Visible to the public Operating Systems Security (2014 Year in Review), Part 1

SoS Newsletter- Advanced Book Block


SoS Logo

Operating Systems Security
(2014 Year in Review)
 Part 1

In a previous Newsletter, the editors offered a series of citations from late 2013 about operating systems.  In this set, we offer an update of publications and presentations from 2014, focused specifically upon security issues.  The general topic has produced prolific work.  We will present these in multiple parts.

Sihan Qing, "Some Issues Regarding Operating System Security," Computer and Information Science (ICIS), 2014 IEEE/ACIS 13th International Conference on, pp. 1,1, 4-6 June 2014. doi: 10.1109/ICIS.2014.6912096 Summary form only given. In this presentation, several issues regarding operating system security will be investigated. The general problems of OS security are to be addressed. We also discuss why we should consider the security aspects of the OS, and when a secure OS is needed. We delve into the topic of secure OS design as well focusing on covert channel analysis. The specific operating systems under consideration include Windows and Android.
Keywords: Android (operating system);security of data; software engineering; Android; Windows; covert channel analysis; operating system security; secure OS design; Abstracts; Focusing; Information security; Laboratories; Operating systems; Standards development (ID#: 15-4306)


Kaczmarek, J.; Wrobel, M.R., "Operating System Security By Integrity Checking And Recovery Using Write-Protected Storage," Information Security, IET, vol.8, no.2, pp.122, 131, March 2014. doi: 10.1049/iet-ifs.2012.0346 An integrity checking and recovery (ICAR) system is presented here, which protects file system integrity and automatically restores modified files. The system enables files cryptographic hashes generation and verification, as well as configuration of security constraints. All of the crucial data, including ICAR system binaries, file backups and hashes database are stored in a physically write-protected storage to eliminate the threat of unauthorised modification. A buffering mechanism was designed and implemented in the system to increase operation performance. Additionally, the system supplies user tools for cryptographic hash generation and security database management. The system is implemented as a kernel extension, compliant with the Linux security model. Experimental evaluation of the system was performed and showed an approximate 10% performance degradation in secured file access compared to regular access.
Keywords: Linux; database management systems; security of data; ICAR system binaries; Linux security model; buffering mechanism; cryptographic hashes generation; file backups; file system integrity; hashes database; integrity checking and recovery system; security constraints; security database management; system security; unauthorised modification; write-protected storage (ID#: 15-4307)


Almohri, H.M.J.; Danfeng Yao; Kafura, D., "Process Authentication for High System Assurance," Dependable and Secure Computing, IEEE Transactions on , vol.11, no.2, pp.168,180, March-April 2014. doi: 10.1109/TDSC.2013.29
Abstract: This paper points out the need in modern operating system kernels for a process authentication mechanism, where a process of a user-level application proves its identity to the kernel. Process authentication is different from process identification. Identification is a way to describe a principal; PIDs or process names are identifiers for processes in an OS environment. However, the information such as process names or executable paths that is conventionally used by OS to identify a process is not reliable. As a result, malware may impersonate other processes, thus violating system assurance. We propose a lightweight secure application authentication framework in which user-level applications are required to present proofs at runtime to be authenticated to the kernel. To demonstrate the application of process authentication, we develop a system call monitoring framework for preventing unauthorized use or access of system resources. It verifies the identity of processes before completing the requested system calls. We implement and evaluate a prototype of our monitoring architecture in Linux. The results from our extensive performance evaluation show that our prototype incurs reasonably low overhead, indicating the feasibility of our approach for cryptographically authenticating applications and their processes in the operating system.
Keywords: Linux; authorisation; cryptography; operating system kernels; software architecture; software performance evaluation; system monitoring; Linux; cryptographic authenticating applications; high system assurance; modern operating system kernels; monitoring architecture; performance evaluation; process authentication mechanism; process identification; requested system calls; secure application authentication framework; system call monitoring framework; unauthorized system resource access prevention; unauthorized system resource use prevention; user-level application; Authentication; Kernel; Malware; Monitoring; Runtime; Operating system security; process authentication; secret application credential; system call monitoring (ID#: 15-4308)


Prakash, A.; Venkataramani, E.; Yin, H.; Lin, Z., "On the Trustworthiness of Memory Analysis —An Empirical Study from the Perspective of Binary Execution," Dependable and Secure Computing, IEEE Transactions on, vol. PP, no. 99, pp.1,1, 31 October 2014. doi: 10.1109/TDSC.2014.2366464 Memory analysis serves as a foundation for many security applications such as memory forensics, virtual machine introspection and malware investigation. However, malware, or more specifically a kernel rootkit, can often tamper with kernel memory data, putting the trustworthiness of memory analysis under question. With the rapid deployment of cloud computing and increase of cyber attacks, there is a pressing need to systematically study and understand the problem of memory analysis. In particular, without ground truth, the quality of the memory analysis tools widely used for analyzing closed-source operating systems (like Windows) has not been thoroughly studied. Moreover, while it is widely accepted that value manipulation attacks pose a threat to memory analysis, its severity has not been explored and well understood. To answer these questions, we have devised a number of novel analysis techniques including (1) binary level ground-truth collection, and (2) value equivalence set directed field mutation. Our experimental results demonstrate not only that the existing tools are inaccurate even under a non-malicious context, but also that value manipulation attacks are practical and severe. Finally, we show that exploiting information redundancy can be a viable direction to mitigate value manipulation attacks, but checking information equivalence alone is not an ultimate solution.
Keywords: Context; Data structures; Kernel; Robustness; Security; Semantics; Virtual machining; DKOM; Invasive Software; Kernel Rootkit; Memory Forensics; Operating Systems Security; Virtual Machine Introspection (ID#: 15-4309)


Eletriby, M.R.; Sobh, M.; Bahaa Eldin, A.M.; Fahmy, H.M.A., "High Performance Java Card Operating System," Software Security and Reliability (SERE), 2014 Eighth International Conference on, pp. 30, 39, June 30 2014-July 2 2014. doi: 10.1109/SERE.2014.16 Due to the fast evolving of trusted computing environments and internet-of-things an eager need has been established for open platforms which support interchangeable technologies to co-exist without threatening system's security. Certainly, future embedded applications will need high performance operating systems to support the intensive-computing algorithms required for satisfying acceptable response and secure the application inside the vulnerable open environment, hence, new inevitable requirements for embedded operating systems have arisen including hard real-time response, support for native applications, system openness and system scalability. This paper introduces a new design for secure and open smart card operating system, called ESCOS (Egypt Smart Card Operating System), based on the prevalent Java Card technology. The new design provides competitive characteristics in the main three factors of judging smart card platforms, namely, system security, supported technology and system response. In addition, ESCOS is designed to have high degree of modularity and re-configurability to meet fast-changing business needs and diverse hardware platforms.
Keywords: Internet of Things; Java; embedded systems; operating systems (computers);smart cards; trusted computing; ESCOS; Egypt smart card operating system; Internet-of-Things; Java card technology; embedded operating systems; high performance Java card operating system; intensive-computing algorithms; interchangeable technologies; open platforms; open smart card operating system; secure smart card operating system; trusted computing environments; Computer architecture; Cryptography; Hardware; Java; Operating systems; Smart cards; Java Card; computer security; cryptography systems; embedded software design; multi-application smart cards; operating systems (ID#: 15-4310)


Xing, Luyi; Pan, Xiaorui; Wang, Rui; Yuan, Kan; Wang, XiaoFeng, "Upgrading Your Android, Elevating My Malware: Privilege Escalation through Mobile OS Updating," Security and Privacy (SP), 2014 IEEE Symposium on, pp.393,408, 18-21 May 2014. doi: 10.1109/SP.2014.32 Android is a fast evolving system, with new updates coming out one after another. These updates often completely overhaul a running system, replacing and adding tens of thousands of files across Android's complex architecture, in the presence of critical user data and applications (apps for short). To avoid accidental damages to such data and existing apps, the upgrade process involves complicated program logic, whose security implications, however, are less known. In this paper, we report the first systematic study on the Android updating mechanism, focusing on its Package Management Service (PMS). Our research brought to light a new type of security-critical vulnerabilities, called Pileup flaws, through which a malicious app can strategically declare a set of privileges and attributes on a low-version operating system (OS) and wait until it is upgraded to escalate its privileges on the new system. Specifically, we found that by exploiting the Pileup vulnerabilities, the app can not only acquire a set of newly added system and signature permissions but also determine their settings (e.g., protection levels), and it can further substitute for new system apps, contaminate their data (e.g., cache, cookies of Android default browser) to steal sensitive user information or change security configurations, and prevent installation of critical system services. We systematically analyzed the source code of PMS using a program verification tool and confirmed the presence of those security flaws on all Android official versions and over 3000 customized versions. Our research also identified hundreds of exploit opportunities the adversary can leverage over thousands of devices across different device manufacturers, carriers and countries. To mitigate this threat without endangering user data and apps during an upgrade, we also developed a new detection service, called SecUP, which deploys a scanner on the user's device to capture the malicious apps designed to exploit Pileu- vulnerabilities, based upon the vulnerability-related information automatically collected from newly released Android OS images.
Keywords: Androids; Google; Humanoid robots; Mobile communication; Registers; Security; Smart phones; Android; OS update; Package Manager Service; Privilege Escalation (ID#: 15-4311)


Dejun Mu; Wei Hu; Baolei Mao; Bo Ma, "A Bottom-Up Approach To Verifiable Embedded System Information Flow Security," Information Security, IET, vol. 8, no. 1, pp. 12, 17, Jan. 2014. doi: 10.1049/iet-ifs.2012.0342 With the wide deployment of embedded systems and constant increase in their inter-connections, embedded systems tend to be confronted with attacks through security holes that are hard to predict using typical security measures such as access control or data encryption. To eliminate these security holes, embedded security should be accounted for during the design phase from all abstraction levels with effective measures taken to prevent unintended interference between different system components caused by harmful flows of information. This study proposes a bottom-up approach to designing verifiably information flow secure embedded systems. The proposed method enables tight information flow controls by monitoring all flows of information from the level of Boolean gates. It lays a solid foundation to information flow security in the underlying hardware and exposes the ability to prove security properties to all abstraction levels in the entire system stack. With substantial amounts of modifications made to the instruction set architecture, operating system, programming language and input/output architecture, the target system can be designed to be verifiably information flow secure.
Keywords: embedded systems; formal verification; instruction sets; operating systems (computers); security of data; access control; bottom up approach; data encryption; information flow controls; input-output architecture; instruction set architecture; operating system; programming language; security holes; verifiable embedded system information flow security (ID#: 15-4312)


Al-Qershi, F.; Al-Qurishi, M.; Md Mizanur Rahman, S.; Al-Amri, A., "Android vs. iOS: The Security Battle," Computer Applications and Information Systems (WCCAIS), 2014 World Congress on, pp.1,8, 17-19 Jan. 2014. doi: 10.1109/WCCAIS.2014.6916629 Smartphones are one of the most demanding popular technologies in this current era of technology. They are comfortable for personnel use, and their adaptable functionalities give them a reputation in current competitive technology world. One of the important functionalities of these devices is to store - personal data of the users. The personal data of an user contains privacy and sensitive information which is very important. That is why now-a-days, the smartphones become primary target of a hacker. Therefore, the security technology of the smartphones becomes one of the prime research concerns within the smartphone research community. In the world of smartphones' operating systems, iOS and Android are considered the leaders. This paper focuses on those two operating systems in terms of their adopted security technologies. A review on security technologies of iOS and Android literature is presented in this research article. Furthermore, the policies and security mechanisms of the existing security models for these (iOS and Android) operating systems (OS) are discussed. Threats and malwares which target the iOS or Android are reviewed generally and specially. Two taxonomies for attacks are selected from literature and discussed for both the operating systems. Finally, the paper makes a comparison between iOS and Android based on different security criteria. The reviews result try to answer the difficult question “which OS is more secure between iOS and Android?”.
Keywords: Android (operating system); data privacy; iOS (operating system);security of data; smart phones; Android; data privacy; iOS; personal data; sensitive information; smartphones; Androids; Computer hacking; Grippers; Hardware; Humanoid robots; Malware; World Wide Web; Android; Security; Threats; iOS (ID#: 15-4313)


Lee, Byoungyoung; Lu, Long; Wang, Tielei; Kim, Taesoo; Lee, Wenke, "From Zygote to Morula: Fortifying Weakened ASLR on Android," Security and Privacy (SP), 2014 IEEE Symposium on, pp.424,439, 18-21 May 2014. doi: 10.1109/SP.2014.34 There have been many research efforts to secure Android applications and the high-level system mechanisms. The low-level operating system designs have been overlooked partially due to the belief that security issues at this level are similar to those on Linux, which are well-studied. However, we identify that certain Android modifications are at odds with security and result in serious vulnerabilities that need to be addressed immediately. In this paper, we analyze the Zygote process creation model, an Android operating system design for speeding up application launches. Zygote weakens Address Space Layout Randomization (ASLR) because all application processes are created with largely identical memory layouts. We design both remote and local attacks capable of bypassing the weakened ASLR and executing return-oriented programming on Android. We demonstrate the attacks using real applications, such as the Chrome Browser and VLC Media Player. Further, we design and implement Morula, a secure replacement for Zygote. Morula introduces a small amount of code to the Android operating system and can be easily adopted by device vendors. Our evaluation shows that, compared to Zygote, Morula incurs a 13 MB memory increase for each running application but allows each Android process to have an individually randomized memory layout and even a slightly shorter average launch time.
Keywords: Androids; Browsers; Humanoid robots; Layout; Libraries; Media; Security; ASLR; Android; Security (ID#: 15-4314)


Agosta, G.; Barenghi, A.; Maggi, M.; Pelosi, G., "Design Space Extension For Secure Implementation Of Block Ciphers," Computers & Digital Techniques, IET, vol. 8, no.6, pp.256, 263, 11 2014. doi: 10.1049/iet-cdt.2014.0037 Security has been identified as a critical dimension in the design of embedded systems for almost a decade. A well-recognised critical threat against the security of embedded systems is represented by `side-channel attacks (SCAs)', which mandate the application of specially tailored countermeasures. These countermeasures are significantly demanding in terms of computation effort, and have traditionally been applied by hand. The recent introduction of a methodology to gauge the security margins provided by software cipher implementations, allows the integration of the automated application of countermeasures into platform-based system-level design methodologies. The authors introduce in the design space of block cipher implementations a new metric concerning the resistance against SCAs, provide a systematic method for the selection of the most appropriate cipher given the security and performance trade-offs, and point out the performance requirements for the random number generator. Moreover, they discuss the implications of the design space extension on system runtime adaptivity. The experimental evaluation demonstrates that a single cipher does not cover optimally a range of convenient operating points and that ciphers like a Serpent, which are considered slow in non-protected implementations, can outperform primitives like the Advanced Encryption Standard when implementations with equal security guarantees against SCAs are considered.
Keywords: cryptography; embedded systems; SCAs; Serpent; advanced encryption standard; block ciphers; countermeasure automated application; design space extension; embedded systems; performance trade-offs; platform-based system-level design methodology; random number generator; security margins; side-channel attacks; software cipher; system runtime adaptivity; systematic method (ID#: 15-4315)


Min Zheng; Mingshen Sun; Lui, J.C.S., "DroidTrace: A Ptrace Based Android Dynamic Analysis System With Forward Execution Capability," Wireless Communications and Mobile Computing Conference (IWCMC), 2014 International, pp.128,133, 4-8 Aug. 2014. doi: 10.1109/IWCMC.2014.6906344 Android, being an open source smartphone operating system, enjoys a large community of developers who create new mobile services and applications. However, it also attracts malware writers to exploit Android devices in order to distribute malicious apps in the wild. In fact, Android malware are becoming more sophisticated and they use advanced “dynamic loading” techniques like Java reflection or native code execution to bypass security detection. To detect dynamic loading, one has to use dynamic analysis. Currently, there are only a handful of Android dynamic analysis tools available, and they all have shortcomings in detecting dynamic loading. The aim of this paper is to design and implement a dynamic analysis system which allows analysts to perform systematic analysis of dynamic payloads with malicious behaviors. We propose “DroidTrace”, a ptrace based dynamic analysis system with forward execution capability. Our system uses ptrace to monitor selected system calls of the target process which is running the dynamic payloads, and classifies the payloads behaviors through the system call sequence, e.g., behaviors such as file access, network connection, inter-process communication and even privilege escalation. Also, DroidTrace performs “physical modification” to trigger different dynamic loading behaviors within an app. Using DroidTrace, we carry out a large scale analysis on 36,170 dynamic payloads in 50,000 apps and 294 malware in 10 families (four of them are zero-day) with various dynamic loading behaviors.
Keywords: Android (operating system); Java; invasive software; mobile computing; program diagnostics; public domain software; Android malware; DroidTrace; Java reflection; dynamic loading detection; dynamic payload analysis; file access; forward execution capability; interprocess communication; malicious apps; malicious behaviors; mobile applications; mobile services; native code execution; network connection; open source smartphone operating system; physical modification; privilege escalation; ptrace based Android dynamic analysis system; security detection; system call monitoring; Androids; Humanoid robots; Java; Loading; Malware; Monitoring; Payloads (ID#: 15-4316)


Derhab, A.; Saleem, K.; Youssef, A., "Third Line Of Defense Strategy To Fight Against SMS-Based Malware In Android Smartphones," Wireless Communications and Mobile Computing Conference (IWCMC), 2014 International, pp. 542, 547, 4-8 Aug. 2014. doi: 10.1109/IWCMC.2014.6906414 In this paper, we inspire from two analogies: the warfare kill zone and the airport check-in system, to design and deploy a new line in the defense-in-depth strategy, called the third line. This line is represented by a security framework, named the Intrusion Ambushing System and is designed to tackle the issue of SMS-based malware in the Android-based Smartphones. The framework exploits the security features offered by Android operating system to prevent the malicious SMS from going out of the phone and detect the corresponding SMS-based malware. We show that the proposed framework can ensure full security against SMS-based malware. In addition, an analytical study demonstrates that the framework offers optimal performance in terms of detection time and execution cost in comparison to intrusion detection systems based on static and dynamic analysis.
Keywords: Android (operating system); electronic messaging; invasive software; smart phones; Android-based smart phones; SMS-based malware; airport check-in system; analytical analysis; defense-in-depth strategy; detection time; execution cost; intrusion ambushing system; malicious SMS prevention; operating system; optimal performance; security features; security framework; third line-of-defense strategy; warfare kill zone; Airports; Cryptography; Intrusion detection; Malware; Operating systems; Smart phones; Malware; SMS; intrusion ambushing; intrusion detection; third line of defense (ID#: 15-4317)


Allalouf, M.; Ben-Av, R.; Gerdov, A., "StoreDroid: Sensor-Based Data Protection Framework for Android," Wireless Communications and Mobile Computing Conference (IWCMC), 2014 International, pp.511, 517, 4-8 Aug. 2014. doi: 10.1109/IWCMC.2014.6906409 Android has become the most prevalent smartphone operating system. Despite its popularity, Android has a lot of flaws in security. In this research study we target a wide range of smartphone applications that share secret and local data with the service provider so that this data will not be leaked or accessed by other entities. The StoreDroid framework, described in this paper, addresses possible data violations that can occur in the current Android system by adding protection mechanisms in several layers as follows: (1) at the Linux level we use the security-enhanced Linux and security-enhanced Android plugins that prevent today's privileged escalation data access; (2) StoreDroidApp is a generic sensor-based access control mechanism where the sensors (such as biometric sensors and GPS) and the rules to access the data are defined by the service provider for better protection - we took advantage of the fact that Android systems are usually integrated with various hardware sensors in order to protect the user as well as the service provider; and (3) a secured message passing protocol to ensure that sensitive data will not be compromised by unwanted applications. The StoreDroid framework makes the following contributions: (1) the generic StoreDroidApp stub that is installed when the ROM is built narrows possible illegal data access for assigned application by the set of semantic and limiting sensor-based access rules, and (2) on top of the regular Linux used in Android, the customized security-enhanced Linux ensures that the sensor-based application will keep the data isolated and secured.
Keywords: Android (operating system);authorisation; cryptographic protocols; message passing; read-only storage; sensors; smart phones; Android system; GPS; ROM; StoreDroid framework; StoreDroidApp; biometric sensors; generic StoreDroid App stub; generic sensor-based access control mechanism; hardware sensors; illegal data access; secured message passing protocol; security-enhanced Android plug-ins; security-enhanced Linux; sensor-based data protection framework; service provider; smartphone operating system; Access control; Androids; Humanoid robots; Linux; Sensors; Smart phones; Android; Data Security; Mobile Computing; Security-Enhanced Linux (ID#: 15-4318)


Longfei Wu; Xiaojiang Du; Xinwen Fu, "Security Threats To Mobile Multimedia Applications: Camera-Based Attacks On Mobile Phones," Communications Magazine, IEEE, vol.52, no. 3, pp.80, 87, March 2014. doi: 10.1109/MCOM.2014.6766089 Today's mobile smartphones are very powerful, and many smartphone applications use wireless multimedia communications. Mobile phone security has become an important aspect of security issues in wireless multimedia communications. As the most popular mobile operating system, Android security has been extensively studied by researchers. However, few works have studied mobile phone multimedia security. In this article, we focus on security issues related to mobile phone cameras. Specifically, we discover several new attacks that are based on the use of phone cameras. We implement the attacks on real phones, and demonstrate the feasibility and effectiveness of the attacks. Furthermore, we propose a lightweight defense scheme that can effectively detect these attacks.
Keywords: Android (operating system);cameras; multimedia communication operating systems (computers); radiocommunication; smart phones; telecommunication security; Android security; camera-based attacks; mobile multimedia applications; mobile operating system; mobile phone cameras; mobile phone security; mobile phones; mobile smartphones; wireless multimedia communications; Cameras; Multimedia communication; Network security; Privacy; Real-time systems; Smart phones; Videos; Wireless communication (ID#: 15-4319)


Reitze, D.D., "Using Commercial Web Services To Build Automated Test Equipment Cloud Based Applications," AUTOTESTCON, 2014 IEEE, pp.246, 250, 15-18 Sept. 2014. doi: 10.1109/AUTEST.2014.6935153 The purpose of this paper is to present a framework from which Automated Test Equipment (ATE) manufacturers can use to help them develop, integrate, and deliver ATE cloud-based applications to the consumers of their products. In order to create these applications, the developer can utilize Commercial Web Services (CWS) as a means to help access compute power, storage devices, and other services that provide the flexibility to choose a development platform or programming model that makes the most sense in trying to resolve the problem at hand. CWS provides a flexible environment from which to choose various programming models, operating systems, databases, and architectures to serve the consumers needs. CWS is highly cost-effective in that the developers and consumers pay only for what they use. Using CWS makes it extremely easy to create scalable and elastic systems as the developers can quickly add and subtract resources to their applications in order to meet current or future consumer needs. Furthermore, security is always a concern so CWS builds services in accordance with security best practices by providing the appropriate security features in those services. Using a CWS provides a level of scale, security, reliability, and privacy that are often cost prohibitive for most organizations to meet. This paper will examine available CWS cloud service platforms that organizations can potentially use to help deploy applications and services in a cost effective manner. The CWS platform consists of the following six main services, which will be discussed in more detail in this paper - (1) Computational/Networking, (2) Storage/Content Delivery, (3) Databases, (4) Analytics, (5) Applications, and (6) Deployment and Management services. One or more of these services may be utilized to help develop, integrate, and deliver ATE cloud-based applications to the consumer. The goals of ATE are to (1) quickly and accurately detect and isolate each fault, (2) provide software tool- for analyzing historical data, (3) gather, manage, and distribute accurate and reliable maintenance information for the failed Unit Under Test (UUT). The CWS cloud platform will aid in the development of cloud based tools and applications that are cost effective, flexible, scalable, and secure that can be used by multiple end users to aid in the development of ATE system software tool sets. One example of a cloud-based application is a diagnostic reasoner that could be used to aid in diagnosing UUT repair actions. This paper will show how developers can use CWS to develop ATE cloud-based applications and tools that will help improve the overall ATE testing throughput, thus resulting in bottom line improvements to ATE life cycle costs.
Keywords: Web services; automatic test equipment; cloud computing; data privacy; life cycle costing; operating systems (computers);reliability; ATE; CWS; UUT; automated test equipment; cloud-based application; commercial Web service; computational-networking; elastic system; fault isolation; life cycle costing; operating system; privacy; programming model; reliability; security; storage device; storage-content delivery; unit under test; Cloud computing; Databases; Organizations; Security; ATE; cloud based applications; commercial web services; maintenance; testing (ID#: 15-4320)


Lopes, H.; Chatterjee, M., "Application H-Secure for Mobile Security," Circuits, Systems, Communication and Information Technology Applications (CSCITA), 2014 International Conference on, pp.370,374, 4-5 April 2014. doi: 10.1109/CSCITA.2014.6839289 Mobile security is as critical as the PIN number on our ATM card or the lock on our front door. More than our phone itself, the information inside needs safeguarding as well. Not necessarily for scams, but just peace of mind. Android seems to have attracted the most attention from malicious code writers due to its popularity. The flexibility to freely download apps and content has fueled the explosive growth of smart phones and mobile applications but it has also introduced a new risk factor. Malware can mimic popular applications and transfer contacts, photos and documents to unknown destination servers. There is no way to disable the application stores on mobile operating systems. Fortunately for end-users, our smart phones are fundamentally open devices however they can quite easily be hacked. Enterprises now provide business applications on these devices. As a result, confidential business information resides on employee-owned device. Once an employee quits, the mobile operating system wipe-out is not an optimal solution as it will delete both business and personal data. Here we propose H-Secure application for mobile security where one can store their confidential data and files in encrypted form. The encrypted file and encryption key are stored on a Web server so that unauthorized person cannot access the data. If user loses the mobile then he can login into Web and can delete the file and key to stop further decryption process.
Keywords: Android (operating system); authorisation; graphical user interfaces; invasive software; mobile computing; private key cryptography; smart phones; Android smart phones; H-Secure application; Web server; application stores; business applications; business data; confidential business information; confidential data storage; confidential file storage; data access; decryption process; destination servers; employee-owned device ;encrypted file; encryption key; free-download apps; free-download content; malicious code; malware; mobile operating system; mobile operating systems; mobile security applications; open devices; personal data; unauthorized person; Authentication; Encryption; Mobile communication; Mobile handsets; Servers; AES Encryption and Decryption; Graphical Password (ID#: 15-4321)


Yusoff, M.N.; Mahmod, R.; Dehghantanha, A.; Abdullah, M.T., "An Approach For Forensic Investigation in Firefox OS," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.22, 26, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913966 The advancement of smartphone technology has attracted many companies in developing mobile operating system. Mozilla Corporation recently released Linux-based open source operating system, named Firefox OS. The emergence of Firefox OS has created new challenges, concentrations and opportunities for digital investigators. In general, Firefox OS is designed to allow smartphones to communicate directly with HTML5 applications using JavaScript and newly introduced WebAPI. However, the used of JavaScript in HTML5 applications and solely no OS restriction might lead to security issues and potential exploits. Therefore, forensic analysis for Firefox OS is urgently needed in order to investigate any criminal intentions. This paper will present an approach and methodology in forensically sound manner for Firefox OS.
Keywords: Internet; Java; Linux; application program interfaces; digital forensics; hypermedia markup languages; mobile computing; public domain software; smart phones; Firefox OS; HTML5 applications; JavaScript; Linux-based open source operating system; Mozilla Corporation; OS restriction; WebAPI; criminal intentions; digital investigation; forensic analysis; forensic investigation; mobile operating system; potential exploits; security issues; smartphone technology; Forensics; Google; Mobile communication; Operating systems; Security; Smart phones; Firefox OS; Forensic Method; Mobile forensics; digital investigation (ID#: 15-4322)


Xinwen Zhang; Seifert, J.-P.; Aciicmez, O., "Design and Implementation of Efficient Integrity Protection for Open Mobile Platforms," Mobile Computing, IEEE Transactions on, vol. 13, no. 1, pp.188, 201, Jan. 2014. doi: 10.1109/TMC.2012.232 The security of mobile devices such as cellular phones and smartphones has gained extensive attention due to their increasing usage in people's daily life. The problem is challenging as the computing environments of these devices have become more open and general-purpose while at the same time they have the constraints of performance and user experience. We propose and implement SEIP, a simple and efficient but yet effective solution for the integrity protection of real-world cellular phone platforms, which is motivated by the disadvantages of applying traditional integrity models on these performance and user experience constrained devices. The major security objective of SEIP is to protect trusted services and resources (e.g., those belonging to cellular service providers and device manufacturers) from third-party code. We propose a set of simple integrity protection rules based upon open mobile operating system environments and application behaviors. Our design leverages the unique features of mobile devices, such as service convergence and limited permissions of user installed applications, and easily identifies the borderline between trusted and untrusted domains on mobile platforms. Our approach, thus, significantly simplifies policy specifications while still achieves a high assurance of platform integrity. SEIP is deployed within a commercially available Linux-based smartphone and demonstrates that it can effectively prevent certain malware. The security policy of our implementation is less than 20 kB, and a performance study shows that it is lightweight.
Keywords: cellular radio; smart phones; telecommunication security; Linux-based smartphone; cellular phone; efficient integrity protection; mobile device; open mobile operating system; simple integrity protection rule; trusted resource; trusted service; Bluetooth; Malware; Mobile communication; Mobile computing; Smart phones; Bluetooth; Integrity protection; Malware; Mobile communication; Mobile computing; Smart phones; open mobile platforms; smartphone security (ID#: 15-4323)


Bosman, Erik; Bos, Herbert, "Framing Signals - A Return to Portable Shellcode," Security and Privacy (SP), 2014 IEEE Symposium on, pp.243, 258, 18-21 May 2014. doi: 10.1109/SP.2014.23 Signal handling has been an integral part of UNIX systems since the earliest implementation in the 1970s. Nowadays, we find signals in all common flavors of UNIX systems, including BSD, Linux, Solaris, Android, and Mac OS. While each flavor handles signals in slightly different ways, the implementations are very similar. In this paper, we show that signal handling can be used as an attack method in exploits and backdoors. The problem has been a part of UNIX from the beginning, and now that advanced security measures like ASLR, DEP and stack cookies have made simple exploitation much harder, our technique is among the lowest hanging fruit available to an attacker. Specifically, we describe Sigreturn Oriented Programming (SROP), a novel technique for exploits and backdoors in UNIX-like systems. Like return-oriented programming (ROP), sigreturn oriented programming constructs what is known as a 'weird machine' that can be programmed by attackers to change the behavior of a process. To program the machine, attackers set up fake signal frames and initiate returns from signals that the kernel never really delivered. This is possible, because UNIX stores signal frames on the process' stack. Sigreturn oriented programming is interesting for attackers, OS developers and academics. For attackers, the technique is very versatile, with pre-conditions that are different from those of existing exploitation techniques like ROP. Moreover, unlike ROP, sigreturn oriented programming programs are portable. For OS developers, the technique presents a problem that has been present in one of the two main operating system families from its inception, while the fixes (which we also present) are non-trivial. From a more academic viewpoint, it is also interesting because we show that sigreturn oriented programming is Turing complete. We demonstrate the usefulness of the technique in three applications. First, we describe the exploitation of a vulnerable web server on different Linux distributions. Second, we build a very stealthy proof-of-concept backdoor. Third, we use SROP to bypass Apple's code signing and security vetting process by building an app that can execute arbitrary system calls. Finally, we discuss mitigation techniques.
Keywords: Context; Kernel; Linux; Program processors; Programming; Registers; Security; Operatings system security; backdoors; exploits (ID#: 15-4324)


Afzal, H.; Maheta, V.D., "Low cost smart phone controlled car security system," Industrial Technology (ICIT), 2014 IEEE International Conference on , vol., no., pp.670,675, Feb. 26 2014-March 1 2014. doi: 10.1109/ICIT.2014.6894911
Abstract: Vehicle security and keeping pace of advancement in car features with technology have been major concern in automobile industries. Many people have to face difficulties in locking/unlocking and switching ON/OFF the car engine upon losing the car key. In addition to that in most of the higher range car, people have to wait for few minutes after turning on the car engine to allow the car engine to attain its normal operating temperature to get better performance of the car engine and improve its life. Moreover, if a car gets stolen and used for some illegal activities banned by the government then a car owner will face many legal hitches. So to tackle all these issues, an electronic system is designed and implemented in a real car that does not provide only car security feature but provides additional features such as unlocking and locking of the car, and switching ON and OFF the car engine remotely using smart phone. This paper basically discusses the technical aspects of such electronic system.
Keywords: access control; automobile industry; automotive electronics; microcontrollers; smart phones; automobile industry; car engine; car key; car security feature; electronic system; normal operating temperature; smart phone controlled car security system; vehicle security; Engines; GSM; Global Positioning System; Microcontrollers; Modems; Relays; Switches; GPS modem; GSM modem; Microcontroller; Relays; Transistors (ID#: 15-4325)


Thompson, M.; Evans, N.; Kisekka, V., "Multiple OS Rotational Environment An Implemented Moving Target Defense," Resilient Control Systems (ISRCS), 2014 7th International Symposium on, pp.1,6, 19-21 Aug. 2014. doi: 10.1109/ISRCS.2014.6900086 Cyber-attacks continue to pose a major threat to existing critical infrastructure. Although suggestions for defensive strategies abound, Moving Target Defense (MTD) has only recently gained attention as a possible solution for mitigating cyber-attacks. The current work proposes a MTD technique that provides enhanced security through a rotation of multiple operating systems. The MTD solution developed in this research utilizes existing technology to provide a feasible dynamic defense solution that can be deployed easily in a real networking environment. In addition, the system we developed was tested extensively for effectiveness using CORE Impact Pro (CORE), Nmap, and manual penetration tests. The test results showed that platform diversity and rotation offer improved security. In addition, the likelihood of a successful attack decreased proportionally with time between rotations.
Keywords: operating systems (computers);security of data; CORE; CORE Impact Pro; MTD technique; Nmap; cyber-attacks mitigation; defensive strategies; manual penetration test; moving target defense; multiple OS rotational environment; operating systems; Availability; Fingerprint recognition; IP networks; Operating systems; Security; Servers; Testing; insert (ID#: 15-4326)


Gu, Y.; Fu, Y.; Prakash, A.; Lin, Z.; Yin, H., "Multi-Aspect, Robust, and Memory Exclusive Guest OS Fingerprinting," Cloud Computing, IEEE Transactions on, vol. PP, no.99, pp.1, 1, 11 July 2014. doi: 10.1109/TCC.2014.2338305 Precise fingerprinting of an operating system (OS) is critical to many security and forensics applications in the cloud, such as virtual machine (VM) introspection, penetration testing, guest OS administration, kernel dump analysis, and memory forensics. The existing OS fingerprinting techniques primarily inspect network packets or CPU states, and they all fall short in precision and usability. As the physical memory of a VM always exists in all these applications, in this article, we present OSSOMMELIER +, a multi-aspect, memory exclusive approach for precise and robust guest OS fingerprinting in the cloud. It works as follows: given a physical memory dump of a guest OS, OS-SOMMELIER+ first uses a code hash based approach from kernel code aspect to determine the guest OS version. If code hash approach fails, OS-SOMMELIER+ then uses a kernel data signature based approach from kernel data aspect to determine the version. We have implemented a prototype system, and tested it with a number of Linux kernels. Our evaluation results show that the code hash approach is faster but can only fingerprint the known kernels, and data signature approach complements the code signature approach and can fingerprint even unknown kernels.
Keywords:  Linux;cloud computing;digital forensics;digital signatures;Linux kernels;OS-SOMMELIER;code hash based approach;code signature approach;kernel code aspect;kernel data signature;memory exclusive guest OS fingerprinting;multiaspect memory exclusive approach;operating system precise fingerprinting;physical memory dump;Cloud computing;Computer security;Data structures;Fingerprint recognition;Forensics;Linux;Virtual machining;Operating system fingerprinting;memory forensics;virtual machine introspection (ID#: 15-4327)


Jing, Y.; Ahn, G.; Zhao, Z.; Hu, H., "Towards Automated Risk Assessment and Mitigation of Mobile Application," Dependable and Secure Computing, IEEE Transactions on, vol. PP, no.99, pp.1,1, 31 October 2014. doi: 10.1109/TDSC.2014.2366457 Mobile operating systems, such as Apple’s iOS and Google’s Android, have supported a ballooning market of feature rich mobile applications. However, helping users understand and mitigate security risks of mobile applications is still an ongoing challenge. While recent work has developed various techniques to reveal suspicious behaviors of mobile applications, there exists little work to answer the following question: are those behaviors necessarily inappropriate? In this paper, we seek an approach to cope with such a challenge and present a continuous and automated risk assessment framework called RISKMON that uses machine-learned ranking to assess risks incurred by users’ mobile applications, especially Android applications. RISKMON combines users’ coarse expectations and runtime behaviors of trusted applications to generate a risk assessment baseline that captures appropriate behaviors of applications. With the baseline, RISKMON assigns a risk score on every access attempt on sensitive information and ranks applications by their cumulative risk scores. Furthermore, we demonstrate how RISKMON supports risk mitigation with automated permission revocation. We also discuss a proof-of-concept implementation of RISKMON as an extension of the Android mobile platform and provide both system evaluation and usability study of our methodology.
Keywords: Androids; Feature extraction; Humanoid robots; Mobile communication; Risk management; Runtime; Security; Android; Risk Assessment; Risk Mitigation; Smartphones (ID#: 15-4328)


Patil, M.; Sahu, V.; Jain, A., "SMS text Compression and Encryption on Android O.S," Computer Communication and Informatics (ICCCI), 2014 International Conference on, vol., no., pp. 1, 6, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921767 Today in the world of globalization mobile communication is one of the fastest growing medium though which one sender can interact with other in short time. During the transmission of data from sender to receiver, size of data is important, since more data takes more time. But one of the limitations of sending data through mobile devices is limited use of bandwidth and number of packets transmitted. Also the security of these data is important. Hence various protocols are implemented which not only provides security to the data but also utilizes bandwidth. Here we proposed an efficient technique of sending SMS text using combination of compression and encryption. The data to be send is first encrypted using Elliptic curve Cryptographic technique, but encryption increases the size of the text data, hence compression is applied to this encrypted data so the data gets compressed and is send in short time. The Compression technique implemented here is an efficient one since it includes an algorithm which compresses the text by 99.9%, hence a great amount of bandwidth gets saved. The hybrid technique of Compression-Encryption of SMS text message is implemented for Android Operating Systems.
Keywords: Android (operating system); cryptographic protocols; data communication; data compression; electronic messaging; public key cryptography; smart phones; Android OS;SMS text encryption-compression technique; data security; data transmission; elliptic curve cryptographic technique; mobile communication; mobile devices; security protocols; Algorithm design and analysis; Bandwidth; Computers; Encryption; Mobile communication; Mobile handsets; ECDSA; Look ahead buffer; PDA; SMS; lossless compression (ID#: 15-4329)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.