GGrantIndex
← Search

CRII: CSR NeTS: Enabling Secure and Trusted Device I/Os on Smartphones

$175,000FY2016CSENSF

Suny At Binghamton, Binghamton NY

Investigators

Abstract

The recent success of smartphones is largely due to the integration of various built-in input/output (I/O) devices (e.g., touchscreens, sensors, cameras, and microphones), which not only permit easy interaction between users and smartphones, but also enable a plethora of useful applications. However, these I/O devices, if exploited by attackers, can pose severe security and privacy threats to smartphone users. The root cause of these threats is that smartphone device I/Os carry important and sensitive user information, but currently there lack systematic approaches to protect these device I/Os. This research will investigate the system design and prototype implementation towards enabling secure and trusted device I/Os on smartphones. This project will address the following three objectives with the proposed system, named IOGuard: 1) Securing device inputs: IOGuard aims to secure smartphone device inputs such that attackers cannot infer or steal user sensitive info from device inputs. 2) Enabling trusted device inputs: IOGuard aims to provide protected applications with the guarantee that the device inputs delivered to the applications are authentic and have not been tampered with. 3) Providing trusted screen outputs: IOGuard aims to enable trusted screen outputs for protected applications to defend against UI spoofing/activity hijacking attacks. This project aims at achieving the above objectives with practical and scalable solutions, which support running both unmodified smartphone operating systems and unmodified applications with good system performance and user experience. Specifically, support of unmodified operating systems will be achieved by a small and dedicated bare-metal hypervisor built using the recently introduced ARM hardware virtualization technology. Support of unmodified applications will be achieved by a novel user-space sandbox framework. A series of novel designs will also be carried out and evaluated to enable smooth system integration and good system performance. This project will bring an effective, practical, and deployment-scalable solution that could benefit billions of smartphone users and many mobile services. Besides smartphones, other smart mobile devices that feature a rich set of I/O devices can also benefit from the resulted solution of this research. The understandings, insights, and experiences gained in this project will be extremely valuable to other mobile computing fields that can be benefited from virtualization technologies, such as mobile cloud systems/applications and cyber-foraging.

View original record on NSF Award Search →