Modern mobile devices, such as smartphones, tablets, and wearables, are targets of an increasing number of security attacks. Moreover, according to Google, an increasing number of attacks on (Android-based) mobile devices are targeting the operating system kernel. For example, 44% of attacks in 2016 targeted the kernel versus 9% and 4% respectively in 2015 and 2014. Unfortunately, contemporary mobile operating systems are large, complex, and full of vulnerabilities; hence they fall victims to these attacks more often than not. This project attempts at improving the state of the art in security of mobile devices through a complementary and comprehensive set of approaches that can alleviate the problem of operating system vulnerability to attacks. This project enhances the security of mobile devices. As mobile devices play an increasingly important role in today's world, this project will have a high impact on global societies and economies. The project will also train students in systems software programming through outreach and tutorial activities.
The project targets three approaches to enhancing the security of mobile devices: (i) a security monitor to provide important security and privacy guarantees despite a compromised operating system, (ii) novel and mobile-specific tools to find (and then fix) mobile operating system vulnerabilities, and (iii) a vetting layer to efficiently safeguard the operating system interface against malicious applications. This project will be conducted in three research thrusts, each of which will address the challenges of one of the aforementioned approaches. The first research thrust builds a trustworthy and extensible security monitor for mobile devices. The key idea in this thrust is the use of security domains, which are isolated domains each hosting a different security service providing a unique security or privacy guarantee. The second research thrust investigates techniques to find vulnerabilities in the mobile operating system. In particular, it investigates solutions to apply existing dynamic analysis techniques to mobile operating system codebase in order to find and patch its vulnerabilities. Most such techniques are only applicable to software running within a virtual machine (VM). Hence, the key idea in this research thrust is to either automatically port mobile operating system code to run within a virtual machine or run these techniques on the device itself. The third research thrust investigates methods to safeguard the operating system interface against malicious applications. It does so by incorporating an extensive set of security checks on system calls and other operating system application programming interface calls to limit the application's attack vector. This thrust consists of two tasks including an in-process shield space capable of securely and efficiently executing the vetting layer's security checks as well as solutions to automatically generate such security checks.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.