Predictive information flow tracking for mobile security
Negin Salajegheh
Abstract:
Phones today carry sensitive information and have a great number of ways to communicate that data. As a result, malware that steal money, information, or simply disable functionality have hit the app stores. Current security solutions for preventing undesirable data leaks are mostly high-overhead and have not been practical enough for smartphones. In this paper, we show that by simply monitoring only memory loads and store instructions, it is possible to achieve low overhead, and yet highly accurate information flow tracking. Our method achieves 98% accuracy (0% false positive and 2% false negative) over DroidBench. Our lightweight method was also able to successfully catch real-world malware instances that steal phone number, location, and device ID using SMS messages and HTTP connections.
Bio:
Negin Salajegheh is a senior research engineer at Qualcomm research silicon valley (QRSV) where she has worked on mobile security, and real-time malware detection in mobile phones. Her work also includes data leak tracking, anomaly detection based on hardware behavior, as well as security and privacy of IoT devices. Negin received her PhD from University of Massachusetts Amherst on security and reliability of embedded systems such as RFID tags, medical devices, payment systems, and storage systems. She has published her work in ASPLOS, PerCom, Usenix security, Usenix FAST, and ACM Transactions on Embedded Computing Systems.