New BGU-Developed Firewall Protects Cellphones
New BGU-Developed Firewall Protects Cellphones
June 29, 2017
Homeland & Cyber Security, Press Releases
Cyber security researchers at Ben-Gurion University of the Negev (BGU) developed an innovative firewall program that adds a missing layer of security in Android cellphones and monitors for malicious code.
Earlier this year, Dr. Yossi Oren and his team of researchers in the BGU Department of Software and Information Systems Engineering (SISE), discovered a security vulnerability in the internal communications between Android cellphone components and a phone’s central processing unit (CPU). They alerted Android developer Google and helped the global company address the problem.
“Our technology doesn’t require device manufacturers to understand or modify any new code,” says Dr. Oren. “It’s a firewall that can be implemented as a tiny chip, or as an independent software module running on the CPU.”
From left: Amir Cohen, Reseach Assistant Benyamin Farshteindiker, Dr. Yossi Oren, Omer Shwartz
Some 400 million people change their phone’s components, such as touchscreens, chargers, and battery or sensor assemblies, which are all susceptible to significant security breaches and attacks.
These components, referred to as “field replaceable units (FRUs),” communicate with the phone CPU over simple interfaces with no authentication mechanisms or error detection capabilities. A malicious vendor could add a compromised FRU to a phone, leaving it vulnerable to password and financial theft, fraud, malicious photo or video distribution, and unauthorized app downloads.
“This problem is especially acute in the Android market with many manufacturers that operate independently,” the researchers say. “An attack of this type occurs outside the phone’s storage area; it can survive phone factory resets, remote wipes and firmware updates. Existing security solutions cannot prevent this specific security issue.”
Parts harboring malicious code can be surreptitiously placed in various replaceable phone components, compromising user data and security.
Researcher Omer Shwartz adds, “There is no way for the phone itself to discover that it’s under this type of an attack. Our solution prevents a malicious or misconfigured FRU from compromising the code running on the CPU by checking all the incoming and outgoing communication.”
The research team, guided by Dr. Asaf Shabtai, used machine learning algorithms to monitor the phones’ internal communications for anomalies that may indicate malicious code. Their software allowed them to identify and prevent hardware-generated data leaks and hacks.
A paper on the discovery and the new software will be presented at the prestigious Workshop on Offensive Technologies in Vancouver, Canada this August. Dr. Oren and Dr. Shabtai collaborated on the paper along with research students Omer Shwartz and Amir Cohen.
“The work of Dr. Oren’s team is the latest invention from SISE at BGU,” says Zafrir Levi, senior vice president of business development at BGN Technologies, the University’s commercialization and technology transfer company. “In the last decade, ISE has spawned many inventions that have been used worldwide through patents sold to international corporations and by start-up companies.”
The researchers are seeking to further test the patent-pending technology with phone manufacturers.
ABOUT AMERICANS FOR BEN-GURION UNIVERSITY
By supporting a world-class academic institution that not only nurtures the Negev, but also shares its expertise locally and globally, Americans for Ben-Gurion University engages a community of Americans who are committed to improving the world. David Ben-Gurion envisioned that Israel’s future would be forged in the Negev. The cutting-edge research carried out at Ben-Gurion University drives that vision by sustaining a desert Silicon Valley, with the “Stanford of the Negev” at its center. The Americans for Ben-Gurion University movement supports a 21st century unifying vision for Israel by rallying around BGU’s remarkable work and role as an apolitical beacon of light in the Negev desert.
About Ben-Gurion University of the Negev
Ben-Gurion University of the Negev embraces the endless potential we have as individuals and as a commonality to adapt and to thrive in changing environments. Inspired by our location in the desert, we aim to discover, to create, and to develop solutions to dynamic challenges, to pose questions that have yet to be asked, and to push beyond the boundaries of the commonly accepted and possible.
We are proud to be a central force for inclusion, diversity and innovation in Israel, and we strive to extend the Negev’s potential and our entrepreneurial spirit throughout the world. For example, the multi-disciplinary School for Sustainability and Climate Change at BGU leverages over 50 years of expertise on living and thriving in the desert into scalable solutions for people everywhere.
BGU at a glance:
20,000 students | 800 senior faculty | 3 campuses | 6 faculties: humanities & social sciences, health sciences, engineering sciences, natural sciences, business & management, and desert research.
For all press inquiries, please contact:
James Fattal, J Cubed Communications
516.289.1496
Stories Like This
