Published On: Wed, Jun 28th, 2017

Israeli Researchers Developed New Firewall to Protect Mobiles From Hardware Security Threat

Cybersecurity researchers at Ben-Gurion University of the Negev (BGU) have developed an innovative firewall program that adds a missing layer of security in the communication between Android cell phone components and the phone’s central processing unit (CPU).

Earlier this year, researchers in BGU’s Department of Software and Information Systems Engineering, led by Dr. Yossi Oren, discovered the security vulnerability and alerted Google to help them address the problem.

A paper on the findings will be presented at the prestigious Workshop on Offensive Technologies (WOOT) in Vancouver, BC, Canada in mid-August.

Nearly 400 million people have changed their touchscreens or other types of Field Replaceable Units (FRU), such as chargers, battery or sensor assemblies which are all susceptible to significant security breaches. These can include password and financial theft, fraud, malicious photo or video distribution, and unauthorized app downloads.

Since the attack is located outside the phone’s standard storage, it can survive phone factory resets, remote wipes, and firmware updates. Existing security solutions cannot prevent this specific security issue. FRUs communicate over simple interfaces with no authentication mechanisms or error detection capabilities. This problem is especially acute in the Android market where the manufacturing chain is fragmented and difficult to control.

“There is no way for the phone itself to discover that it’s under this type of an attack,” says team research fellow Omer Schwartz. “Our solution prevents a malicious or misconfigured FRU from compromising the code running on the CPU by checking all the incoming and outgoing communication.”

Dr. Oren and his students developed the breakthrough software to identify and prevent hardware-generated data leaks and hacks. The team uses machine learning algorithms, developed by BGU’s world-class researchers, to monitor the communication for anomalies that may indicate malicious code. “We are now working on fine tuning the software monitoring capabilities and on ensuring it does not interfere with the use of the phone,” says Dr. Oren.

“Our technology doesn’t require device manufacturers to understand or modify any new code,” adds Dr. Oren. “It’s an FRU interface proxy firewall that can be implemented as a tiny chip, or as an independent software module running on the CPU.”

The BGU researchers are seeking to further test the patent-pending technology with phone manufacturers.

Read more about: ,

Email:

Delivered by FeedBurner