone calls, Internet(WiFi), MMS,
bluetooth, and email• Medial Danger – access to view
personal infoo Contacts list, incoming calls, texts,
ect• Dangerous Enough – access to
location or fileso Camera, voice, global search, and
GPS access
Why Intervene at Download• Permission to use a sending
vector• the internet, MMS, bluetooth,
or email• Inform the user of the possibility
of personal information compromise without consent or action
• In other security systemso It is not explicitly specified what
can go wrong by accepting these permissions
o The permissions are generalized into allow accept format
Why Intervene Otherwise• Sending Files• Files accessed by a sending
vector without user direction are potentially compromisingo Many actions can modify files,
but that doesn’t directly hurt user
• User Sends Compromised Files• Files modified using
permissions can contain personal information
• We don’t want users to develop bad habits.o Similar to very long terms of
service fileso Inform the user to make better
decisions
Attack Scenario
• You are hanging out on the Android Marketplace
• You find this cool application called PingDroid
• This screen comes up before you install it
Intervention
• This is the first place where we want to intervene.
• Instead of listing permissions we might want to say…
• “Hey, are you sure you want to download an application that can take your location and photographs and send them over the internet?”
• You say, well ok maybe I still want this.• The application is running for a while and
you forget about it.
• Later, you pick up your phone to notice it has a message for you.
• Intervention – Your phone stopped PingDroid
• “PingDroid may be sending a picture along with your location to anyone on the internet”
What Happens Next?
• You, the user, have just found your application acting in a way that may be malicious
• If you decide that is what the application is supposed to do, allow the app to continue
• If not, you may stop the app from compromising your information
• The only way our security system intervenes again is if another kind of information is compromised or the sending location changes (IP address)
Attacking Scenario 2
• This scenario could be used by several applications.
• Ezimbra is a photo editing application that has the ability to post photos on the internet.
Attack Scenario 3
• People use more and more passwords and "secure" accounts with growth of technology
• Bank accounts, e-mail accounts, eBay/Amazon, etc.• Palm attempts to help keep these accounts organized,
but at what cost?
Attack Scenario 3
• How does SplashID work?• Where are the security issues?• How can these issues be averted?
Attack Method 4
• Our system would inform the user of the level of risk involved with the actions being preformed by the application
•This could be done prior to the user installing the update or after the update tries to run malicious code
Future Work
• Developing a system that uses past cases to exploit
malicious actions
• Final Goal = Software designed to alert user of
adverse actions
Research Question Answers
1.Obviously, new attacks and applications are produced daily. Security that tries to stop attacks in
the background have not been successful
There is no way to predict how an application will attack you, but you can predict the attack vector
If the security system doesn’t accurately assess a malicious situation, no action is taken
2. Most simply, Web applications account for 41% of all financial and 52% of all tech pathway attacks
There are more common vectors of attack, but they are direct (such as bluetooth hacking). These attacks can be easily prevented and are not hidden. They are not the most controversial. Source: http://www.mobileenterprisemag.com/ME2/Sites/dirmod.asp?sid=&nm=&type=MultiPublishing&mod=PublishingTitles&mid=B4771C6F22F34E4CA3FFFDA61E0EA2C5&tier=4&id=8C626442A70740CFB6A62EC3C7A339E8&SiteID=87D3DA363DA24D189035C60D0D8A4775
3. Your Personal information.Contact informationFinancial informationLocationPhotographsPersonal dataCompromising information
4. In the future, nearly everyone will have a cell phone. In 2009, there were 4.6 billion cell phone subscriptions. That number will increase in 2010.
With the growing popularity of smart phones, the cellular network will have a huge market to take advantage of.
5. We have seen so many different kinds of attack with new attacks happening each day.If there are new attacks that work, then the current security systems aren’t working.
The users informed decision and intuition should be much better for prevention than a system that may take no action