Grant awarded to improve the security of mobile devices and cellular networks

November 10, 2009

Smart phones -- like BlackBerrys and iPhones -- have become indispensable to today's highly mobile workforce and tech-savvy youngsters. While these devices keep friends and colleagues just a few thumb-taps away, they also pose new security and privacy risks.

"Traditional cell phones have been ignored by attackers because they were specialty devices, but the new phones available today are handheld computers that are able to send and receive e-mail, surf the Internet, store documents and remotely access data -- all actions that make them vulnerable to a wide range of attacks," said Patrick Traynor, assistant professor in the School of Computer Science at the Georgia Institute of Technology.

Traynor and Jonathon Giffin, also an assistant professor in the School of Computer Science, recently received a three-year $450,000 grant from the National Science Foundation to develop tools that improve the security of mobile devices and the telecommunications networks on which they operate. These Georgia Tech faculty, together with a team of graduate students, are developing methods of identifying and remotely repairing mobile devices that may be infected with viruses or other malware.

Malware can potentially eavesdrop on user input or otherwise steal sensitive information, destroy stored information, or disable a device. Attackers may snoop on passwords for online accounts, electronic documents, e-mails that discuss sensitive topics, calendar and phonebook entries, and audio and video media.

"Since mobile phones typically lack security features found on desktop computers, such as antivirus software, we need to accept that the mobile devices will ultimately be successfully attacked. Therefore our research focus is to develop effective attack recovery strategies," explained Giffin.

The researchers plan to investigate whether cellular service providers -- such as AT&T and Verizon Wireless -- are capable of detecting infected devices on their respective networks. Since infected devices often begin to over-utilize the network by sending a high volume of traffic to a known malicious Internet server or by suddenly generating a high volume of text messages, monitoring traffic patterns on the network should allow these infected phones to be located, according to the researchers.

"While a single user might realize that a phone is behaving differently, that person probably won't know why. But a cell phone provider may see a thousand devices behaving in the same way and have the ability to do something about it," said Traynor.

Once infected devices are located, those phones will need to be cleared of the malicious code. To accomplish this, the researchers are developing remote repair methods, which will allow service providers to assist in the cleaning of infected devices without requiring that the phones be brought to a service center. The methods will also have to work without much effort on the part of the customer.

This repair may require disabling some functionality on the phone, such as the ability to use downloaded programs, until the malicious program is located and removed. While the repair is underway, phone calling and text messaging functionality would continue to operate.

"Using this remote repair strategy, the service provider no longer has to completely disable a phone. Instead they just put the device into a safe, but reduced, mode until the malware can be removed," said Giffin.

To assess their proposed methods of finding and repairing infected mobile devices, the researchers plan to build a cellular network test bed at Georgia Tech that will simulate how cellular devices communicate over a network.

"We hope that developing these attack recovery strategies will let potential mobile phone and network attackers know that these response mechanisms are in place, ultimately making their attacks far less widespread or successful," said Traynor.

This material is based upon work supported by the National Science Foundation (NSF) under Award No. CNS-0916047. Any opinions, findings, conclusions or recommendations expressed in this publication are those of the researcher and do not necessarily reflect the views of the NSF.

Georgia Institute of Technology

Related Mobile Devices Articles from Brightsurf:

How mobile apps grab our attention
Aalto University researchers alongside international collaborators have done the first empirical study on how users pay visual attention to mobile app designs.

No association found between exposure to mobile devices and brain volume alterations in adolescents
New study of 2,500 Dutch children is the first to explore the relationship between brain volume and different doses of radiofrequency electromagnetic fields

Mobile devices blur work and personal privacy raising cyber risks, says QUT researcher
Organisations aren't moving quickly enough on cyber security threats linked to the drive toward using personal mobile devices in the workplace, warns a QUT privacy researcher.

Multi-mobile (M2) computing system makes android & iOS apps sharable on multiple devices
Computer scientists at Columbia Engineering have developed a new computing system that enables current, unmodified mobile apps to combine and share multiple devices, including cameras, displays, speakers, microphones, sensors, and GPS, across multiple smartphones and tablets.

The use of mobile phone and the development of new pathologies
Professor Raquel Cantero of the University of Malaga (UMA) has identified a generational change in the use of this finger due to the influence of new technologies.

Mobile devices don't reduce shared family time, study finds
The first study of the impact of digital mobile devices on different aspects of family time in the UK has found that children are spending more time at home with their parents rather than less -- but not in shared activities such as watching TV and eating.

Mobile, instant diagnosis of viruses
In a first for plant virology, a team from CIRAD recently used nanopore technology to sequence the entire genomes of two yam RNA viruses.

Wearable devices and mobile health technology: one step towards better health
With increasing efforts being made to address the current global obesity epidemic, wearable devices and mobile health ('mHealth') technology have emerged as promising tools for promoting physical activity.

Mobile health devices diagnose hidden heart condition in at-risk populations
New research shows wearable mobile health devices improved the rate of diagnosis of a dangerous heart condition called atrial fibrillation.

Ultrasound-firewall for mobile phones
Mobile phones and tablets through so-called audio tracking, can be used by means of ultrasound to unnoticeably track the behaviour of their users: for example, viewing certain videos or staying in specific rooms and places.

Read More: Mobile Devices News and Mobile Devices Current Events is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to