TC: Medium: Self-Securing Services for Mobile Handsets
Regents Of The University Of Michigan - Ann Arbor, Ann Arbor MI
Investigators
Abstract
The main objective of the proposed research is to develop a self-securing framework for smart mobile handsets, called S3Mobile (Self Securing Services for Mobile handsets), that protects the handsets against known and unknown malware. The key research components of S3Mobile include: (1) collect malware samples for mobile handsets, (2) record the hardware and software usage logs of the samples that represent the corresponding run-time behavior, (3) develop an algorithm for extracting features from the logs, (4) analyze similarities, features, and exploit vectors, and (5) implement and evaluate S3Mobile on the Android platform. The general approach to the problem is to conduct some monitoring on the handset, but, recognizing the more limited computational and electrical resources available there, to use a remote server to conduct more computationally intensive activities and to maintain repositories of malware and normal application behavior. The server side facilities are referred to as a second line of defense. Four particular challenges are noted for the work: accurately specifying malware behavior, accurately detecting such behavior, testing the constructed system to evaluate its performance correctly, and the difficulty of obtaining malware samples. The proposal documents approaches to each of these challenges, including the use of a temporal logic based notation for describing malware behavior and a combination of honeypots and industrial collaboration to provide malware samples. If successful, the work could lead to a cellphone / smartphone infrastructure with much improved resilience to software-based attacks that aim to steal information or drain power from the phone.
View original record on NSF Award Search →