Tech News

New firewall can protect your phone from security threat

The researchers are seeking to further test the patent-pending technology with phone manufacturers.

Published: 30th June 2017 04:13 PM  |   Last Updated: 30th June 2017 04:13 PM   |  A+A-

Image used for representational purpose only.

By ANI

NEW DELHI: A team of researchers has come up with an innovative firewall program that adds a missing layer of security in Android cellphones and monitors for malicious code.

Earlier this year, Yossi Oren and his team of researchers in the Ben-Gurion University of the Negev (BGU) Department of Software and Information Systems Engineering (ISE), discovered a security vulnerability in the internal communications between Android cellphone components and a phone's central processing unit (CPU). They alerted Android developer Google and helped the global company address the problem.

"Our technology doesn't require device manufacturers to understand or modify any new code," said Oren. "It's a firewall that can be implemented as a tiny chip, or as an independent software module running on the CPU."

Some 400 million people change their phone's components, such as touchscreens, chargers, and battery or sensor assemblies, which are all susceptible to significant security breaches and attacks. These components, referred to as "field replaceable units (FRUs)," communicate with the phone CPU over simple interfaces with no authentication mechanisms or error detection capabilities. A malicious vendor could add a compromised FRU to a phone, leaving it vulnerable to password and financial theft, fraud, malicious photo or video distribution, and unauthorized app downloads.

"This problem is especially acute in the Android market with many manufacturers that operate independently," the researchers said. "An attack of this type occurs outside the phone's storage area; it can survive phone factory resets, remote wipes and firmware updates. Existing security solutions cannot prevent this specific security issue."

Researcher Omer Schwartz added, "There is no way for the phone itself to discover that it's under this type of an attack. Our solution prevents a malicious or misconfigured FRU from compromising the code running on the CPU by checking all the incoming and outgoing communication."

The research team used machine learning algorithms to monitor the phones' internal communications for anomalies that may indicate malicious code. Their software allowed them to identify and prevent hardware-generated data leaks and hacks.

The researchers are seeking to further test the patent-pending technology with phone manufacturers.

A paper on the discovery and the new software will be presented at the prestigious Workshop on Offensive Technologies in Vancouver, Canada. 

Stay up to date on all the latest Tech news with The New Indian Express App. Download now
Get the news that matters from New Indian Express on WhatsApp. Click this link and hit 'Click to Subscribe'. Follow the instructions after that.

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

Latest