Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Remote repair for infected phones in development

In response to the growing threat of mobile malware, researchers at Georgia Tech are planning to study mobile device security and ultimately hope to devise a way to remotely repair infected devices.

“Today, there haven't been widespread attacks, but we are seeing attackers starting to pay attention to mobile devices and we expect that that's only going to be increasing,” Jonathon Giffin, an assistant computer science professor, told SCMagazineUS.com on Tuesday.

Giffin and fellow assistant professor Patrick Traynor will lead a research study into cyberattacks within cellular networks, to be funded by a three-year, $450,000 grant from the National Science Foundation.

The researchers and a team of graduate students plan to build a cellular network test bed on campus to simulate how cellular devices communicate, Giffin said. Subsequently, they plan to study how attacks against mobile devices operate inside the test bed.

“We do hope that this is a test bed that will be useful to others who would like to do research into cellular security as well,” Giffin said.

The researchers also plan to investigate whether service providers, such as AT&T and Verizon Wireless, are capable of detecting infected devices in their networks, he said. Infected devices often send a high volume of traffic to a known malicious server or generate a high volume of text messages. So, service providers should be able to locate an infected device by monitoring network traffic patterns for anomalies..

“One of the hallmarks of our design is to use the network itself to identify attacks,” Giffin said.

Ultimately, the researchers want to develop a remote repair method that would enable service providers to clean malicious code off an infected device without the device having to be brought into a service center, Giffin said. The remote repair solution might be similar to remote wipe technologies that are used today to clear all the data off a mobile device that has gone missing.

Traynor has contacted a number of major carriers about the project and there is “a sense of excitement all around,” he said. “We need to develop solutions today so we are ready when these widespread attacks occur.”

When contacted by SCMagazineUS.com on Tuesday, a Verizon Wireless spokeswoman the company will await the outcome of the research before commenting. A spokesperson at AT&T could not be reached.

The hacker community clearly is ramping up efforts to study mobile devices.

This week, it was reported that a prank worm is circulating over jailbroken iPhones in Australia. In addition, late last month, a proof-of-concept (PoC) application was released that enables an attacker to remotely activate a BlackBerry microphone and listen in on surrounding sounds and conversations.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.