1 / 13

Virtualized In-Cloud Security Services for Mobile Devices

Virtualized In-Cloud Security Services for Mobile Devices. Authors:Jon Oberheide, Kaushik Veeraraghavan , Evan Cooke, Jason Flinn, Farnam Jahanian Electrical Engineering and Electrical Engineering and Computer Science University

kyoko
Download Presentation

Virtualized In-Cloud Security Services for Mobile Devices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virtualized In-Cloud Security Services for Mobile Devices Authors:Jon Oberheide, Kaushik Veeraraghavan , Evan Cooke, Jason Flinn, Farnam Jahanian Electrical Engineering andElectrical Engineering and Computer Science University of Michigan Ann Arbor Source: Proc. of MobiVirt, Breckenridge, CO, June 2008 Presenter:Hsin-Ruey, Tsai

  2. Introduction • Approach • Evaluation • Improvement

  3. Introduction • Security vendors have marketed mobile-specific versions of antivirus software. • When complexity of mobile platforms and threats increase, the functionality can have significant power and resource overhead. Bandwidth Power

  4. Benefits • Better detection of malicious software • Reduced on-device recourse consumption • Reduced on-device software complexity

  5. Introduction • Approach • Evaluation • Improvement

  6. CloudAV (After a file be analyzed) Network cache Trapped ID Local cache Cache Compare If no Other uses Network service Analyze

  7. CloudAV • Network service: Movie detection capabilities to a network service allows the use of multiple antivirus engines in parallel by hosting them in virtualized containers.

  8. Extending CloudAV • Mobile Agent: The file identifier algorithms and communications protocol with the network service Hook the execve syscall and file system operations to acquire and process candidate files before permitting their access. • Mobile-Specific Behavioral Engine: Emulate or run real operating systems and applications at runtime.

  9. Additional Security Services • SMS Spam Filtering It can be much more accurate in a network-centric deployment model through the aggregation of data from a large corpus of users. • Phishing Detection • Centralized Blacklists

  10. Introduction • Approach • Evaluation • Improvement

  11. Evaluation • For each experiment, we provide results for three cache states for our mobile agent (MA): CL+CR: cold local, cold remote; CL+WR: cold local, warm remote; and WL+WR: warm local, warm remote. • Computational Resources

  12. Evaluation • Power Consumption

  13. Improvement • Disconnected operation • Privacy

More Related