Combatting malicious apps
City University London is among four universities who have been given a share of £3m by the Engineering and Physical Sciences Research Council (EPSRC) to develop techniques to counter cyber criminals using malicious apps on smartphones. The EPSRC funding will also cover three teams carrying out research to enhance the UK's cyber-security.
Malicious apps can gain access to address books, GPS coordinates, passwords or pin numbers.
They can redirect data across the net, send users to phishing sites and also bypass the two-step authentication process used to access an ever-increasing number of online services such as banking or email. Criminals can monetise this information in a number of ways: by getting phones to send messages to premium numbers; by remotely controlling an infected phone; by tricking unsuspecting users into revealing passwords, and by using stolen data.
Professor Tom Chen of City's Centre for Cybersecurity Sciences will lead a research team that will develop new techniques to detect colluding apps to curtail threats before they become widespread. This will comprise academic researchers from City, University of Swansea and Coventry University.
By design, Android is "open" in its flexibility to download apps from different sources. Its security depends on restricting apps by combining digital signatures, sandboxing, and permissions.
These restrictions can be bypassed without the user noticing colluding apps whose combined permissions allow them to carry out attacks that neither app could carry out alone.
Professor Chen and his team have set out to address a major detection deficiency:
"Currently almost all academic and industry efforts are focusing on single malicious apps; almost no attention has been given to colluding apps. Existing antivirus products are not designed to detect collusion."
Another research team, led by Dr Lorenzo Cavallaro of Royal Holloway University of London, will study the behaviour of apps on Android operating systems and develop novel techniques to detect malicious apps, which are designed to remain hidden. They will use this information to enrich or enhance devices to counteract attacks.
Both research teams are partnering with McAfee, a division of Intel Security. The security company is giving the researchers access to a library of safe apps and will assist in analysing malware so that the researchers can test their behaviour.