Friday, March 5, 2010

Mobile Device Security

A couple of years ago, we started investigating the IT security of mobile devices and the 1st generation of smart phone. Grant Jacoby was the first of a couple of grad student who researched how to implement some sort of IDS on PDAs and smart phones. He discovered that the Windows Mobile OS doesn't allow access to raw sockets supposedly for "security" reasons. This restriction basically prevented us from writing any type of IDS program for that platform.

So, how could we create an IDS that would be effective on those platforms? We decided to look at the power output of the batteries to see if we could detect aberrant behavior. We discovered a number of things.
  1. Smart batteries are supposed to output their power readings every second. We discovered that interval varied from 1-9 seconds. So, much for standards.....
  2. For idle devices, we were able to detect anomalous behavior by monitoring the power output of the batteries.
  3. We couldn't determine the type of attacks but we can definitely say "something is attacking us" :-)
If you want the gory details, check our IEEE Security & Privacy article on the subject. The link is at http://www.computer.org/portal/web/csdl/doi/10.1109/MSP.2006.139.

rcm

1 comment: