Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Device Security Challenges  Mustaque Ahamad, Director, Georgia Tech Information Security Center  Patricia Titus, VP and Global Chief Information.

Similar presentations


Presentation on theme: "Mobile Device Security Challenges  Mustaque Ahamad, Director, Georgia Tech Information Security Center  Patricia Titus, VP and Global Chief Information."— Presentation transcript:

1 Mobile Device Security Challenges  Mustaque Ahamad, Director, Georgia Tech Information Security Center  Patricia Titus, VP and Global Chief Information Security Officer, Unisys  Robert Smith, Founder & CTO, M.A.D. Partners  Moderator: Illena Armstrong

2 Attacks from the desktop world moving into the mobile environment –2009: iPhone botnet –2010: Google remotely nukes two apps that violated TOS –2010: 20% of Android apps leak private user data –2010: Android media player trojan spreads via text message Nov 11 20102 Mobile Attacks

3 Current Mobile Device Security Nov 11 20103 Direct interaction with service provider Ignore Periodically check revocation server Migrating desktop solutions

4 Avoiding Mobile Malware Mobile application market place can be used to propagate infected or malicious applications How are applications being evaluated? –Sophistication of malware in the desktop space (GT Mtrace system) –Analysis must focus on what they do rather than what they are –Utilizing available resources (IP reputation, DNS domain reputation, blacklists etc.) –Drive-by-downloads Nov 11 20104 Joint work with Jonathon Giffin, Wenke Lee, Paul Royal & Patrick Traynor

5 Mobile Security Analytics Capturing security relevant feature values and their analysis Local vs. proxy server IP vs. telecom network Other challenges: privacy, scalability, sharing intelligence across networks Call source feature analysis (Pindrop) Nov 11 20105 Joint work with Vijay Balasubramanian, Jonathon Giffin and Patrick Traynor.

6 Remote repair 1.Alert of malicious activity 2.Recovery server queries execution state of infected device 3.Server pushes remediation actions to device 4.Device’s trusted kernel executes remediation Nov 11 20106 Provider’s network Recover y server Jonathon Giffin, Patrick Traynor and their PhD students are working on this project.

7 Some questions Nov 11 20107 Are we making the right assumptions about threats to mobile devices? What security guarantees are possible? What is the best way to provide these guarantees? Some Questions


Download ppt "Mobile Device Security Challenges  Mustaque Ahamad, Director, Georgia Tech Information Security Center  Patricia Titus, VP and Global Chief Information."

Similar presentations


Ads by Google