Jon Oberheide
ABSTRACT
Modern mobile devices continue to approach the capabilities and extensibility of standard desktop PCs. Unfortunately, these devices are also beginning to face many of the same security threats as desktops. Currently, mobile security solutions mirror the traditional desktop model in which they run detection services on the device. This approach is complex and resource intensive in both computation and power. This paper proposes a new model whereby mobile antivirus functionality is moved to an off-device network service employing multiple virtualized malware detection engines. Our argument is that it is possible to spend bandwidth resources to significantly reduce on-device CPU, memory, and power resources. We demonstrate how our in-cloud model enhances mobile security and reduces on-device software complexity, while allowing for new services such as platform-specific behavioral analysis engines. Our benchmarks on Nokia's N800 and N95 mobile devices show that our mobile agent consumes an order of magnitude less CPU and memory while also consuming less power in common scenarios compared to existing on-device antivirus software.
- P. Chen and B. Noble. When virtual is better than real. Proceedings of the 2001 Workshop on Hot Topics in Operating Systems (HotOS), pages 133--138, 2001. Google Scholar
Digital Library
- L. Cox and P. Chen. Pocket Hypervisors: Opportunities and Challenges. Proceedings of HotMobile, 2007. Google ScholarDigital Library
- F-Secure Corporation. F-secure mobile anti-virus. http://mobile.f-secure.com/, 2008.Google Scholar
- J. Flinn, D. Narayanan, and M. Satyanarayanan. Self-tuned remote execution for pervasive computing. In Proceedings of the 8th Workshop on Hot Topics in Operating Systems (HotOS-VIII), pages 61--66, Schloss Elmau, Germany, May 2001. Google ScholarDigital Library
- A. Fox, S. Gribble, E. Brewer, and E. Amir. Adapting to network and client variability via on-demand dynamic distillation. ACM SIGPLAN Notices, 31(9):160--170, 1996.Google ScholarDigital Library
- Google. Android - an open handset alliance project. http://code.google.com/android/, 2008.Google Scholar
- Google. Google safe browsing. http://code.google.com/apis/safebrowsing/, 2008.Google Scholar
- Kaspersky Lab. Kaspersky mobile security. http://usa.kaspersky.com/products_services/mobile-security.php, 2008.Google Scholar
- T. Kunz and S. Omar. A mobile code toolkit for adaptive mobile applications. In Proceedings of the 3rd IEEE Workshop on Mobile Computing Systems and Applications, pages 51--59, Monterey, CA, December 2000. Google ScholarDigital Library
- Nokia Corporation. Maemo sdk. http://maemo.org/, 2008.Google Scholar
- Nullriver, Inc. iphone installer.app. http://iphone.nullriver.com/, 2008.Google Scholar
- J. Oberheide, E. Cooke, and F. Jahanian. Rethinking antivirus: Executable analysis in the network cloud. In 2nd USENIX Workshop on Hot Topics in Security (HotSec 2007), August 2007. Google ScholarDigital Library
- J. Oberheide, E. Cooke, and F. Jahanian. Cloudav: N-version antivirus in the network cloud. July 2008. To Appear in the Proceedings of the 17th USENIX Security Symposium. Google ScholarDigital Library
- J. Ogness. Dazuko: An open solution to facilitate on-access scanning. Virus Bulletin, 2003.Google Scholar
- A. Rudenko, P. Reiher, G. J. Popek, and G. H. Kuenning. The Remote Processing Framework for portable computer power saving. In Proceedings of the ACM Symposium on Applied Computing, San Antonio, TX, February 1999. Google ScholarDigital Library
- Sourcefire, Inc. Clamav antivirus. http://www.clamav.net/, 2008.Google Scholar
- Symantec Corporation. Symantec mobile antivirus for windows mobile. http://www.symantec.com/norton/products/overview.jsp?pcid=pf&pvid=smavw%m, 2008.Google Scholar
- K. Veeraraghavan, E. Nightingale, J. Flinn, and B. Noble. qufiles: a unifying abstraction for mobile data management. In The Ninth Workshop on Mobile Computing Systems and Applications (HotMobile 2008), February 2008. Google ScholarDigital Library
- B. Zenel. A general purpose proxy filtering mechanism applied to the mobile environment. Wireless Networks, 5(5):391--409, 1999. Google ScholarDigital Library
Index Terms
- Virtualized in-cloud security services for mobile devices
Recommendations
Review of the Mobile Malware Detection Approaches
PDP '15: Proceedings of the 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based ProcessingMobile devices such as smartphones and tablets are extremely widespread nowadays. These devices provide users with a wide range of applications for commercial and public use. However, the contents of applications and their full behavior are not always ...
Video streaming to mobile handheld devices: challenges in decoding, adaptation, and browsing
MCAM'07: Proceedings of the 2007 international conference on Multimedia content analysis and miningGrowing popularity and richer functionality of contemporary mobile handheld devices such as PDAs and smart phones have enabled emerging video streaming applications to these devices via various wireless networks. However, these handheld devices are ...
Distance-Learning and Converging Mobile Devices
ITNG '09: Proceedings of the 2009 Sixth International Conference on Information Technology: New GenerationsThis paper reports on the use, effectiveness, and acceptance of graduate computer science course lectures recorded and formatted for mobile devices, including Video iPods, PDAs, and Ultra-Mobile PCs (UMPC). Technology convergence is trending toward that ...
Comments