Home Computer Science
Table of Contents:
Malware Threats and Solutions for Trustworthy Mobile Systems Design
Jelena Milosevic, Francesco Regazzoni and Miroslaw Malek
Rapid adoption of mobile devices and their increased usage to perform financial transactions and to send or store sensitive information, attracted the attention of criminals and all sorts of trouble makers and increased their interest in tampering with these devices to gain profit, to collect private and sensitive data, or simply to cause malfunctioning. To guarantee the security of a mobile device, it is necessary to provide it with robust and trusted hardware. Trusted hardware means that the used components should not contain hardware Trojans, which are malicious modifications of the underlining hardware in order to access maliciously the target device. Robust hardware means being resistant against physical attacks.
Being mobile and widely present, mobile devices can get into physical possession of the attacker, which makes them prone, as the large majority of other embedded systems, to threats caused by physical attacks. Physical attacks are attacks which aim at gaining access to sensitive information by exploiting the physical leakage of the implementation of security primitives. The most notable example of these attacks is by using power analysis , where the secret key is extracted by analysing the dependency of the power consumed by the device and the secret data being processed. However, using power analysis is not the only physical attack which exists. There are also other methods that may exploit timing and that were successfully used in the past: timing difference , electromagnetic emissions , and deliberate fault injection .
However, state-of-the-art mobile devices are not composed of solely hardware (including several cores and dedicated accelerators like GPUs) but also a plethora of software. For this reason, to guarantee the overall robustness of the device, it is not sufficient to protect only the hardware but also software routines have to be trusted,
J. Milosevic (B) • F. Regazzoni • M. Malek
Advanced Learning and Research Institute, Universita Della Svizzera Italiana,
© Springer International Publishing Switzerland 2017 149
N. Sklavos et al. (eds.), Hardware Security and Trust,
since the number of security breach caused by software is significantly growing. This is indeed visible in the reported number of malicious software or shortly malware, which is increasing very fast. According to , the total number of mobile malware samples grew 17 % in the second quarter of 2015. A different source , states that currently about three over four applications in China are malware.
Malware is software deliberately created to harm the device where it will be executed. Some of the effects which malware can have are stealing of sensitive information, the possibility of taking control of the overall operation of the system, and the damaging till the complete disruption of the device.
The number of encountered attacks on mobile devices is growing, so as the number of malware samples and malware families. With increased number of mobile families, also the behaviour of malware is changing, progressing and becoming more difficult to detect. Under these increasingly difficult circumstances, the detection algorithms have to cope with the variety of malicious behaviour, and be able to provide an effective detection, without generating an amount of false positives that would disturb users. The way to cope with it, and provide an effective solution, is mostly, by increasing effectiveness of algorithms that in turn may require higher complexity and taking into account more parameters about the system. However, mobile malware detection systems have to be run in resource-constrained and battery-operated environments that neither have the computational power to run extremely complex algorithms nor can support algorithms that drain the battery too quickly. Finding an effective detection algorithm, that is at the same time suitable for battery-operated mobile devices, is a challenging task.
In view of the increasing relevance that this problem has in mobile devices, and considering the effect of malware in the whole trustworthiness of a system, this chapter surveys existing mobile malware detection threats and proposed solutions and sketches main research trends. The main goal of the work is to evaluate current approaches with respect to the effectiveness of the solution, and its consumption of resources.