Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Incident Response, TDR, Governance, Risk and Compliance, Compliance Management, Privacy, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Professors highlight threat of mobile device rootkits

Two computer science professors are hoping that their latest research into rootkits will encourage the security community to develop better techniques for sniffing out the stealthy programs if they are installed on mobile devices.

Liviu Iftode and Vinod Ganapathy, who teach in the computer science department at Rutgers University in New Brunswick, N.J., presented their findings this week at a mobile computing workshop in Maryland. The pair revealed findings that confirm that smartphones are just as vulnerable to rootkits as their desktop counterparts.

Rootkits are a particularly dangerous class of malware because of their ability to hide on a system, compromise the operating system and infect the machine's core services, thus making them undetectable by conventional anti-virus products, Ganapathy told on Tuesday.

"The motivation around our work is that smartphone operating systems are becoming just as complicated as desktop operating systems," he said. "Our study has shown that rootkits are just as much of a threat for smartphones as desktops."

Iftode told that aside from classic data-stealing attacks, rootkits on mobile phones conceivably could intercept or divert phone calls, drain the device's battery, identify a user's location by compromising GPS functionality or leverage Bluetooth capabilities to determine who a user is with at a given time.

"These are just examples of attacks," Ganapathy said. "It's up to the attacker's creativity to come up with newer ways to exploit the interface on your smartphone."

While there are no known in-the-wild rootkits affecting mobile devices, the pair said such a scenario is not far off. Thus, they hope their research will generate increased interest within the white hat community.

Rootkits installed on smartphones are stealthier and hardier to detect than those installed on desktops, he said. And solutions to find rootkits on traditional operating systems, such as using virtual machine monitors to read memory pages on potentially infected computers, are "not directly applicable to smartphones," Ganapathy said.

"Our work is a call for defenses," he said. "We should start working on defenses for such attacks before such attacks become widespread in the future."

The professors currently are investigating potential solutions, with their results to be published in a forthcoming research paper. But the work to develop the right answer could take years, Iftode said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.