Research Area: Mobile Computing
Mobile devices such as smartphones are becoming the majority of computing devices due to their evolving capabilities. Currently, service providers such as financial and healthcare institutions over services to their clients using smartphone applications (apps). Many of these apps run on Android, the most adopted mobile operating system (OS) today. Since smartphones are designed to be carried around all the time, many persons use them to store their private data. However, the popularity of Android and the open nature of its app marketplaces make it a prime target for malware.
This situation puts data stored in smartphones in jeopardy, as it can be stealthily stolen or modfied by malware that infects the device.With the increasing popularity of smartphones and the increasing amount of personal data stored on these devices, mobile device security has drawn significant attention from both industry and academia. As a result, several security mechanisms and tools such as anti-malware software have been proposed for mobile OSs to improve the privacy of private data and to mitigate some of the security risks associated with mobile devices. However, these tools and mechanisms run in the device and assume that the mobile OS is trusted, i.e., that it is part of the trusted computing base (TCB).
In this work, we use the ARM TrustZone, a security extension for ARM processors that provides a hardware-assisted isolated environment, to implement security services that are protected from malware even if the mobile OS is compromised.In this thesis, we investigate two approaches to address some of the security risks associated with Android-based devices. In the rst approach, we present security services to detect intrusions in mobile devices.
Name of the Researcher: Sileshi Demesie Yalew
Name of the Supervisor(s): Seif Haridi
Year of Completion: 2018
University: KTH Royal Institute of Technology
Thesis Link: Home Page Url
