mobile device security challenges mustaque ahamad, director, georgia tech information security...
TRANSCRIPT
Mobile Device Security Challenges
Mustaque Ahamad, Director, Georgia Tech Information Security Center
Patricia Titus, VP and Global Chief Information Security Officer, Unisys
Robert Smith, Founder & CTO, M.A.D. Partners Moderator: Illena Armstrong
• Attacks from the desktop world moving into the mobile environment– 2009: iPhone botnet– 2010: Google remotely
nukes two apps that violated TOS
– 2010: 20% of Android apps leak private user data
– 2010: Android media player trojan spreads via text message
Nov 11 2010 2
Mobile Attacks
Current Mobile Device Security
Nov 11 2010 3
Direct interaction with service
provider
Ignore Periodically check
revocation server
Migrating desktop solutions
Avoiding Mobile Malware• Mobile application market place can be used to
propagate infected or malicious applications• How are applications being evaluated?
– Sophistication of malware in the desktop space (GT Mtrace system)
– Analysis must focus on what they do rather than what they are
– Utilizing available resources (IP reputation, DNS domain reputation, blacklists etc.)
– Drive-by-downloads
Nov 11 2010 4
Joint work with Jonathon Giffin, Wenke Lee, Paul Royal & Patrick Traynor
Mobile Security Analytics• Capturing security relevant feature values
and their analysis• Local vs. proxy server• IP vs. telecom network• Other challenges: privacy,
scalability, sharing intelligence across networks
• Call source feature analysis (Pindrop)
Nov 11 2010 5
Joint work with Vijay Balasubramanian, Jonathon Giffin and Patrick Traynor.
Remote repair 1. Alert of malicious activity
2. Recovery server queries execution state of infected device
3. Server pushes remediation actions to device
4. Device’s trusted kernel executes remediation
Nov 11 2010 6
Provider’s network
Recovery
serverJonathon Giffin, Patrick Traynor and their PhD students are working on this project.
Some questions
Nov 11 2010 7
• Are we making the right assumptions about threats to mobile devices?
• What security guarantees are possible?
• What is the best way to provide these guarantees?
Some Questions