security versus energy tradeoffs in
play

Security versus Energy Tradeoffs in Host-Based Mobile Malware - PowerPoint PPT Presentation

Nov 12, 2022 •407 likes •709 views

Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Jeffrey Bickford *, H. Andrs Lagar-Cavilla #, Alexander Varshavsky #, Vinod Ganapathy *, and Liviu Iftode * * Rutgers University # AT&T Labs Research Smart Phone

  1. Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Jeffrey Bickford *, H. Andrés Lagar-Cavilla #, Alexander Varshavsky #, Vinod Ganapathy *, and Liviu Iftode * * Rutgers University # AT&T Labs – Research

  2. Smart Phone Apps Store personal and private information Contacts Location Email Banking

  3. The Rise of Mobile Malware 2004 2006 2011 Mobisys 6/30/2011 3

  4. Traditional Malware Detection Antivirus 2011 30469 of 121876 scanned Battery life decreases 2x faster! Remaining Time: 1 hour 2 minutes Cancel Scan • Periodically scan the attack target – System comprised of code and data • Personal files, executables, databases, network activity Mobisys 6/30/2011 4

  5. Mobile Detection Problem • Typical machines can execute malware detection systems 24/7 • Mobile devices are limited by their battery • Detection mechanisms in their current state lead to high energy cost • Executing malware detection systems only when charging is not sufficient Mobisys 6/30/2011 5

  6. Contributions Explore the tradeoffs between security monitoring and energy consumption on mobile devices 1. Framework to quantify the security vs. energy tradeoffs on a mobile device 2. Create energy optimized versions of two security tools 3. Introduce a balanced security profile Mobisys 6/30/2011 6

  7. How Do I Conserve Energy? • Frequency of Checks – When to check? What to Check Attack Surface – Scan less frequently – Timing vs events • Attack Surface – What to check? – Scan fewer code/data When to Check objects Frequency of Checks Mobisys 6/30/2011 7

  8. Security-Energy Tradeoff Various Attacks • Scan all continuously – Best possible security Attack Surface – High energy cost Is there a sweet spot? • Periodically Scan – Vulnerable between scans • Scan Subset – Vulnerable to attacks outside of subset Frequency of Checks Mobisys 6/30/2011 Mobisys 6/30/2011 8 8

  9. Rootkits Rootkits are sophisticated malware requiring complex detection algorithms User Anti App App Virus App Libraries Space Virus Rootkit Kernel System Process Kernel Drivers Call Space Lists Code Table Mobisys 6/30/2011 9

  10. Demonstrated Attack Conversation Snooping Attack Send SMS Rootkit Infected Attacker Delete SMS Dial me “666 - 6666” Call Attacker Turn on Mic Rootkit stealthily hides from the user [Bickford et al. HotMobile ‘10 ] Mobisys 6/30/2011 10

  11. Rootkit Detection OS must be monitored using a hypervisor • Detection tools run in Trusted User OS trusted domain Detector • Mobile hypervisors soon – VMWare – OKL4 Microvisor (Evoke) Hypervisor – Samsung Xen on ARM Host Machine Mobisys 6/30/2011 11

  12. Experimental Setup • Viliv S5 – Intel Atom – 3G, WiFi, GPS, Bluetooth • Xen Hypervisor – Evaluated the tradeoff using two existing rootkit detectors within trusted domain • Workloads – 3G and WiFi workload simulating user browsing – Lmbench for a CPU intensive workload Mobisys 6/30/2011 12

  13. Detecting Data-Driven Attacks • Gibraltar [Baliga et al. IEEE TDSC ‘ 11] typifies the usual form of rootkit defense for kernel data attacks – Primarily pointer-based control flow – Scans data structures within the OS Kernel • Scanning approach analogous to antivirus scans • Original version monitored all data structures all of the time Mobisys 6/30/2011 13

  14. Detecting Data-Driven Attacks Guest domain Trusted domain Gibraltar daemon Kernel Kernel Reconstruct Code Data 2 data structures Invariant Data DB ? page 3 Alert 1 Fetch Page user Hypervisor Mobisys 6/30/2011 14

  15. Problem – High Energy Cost while(1) { for all kernel data structures { get current value Continuous check against invariant Scan Idle } Must tradeoff security for energy } • Maximum security • 100 % CPU usage • Poor Energy Efficiency Mobisys 6/30/2011 15

  16. Tradeoffs for Data-Based Detectors Attack Surface All Data Function Original design Pointers of Gibraltar All Lists Process List Event Threshold: (page Static Poll Frequency changes between checks) Data (seconds) 100 50 120 10 1 0 1 5 30 Frequency of Checks Mobisys 6/30/2011 16

  17. Frequency of Checks while(1) { while(1) { every “x” seconds { for all kernel data structures { get current value for all kernel data structures { Scan Idle check against invariant get current value } check against invariant } } } Mobisys 6/30/2011 17

  18. Evaluating the Tradeoff Sweet Spot! Mobisys 6/30/2011 18

  19. Attack Surface while(1) { while(1) { for all kernel data structures { for all kernel data structures { get current value for a subset of data structures { check against invariant get current value } check against invariant } } } Mobisys 6/30/2011 19

  20. Evaluating the Tradeoff 96% of rootkits! [Petroni et al. CCS ‘07] Mobisys 6/30/2011 20

  21. Detecting Code-Driven Attacks • Patagonix [Litty et al. USENIX Security ‘08] typifies most code integrity monitoring systems • A different class of rootkits attack code – trojaned system utilities – kernel code modifications • Can protect both kernel code and user space code • Protects against a different set of attacks compared to Gibraltar Mobisys 6/30/2011 21

  22. Detecting Code-Driven Attacks Trusted domain Guest domain Patagonix daemon Code: OS & Data applications 2 Hash hash(page) ? Code DB page 3 1 Resume Alert Hypervisor guest user Mobisys 6/30/2011 22

  23. Tradeoffs for Code-Based Detectors Attack Surface Original design of Patagonix All Code Root Processes Kernel Code Poll Frequency Event Threshold: (pages (seconds) exec between checks) 341 50 120 10 1 0 1 5 30 Frequency of Checks Mobisys 6/30/2011 23

  24. Putting it Together • Cover 96% of Rootkits • Polling sweet spot – 30 sec Mobisys 6/30/2011 24

  25. Conclusion • Mobile malware is a threat • Security tools costly when energy constrained • Developed a framework to quantify the tradeoff between energy efficiency and security • Optimized two previously existing tools • Generated a “balanced” security profile Mobisys 6/30/2011 25

  26. Thank You! Fully Secure Select a security plan: Balanced Low risk High risk Learn how to conserve power More security options Smart Phone Security Center Mobisys 6/30/2011 26

  27. Randomization • Periodically scan Attack Surface • Attackers will attempt to exploit the system while idle • Randomize the time the system is idle Frequency of Checks Mobisys 6/30/2011 27

  28. Cloud Offload Feasibility Cloud offload impractical energy-wise Mobisys 6/30/2011 28

Recommend

AUTOMATIC TRADEOFFS: ACCURACY AND ENERGY Stephanie Forrest

AUTOMATIC TRADEOFFS: ACCURACY AND ENERGY Stephanie Forrest

AUTOMATIC TRADEOFFS: ACCURACY AND ENERGY Stephanie Forrest Westley Weimer Jonathan Dorn Jeremy Lacomis 1/13/17 1 Tradeoffs So6ware development involves

527 views • 28 slides
Stabilization versus Sustainability: Macroeconomic Tradeoffs Huixin Bi, Eric Leeper &

Stabilization versus Sustainability: Macroeconomic Tradeoffs Huixin Bi, Eric Leeper &

Stabilization versus Sustainability: Macroeconomic Tradeoffs Huixin Bi, Eric Leeper & Campbell Leith Bank of Canada, Indiana University & University of Glasgow March 2011 (Preliminary) Huixin Bi, Eric Leeper & Campbell Leith

361 views • 35 slides
Analysis of the Tradeoffs between Energy and Run Time for Multilevel Checkpointing Prasanna

Analysis of the Tradeoffs between Energy and Run Time for Multilevel Checkpointing Prasanna

Analysis of the Tradeoffs between Energy and Run Time for Multilevel Checkpointing Prasanna Balaprakash, Leonardo A. Bautista Gomez , Slim Bouguerra, Stefan M. Wild, Franck Cappello , and Paul D. Hovland ANL PMBS workshop @ SC14

705 views • 43 slides
Energy-performance tradeoffs for HPC applications on low power processors E. Calore 1 . Schifano 1

Energy-performance tradeoffs for HPC applications on low power processors E. Calore 1 . Schifano 1

Energy-performance tradeoffs for HPC applications on low power processors E. Calore 1 . Schifano 1 R. Tripiccione 1 S. F 1 INFN Ferrara and Universit degli Studi di Ferrara, Italy UnConventional High Performance Computing 2015 Euro-Par

481 views • 47 slides
Visualizing size-security tradeoffs for lattice-based encryption Daniel J. Bernstein Horizontal

Visualizing size-security tradeoffs for lattice-based encryption Daniel J. Bernstein Horizontal

Visualizing size-security tradeoffs for lattice-based encryption Daniel J. Bernstein Horizontal axis: ciphertext size Why focus on size instead of CPU time? Fitting into existing frameworks and protocols. Data from Google. Long term:

835 views • 23 slides
Area and Time Tradeoffs in FPGAs Examining the concept of area/time tradeoffs in FPGA design,

Area and Time Tradeoffs in FPGAs Examining the concept of area/time tradeoffs in FPGA design,

Area and Time Tradeoffs in FPGAs Examining the concept of area/time tradeoffs in FPGA design, pattern matching, and Advanced Encryption Standard (AES) Richie Ung Trang (z5061606) Harry Gougousidis (z5159917) Henry Veng (z5113239) Presentation

569 views • 30 slides
GLOBAL ENERGY SECURITY THROUGH DIALOGUE GLOBAL ENERGY SECURITY THROUGH DIALOGUE Role of IEF

GLOBAL ENERGY SECURITY THROUGH DIALOGUE GLOBAL ENERGY SECURITY THROUGH DIALOGUE Role of IEF

GLOBAL ENERGY SECURITY THROUGH DIALOGUE GLOBAL ENERGY SECURITY THROUGH DIALOGUE Role of IEF Neutrality IEF adds value Promoting Inclusive Global Energy Cooperation by standing for Energy Data Transparency Ministerial Meeting Outcomes

112 views • 8 slides
Exploring Tradeoffs between Programmability and Efficiency in Data-Parallel Accelerators

Exploring Tradeoffs between Programmability and Efficiency in Data-Parallel Accelerators

EECS Electrical Engineering and Computer Sciences B ERKELEY P AR L AB P A R A L L E L C O M P U T I N G L A B O R A T O R Y Exploring Tradeoffs between

793 views • 55 slides
Tradeoffs in Droplet Transport for Digital Microfluidic Biochips Johnathan Fiske, *Dan Grissom ,

Tradeoffs in Droplet Transport for Digital Microfluidic Biochips Johnathan Fiske, *Dan Grissom ,

Exploring Speed and Energy Tradeoffs in Droplet Transport for Digital Microfluidic Biochips Johnathan Fiske, *Dan Grissom , Philip Brisk University of California, Riverside 19 th Asia & South PacificDesign Automation Conference Singapore,

935 views • 77 slides
ENERGY SECURITY Dr Jarosaw Winiewski, LSEE Visiting Fellow @jarwisniewski OUTLINE 1. Energy

ENERGY SECURITY Dr Jarosaw Winiewski, LSEE Visiting Fellow @jarwisniewski OUTLINE 1. Energy

POLITICISATION OF ENERGY SECURITY Dr Jarosaw Winiewski, LSEE Visiting Fellow @jarwisniewski OUTLINE 1. Energy mix 2. Energy security in South East Europe 3. Energy security (definitions) 4. Pipelines Great pipeline rivalry South

432 views • 27 slides
Energy Security of EaP Countries and Energy Union Strategy EaP Platform 3 meeting #14 Murman

Energy Security of EaP Countries and Energy Union Strategy EaP Platform 3 meeting #14 Murman

Energy Security of EaP Countries and Energy Union Strategy EaP Platform 3 meeting #14 Murman Margvelashvili Brussels December 11, 2015 Energy Security in the Context of National Security ( example of Georgia ) National Values Freedom,

355 views • 18 slides
Energy in Transition: How Green Energy Investments Enhance Energy Security Dr. Spyros Kiartzis

Energy in Transition: How Green Energy Investments Enhance Energy Security Dr. Spyros Kiartzis

Energy in Transition: How Green Energy Investments Enhance Energy Security Dr. Spyros Kiartzis Manager New Technologies & Alternative Energy Sources 11 th International Conference on Energy and Climate Change, Athens, 10 October 2018

588 views • 21 slides
Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER / engineers Hardware security for embedded systems: memory and communication protection Arithmetic Tradeoffs on Performance/Cost/Security secure

310 views • 14 slides
REDD+ within the WEL nexus Opportunities and tradeoffs Kristy Graham May 2011 Outline What

REDD+ within the WEL nexus Opportunities and tradeoffs Kristy Graham May 2011 Outline What

REDD+ within the WEL nexus Opportunities and tradeoffs Kristy Graham May 2011 Outline What is REDD+? REDD+ as a land use option Tradeoffs of using land for REDD+ vs other uses Tradeoffs will depend on policies in other sectors

551 views • 10 slides
Solar Sailing Kinetic Energy Impactor (KEI) Bernd Dachwald Ralph Kahle Mission Design Tradeoffs

Solar Sailing Kinetic Energy Impactor (KEI) Bernd Dachwald Ralph Kahle Mission Design Tradeoffs

Solar Sailing KEI Apophis Deflection Mission Solar Sailing Kinetic Energy Impactor (KEI) Bernd Dachwald Ralph Kahle Mission Design Tradeoffs for Impacting and Bong Wie Deflecting Asteroid 99942 Apophis Outline Introduction Mission Design

513 views • 36 slides
Advanced Energy for Homeland CONVERGE S T R A T E G I E S Defense and Security Michael Wu and

Advanced Energy for Homeland CONVERGE S T R A T E G I E S Defense and Security Michael Wu and

Advanced Energy for Homeland CONVERGE S T R A T E G I E S Defense and Security Michael Wu and Wilson Rickerson AGENDA 1.Defense Energy and National Security 2.State Support for DoD Missions 3.Advanced Energy Security for the Home Front

697 views • 16 slides
Encrypted SSDs: Self-Encryption Versus Software Solutions Michael Willett Storage Security

Encrypted SSDs: Self-Encryption Versus Software Solutions Michael Willett Storage Security

Encrypted SSDs: Self-Encryption Versus Software Solutions Michael Willett Storage Security Strategist and VP Marketing Bright Plaza Flash Memory Summit 2015 Santa Clara, CA 1 The Problem 2005-2013: over 864,108,052 records

161 views • 15 slides
Measuring Energy Security RYAN OPSAL Energy Security What is it? Familiar trap in the social

Measuring Energy Security RYAN OPSAL Energy Security What is it? Familiar trap in the social

Measuring Energy Security RYAN OPSAL Energy Security What is it? Familiar trap in the social sciences: too strict a definition and too much is excluded to be useful whereas too broad a definition weakens explanatory power given events Even

428 views • 15 slides
Clean Energy Transition: How Investments in Renewable Energy Enhance Energy Security Dr. Spyros

Clean Energy Transition: How Investments in Renewable Energy Enhance Energy Security Dr. Spyros

Clean Energy Transition: How Investments in Renewable Energy Enhance Energy Security Dr. Spyros Kiartzis Manager New Technologies & Alternative Energy Sources Balkan Clean Energy Transition Conference, Kozani, 21 September 2019 Contents

971 views • 19 slides
Meeting the Existential Challenges of Energy Security and Climate Change Agency for Natural

Meeting the Existential Challenges of Energy Security and Climate Change Agency for Natural

Meeting the Existential Challenges of Energy Security and Climate Change Agency for Natural Resources and Energy, METI December, 2016 CO2 Emission and Energy security after Fukushima accident Current Energy Mix in Japan (Power) 2 The

823 views • 29 slides
Storage Tradeoffs in a Collaborative Backup Service for Mobile Devices Ludovic Courts,

Storage Tradeoffs in a Collaborative Backup Service for Mobile Devices Ludovic Courts,

Storage Tradeoffs in a Collaborative Backup Service for Mobile Devices 1 Storage Tradeoffs in a Collaborative Backup Service for Mobile Devices Ludovic Courts, Marc-Olivier Killijian, David Powell 20 October 2006 Storage Tradeoffs in a

373 views • 22 slides
EMERGING ENERGY SECURITY RISKS AND RISK MITIGATION: THE ROLE OF INTERNATIONAL LEGAL FRAMEWORK

EMERGING ENERGY SECURITY RISKS AND RISK MITIGATION: THE ROLE OF INTERNATIONAL LEGAL FRAMEWORK

EMERGING ENERGY SECURITY RISKS AND RISK MITIGATION: THE ROLE OF INTERNATIONAL LEGAL FRAMEWORK Dr. Andrei Konoplyanik Deputy Secretary General Energy Charter Secretariat Panel Session on Energy Security: Emerging Energy Security Risks and

180 views • 16 slides
Cyber Security R&D (NE-1) Trevor Cook Office of Nuclear Energy U.S. Department of Energy NE

Cyber Security R&D (NE-1) Trevor Cook Office of Nuclear Energy U.S. Department of Energy NE

Cyber Security R&D (NE-1) Trevor Cook Office of Nuclear Energy U.S. Department of Energy NE Cyber Security R&D Objectives: To strength security through reduction of vulnerabilities To mitigate the consequences of threats To

51 views • 4 slides
Lecture 11: Energy and security Lecture 11: Energy and security considerations in wireless PHY +

Lecture 11: Energy and security Lecture 11: Energy and security considerations in wireless PHY +

Lecture 11: Energy and security Lecture 11: Energy and security considerations in wireless PHY + link considerations in wireless PHY + link layers layers Mythili Vutukuru CS 653 Spring 2014 Feb 10, Monday Energy and Security We will

259 views • 8 slides

More recommend