Israeli researchers develop new way to protect Android devices

Researchers develop smartphone program after discovering security breach earlier this year.

By
June 29, 2017 16:35
1 minute read.
Mobile

A man using mobile smartphone. (photo credit: ING IMAGE/ASAP)

 
X

Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analyses from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user experience almost completely free of ads
  • Access to our Premium Section
  • Content from the award-winning Jerusalem Report and our monthly magazine to learn Hebrew - Ivrit
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief

UPGRADE YOUR JPOST EXPERIENCE FOR 5$ PER MONTH Show me later

Cyber security researchers at Ben-Gurion University have developed a new firewall program for Android phones that will repair certain security vulnerabilities found in these mobile devices.

The program, developed by Dr. Yossi Oren and his students, adds a missing layer of security in the communication between Android cell phone components and the central processing unit (CPU). The researchers developed the fix after discovering the security breach earlier this year and alerting Google to help them address the problem, according to the university.

Be the first to know - Join our Facebook page.


“We are now working on fine tuning the software-monitoring capabilities and on ensuring it does not interfere with the use of the phone,” said Oren, whose lab is housed in the software and information systems engineering department.

The vulnerability pinpointed by the Oren and his team is located outside the phone’s standard storage mechanism – in the “field-replaceable units” (FRUs) such as touchscreens, charger, batteries or sensor assemblies. FRUs are susceptible to significant security breaches, including password and financial theft, fraud, malicious photo or video distribution and unauthorized app downloads, the researchers explained.

Existing security solutions cannot prevent this type of attack, which can survive phone factory resets, remote wipes and firmware updates, they said, adding that the problem, is particularly acute in the Android market because the manufacturing chain is fragmented and difficult to control.

“There is no way for the phone itself to discover that it’s under this type of an attack,” said research fellow Omer Schwartz. “Our solution prevents a malicious or misconfigured FRU from compromising the code running on the CPU by checking all the incoming and outgoing communication.”


The team members have developed a type of software capable of identifying and preventing hardware-generated data leaks and hacks. To do so, the researchers said they employed machine learning algorithms to monitor the communications for anomalies that may indicate malicious code.

“Our technology doesn’t require device manufacturers to understand or modify any new code,” Oren said.

“It’s an FRU interface proxy firewall that can be implemented as a tiny chip or as an independent software module running on the CPU.”

The researchers are seeking to further test their patent-pending technology with phone manufacturers, according to a statement from the group.

Join Jerusalem Post Premium Plus now for just $5 and upgrade your experience with an ads-free website and exclusive content. Click here>>

Related Content

Workers strike outside of the Teva building in Jerusalem, December 2017
December 18, 2017
Workers make explosive threats as massive Teva layoff strikes continue

By MAX SCHINDLER