MRI/Acq.: Equipment to Establish a Mobile Testing Infrastructure- Bring Your Own Device for Research and Education Project Proposed: This project, studying fundamental issues in Bringing Your Own Device (BYOD) security, aims to identify better approaches to protect enterprise and campus networks. The following objectives are pursued: - Creating tools to facilitate mobile penetration testing, and - Developing a mobile early warning Intrusion Detection System (IDS) for malware utilizing network performance metrics (mobile penetration test and early warning IDS, - Developing secret sharing schemes to protect and share custody of sensitive data on BYODs (algorithms), and - Establishing secure zones using secret sharing schemes on BYODs (BYODLib). These research objectives are expected to lead to corresponding opportunities for education in cyber operations and cyber security. Moreover, two educational objectives are also sought: To - Extend laboratory assignments/class projects to support mobile security devices (extend lab assignments) and - Increase research productivity and enhance education on mobile security for undergraduate students selecting the mobile minor (strengthen research and education on mobile devices). This project extends penetration to mobile devices. The emerging mobile-penetration testing area enables identification of unknown vulnerabilities in a mobile device. Notwithstanding the challenge, protecting sensitive data on BYOD is essential to protect enterprise and campus networks. A novel scheme based on secret data could be used to protect sensitive data as well as offline data, as it is likely to allow network administrators to disabled users? access even if the data is on BYOD. The BYOD library based on a secret sharing scheme should enable mobile applications to establish secure zones on mobile devices and protect sensitive data. Broader Impacts: The instrumentation will be made available to faculty and students from other institutions in the state. The project meets the priority of South Dakota?s Relevant and Technology Plan focusing on information technology, cyber security, and information assurance. The infrastructure should increase the research productivity on mobile devices and enhance education on mobile security for both undergraduate and graduate students. The institution is one of only four schools in the nation with NSA recognition in Information Assurance Education (CAE-IASE), Research (CAE-R), and Cyber Operations (CAE-CO). The instrumentation should contribute to conduct research in BYOD security and provide new opportunities for education on cyber security and operations in an EPSCoR state.
