Android Hypovisors: Securing Mobile Devices through High-Performance, Light-Weight, Subsystem Isolation with Integrity Checking and Auditing Capabilities
Files
TR Number
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The cellphone turned 40 years old in 2013, and its evolution has been phenomenal in these 40 years. Its name has evolved from "cellphone" to "mobile phone" and "smartphone" to "mobile device."] Its transformation has been multi-dimensional in size, functionality, application, and the like. This transformation has allowed the mobile device to be utilized for casual use, personal use, and enterprise use. Usage is further driven by the availability of an enormous number of useful applications for easy download from application (App) markets. Casual download of a seemingly useful application from an untrusted source can cause immense security risks to personal data and any official data resident in the mobile device. Intruding malicious code can also enter the enterprise networks and create serious security challenges.
Thus, a mobile device architecture that supports secure multi-persona operation is strongly needed. The architecture should be able to prevent system intrusions and should be able to perform regular integrity checking and auditing. Since Android has the largest user base among mobile device operating systems (OS), the architecture presented here is implemented for Android. This thesis describes how an architecture named the "Android Hypovisor" has been developed and implemented successfully as part of this project work. The key contributions of the project work are:
- Enhancement of kernel security
- Incorporation of an embedded Linux distribution layer that supports Glibc/shared libraries so that open-source tools can be added easily
- Integration of integrity checking and auditing tools (Intrusion Detection and Prevention System; IDPS)
- Integration of container infrastructure to support multiple OS instances.
- Analysis shows that the hypovisor increases memory usages by 40-50 MB. As the proposed OS is stripped down to support the embedded hypovisor, power consumption is only minimally increased.
This thesis describes how the implemented architecture secures mobile devices through high-performance, light-weight, subsystem isolation with integrity checking and auditing capabilities.