Modern mobile platforms, such as the Google Android and Apple iPhone, are reinventing the mobile landscape by opening up third-party development and by providing sophisticated productivity, communication, and application suites. In addition, mobile devices are increasingly used to store sensitive personal information such as financial and medical data. Mobile environments face a wide range of unique security challenges. First, emerging mobile platforms have vastly different security and trust models. Second, techniques that worked for securing desktops do not transition well to mobile environments because mobile devices are highly resource constrained. Finally, mobile devices have inherently different usability patterns than traditional desktops that impact security.
This project explores a new model for mobile security based on moving the complexity of malware detection to an in-cloud security service rather than performing analysis locally on each mobile device. We will investigate in-cloud security services for mobile devices based on an architecture that consists of a lightweight agent that runs on mobile devices interposing on access of applications and data, and a network service that identifies malicious applications using parallel signature, behavioral, and reputation-based detection engines. Our approach is structured around three objectives: (1) functionality across a wide variety of mobile platforms and security models, (2) minimal on-device CPU, memory, and power resources, and (3) security that adapts to mobile usability patterns. We will work with our industry partners to facilitate the deployment of the techniques and methods developed through this effort on live operational networks.
