TC: Small: In-Cloud Security Services for Mobile Devices

TC：小型：移动设备云内安全服务

• 批准号: 0916390
• 负责人: Michael Bailey
• 金额: $ 45万
• 依托单位: Regents of the University of Michigan - Ann Arbor
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2013-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0916390&HistoricalAwards=false
• 关键词: TC; Small; Cloud; Security; Services

Modern mobile platforms, such as the Google Android and Apple iPhone, are reinventing the mobile landscape by opening up third-party development and by providing sophisticated productivity, communication, and application suites. In addition, mobile devices are increasingly used to store sensitive personal information such as financial and medical data. Mobile environments face a wide range of unique security challenges. First, emerging mobile platforms have vastly different security and trust models. Second, techniques that worked for securing desktops do not transition well to mobile environments because mobile devices are highly resource constrained. Finally, mobile devices have inherently different usability patterns than traditional desktops that impact security.This project explores a new model for mobile security based on moving the complexity of malware detection to an in-cloud security service rather than performing analysis locally on each mobile device. We will investigate in-cloud security services for mobile devices based on an architecture that consists of a lightweight agent that runs on mobile devices interposing on access of applications and data, and a network service that identifies malicious applications using parallel signature, behavioral, and reputation-based detection engines. Our approach is structured around three objectives: (1) functionality across a wide variety of mobile platforms and security models, (2) minimal on-device CPU, memory, and power resources, and (3) security that adapts to mobile usability patterns. We will work with our industry partners to facilitate the deployment of the techniques and methods developed through this effort on live operational networks.

现代移动的平台，如Google Android和Apple iPhone，通过开放第三方开发和提供复杂的生产力、通信和应用程序套件，正在重塑移动的格局。 此外，移动的设备越来越多地用于存储敏感的个人信息，例如财务和医疗数据。移动的环境面临着各种独特的安全挑战。首先，新兴的移动的平台具有截然不同的安全和信任模型。其次，用于保护台式机的技术不能很好地过渡到移动的环境，因为移动的设备具有高度的资源约束。最后，移动的设备与传统的台式机相比具有固有的不同的可用性模式，这会影响安全性。该项目探索了一种新的移动的安全模式，该模式将恶意软件检测的复杂性转移到云安全服务中，而不是在每个移动终端上进行本地分析。我们将研究基于一个架构的移动的设备的云安全服务，该架构由一个轻量级代理和一个网络服务组成，该代理运行在移动的设备上，插入对应用程序和数据的访问，该网络服务使用并行签名、行为和基于声誉的检测引擎来识别恶意应用程序。我们的方法围绕三个目标构建：（1）跨各种移动的平台和安全模型的功能，（2）最小的设备上CPU，内存和电源资源，以及（3）适应移动的可用性模式的安全性。我们将与行业合作伙伴合作，促进通过这项工作开发的技术和方法在实时运营网络上的部署。