Understanding and Improving Security of the Android Operating System

Successful realization of practical computer security improvements requires an understanding and insight into the system\u27s security architecture, combined with a consideration of end-users\u27 needs as well as the system\u27s design tenets. In the case of Android, a system with an open, modular architecture that emphasizes usability and performance, acquiring this knowledge and insight can be particularly challenging for several reasons. In spite of Android\u27s open source philosophy, the system is extremely large and complex, documentation and reference materials are scarce, and the code base is rapidly evolving with new features and fixes. To make matters worse, the vast majority of Android devices in use do not run the open source code, but rather proprietary versions that have been heavily customized by vendors for product differentiation. Proposing security improvements or making customizations without sufficient insight into the system typically leads to less-practical, less-efficient, or even vulnerable results. Point solutions to specific problems risk leaving other similar problems in the distributed security architecture unsolved. Far-reaching general-purpose approaches may further complicate an already complex system, and force end-users to endure significant performance and usability degradations regardless of their specific security and privacy needs. In the case of vendor customization, uninformed changes can introduce access control inconsistencies and new vulnerabilities. Hence, the lack of methodologies and resources available for gaining insight about Android security is hindering the development of practical security solutions, sound vendor customizations, and end-user awareness of the proprietary devices they are using. Addressing this deficiency is the subject of this dissertation. New approaches for analyzing, evaluating and understanding Android access controls are introduced and used to create an interactive database for use by security researchers as well as system designers and end-user product evaluators. Case studies using the new techniques are described, with results uncovering problems in Android\u27s multiuser framework and vendor-customized System Services. Finally, the new insights are used to develop and implement a novel virtualization-based security architecture that protects sensitive resources while preserving Android\u27s open architecture and expected levels of performance and usability

Enhancing Fault / Intrusion Tolerance through Design and Configuration Diversity

Fault/intrusion tolerance is usually the only viable way of improving the system dependability and security in the presence of continuously evolving threats. Many of the solutions in the literature concern a specific snapshot in the production or deployment of a fault-tolerant system and no immediate considerations are made about how the system should evolve to deal with novel threats. In this paper we outline and evaluate a set of operating systems’ and applications’ reconfiguration rules which can be used to modify the state of a system replica prior to deployment or in between recoveries, and hence increase the replicas chance of a longer intrusion-free operation

Studying a Virtual Testbed for Unverified Data

It is difficult to fully know the effects a piece of software will have on your computer, particularly when the software is distributed by an unknown source. The research in this paper focuses on malware detection, virtualization, and sandbox/honeypot techniques with the goal of improving the security of installing useful, but unverifiable, software. With a combination of these techniques, it should be possible to install software in an environment where it cannot harm a machine, but can be tested to determine its safety. Testing for malware, performance, network connectivity, memory usage, and interoperability can be accomplished without allowing the program to access the base operating system of a machine. After the full effects of the software are understood and it is determined to be safe, it could then be run from, and given access to, the base operating system. This thesis investigates the feasibility of creating a system to verify the security of unknown software while ensuring it will have no negative impact on the host machine

Flow-graph analysis of system calls for exploit detection

One technique of improving computer security is to test an executable for presence of malicious code without running the executable. The present disclosure enables such detection of malicious code by leveraging the observation that system calls (syscalls) are a main pathway for exploits, since syscalls are an important way for a program to interact with an operating system kernel. The disclosure describes techniques to compute a control flow graph for the executable comprising only syscalls. A number of independent control flows are produced from such a control flow graph. Graph analysis/matching techniques are applied to detect exploit patterns in these syscall graphs, e.g., based on matching against known syscall exploit sequences for different vulnerabilities. In this manner, a potentially malicious executable is detected and can be isolated without exposing a computer system to damage

Topological changes in data-driven dynamic security assessment for power system control

The integration of renewable energy sources into the power system requires new operating paradigms. The higher uncertainty in generation and demand makes the operations much more dynamic than in the past. Novel operating approaches that consider these new dynamics are needed to operate the system close to its physical limits and fully utilise the existing grid assets. Otherwise, expensive investments in redundant grid infrastructure become necessary. This thesis reviews the key role of digitalisation in the shift toward a decarbonised and decentralised power system. Algorithms based on advanced data analytic techniques and machine learning are investigated to operate the system assets at the full capacity while continuously assessing and controlling security. The impact of topological changes on the performance of these data-driven approaches is studied and algorithms to mitigate this impact are proposed. The relevance of this study resides in the increasingly higher frequency of topological changes in modern power systems and in the need to improve the reliability of digitalised approaches against such changes to reduce the risks of relying on them. A novel physics-informed approach to select the most relevant variables (or features) to the dynamic security of the system is first proposed and then used in two different three-stages workflows. In the first workflow, the proposed feature selection approach allows to train classification models from machine learning (or classifiers) close to real-time operation improving their accuracy and robustness against uncertainty. In the second workflow, the selected features are used to define a new metric to detect high-impact topological changes and train new classifiers in response to such changes. Subsequently, the potential of corrective control for a dynamically secure operation is investigated. By using a neural network to learn the safety certificates for the post-fault system, the corrective control is combined with preventive control strategies to maintain the system security and at the same time reduce operational costs and carbon emissions. Finally, exemplary changes in assumptions for data-driven dynamic security assessment when moving from high inertia to low inertia systems are questioned, confirming that using machine learning based models will make significantly more sense in future systems. Future research directions in terms of data generation and model reliability of advanced digitalised approaches for dynamic security assessment and control are finally indicated.Open Acces

Practical Guidelines and Major Issues in Information Security Management Systems Implementations

Information is a major asset for any organization, to public or private. Threatsto information and information handling resources are getting more sophisticatedcontinuously. Also, regulatory requirements for data and system protection areincreasing in number as well as complexity. There are number of frameworks todeal with these issues systematically and effectively. One of such framework is theISO 27001 Information Security Management System (ISMS), which provides aframework for organizations to protect themselves against internal and externalthreats as well as natural disasters. The ISMS provides guidelines on how tomanage information processing, storage and transmission with appropriate controlsin order to avoid any security breaches. ISMS considers people, policies and ITtechnology as major categories of a security system. An organizations personal hasto be trained for establishing, implementing, operating, monitoring, reviewing,maintaining and continuous improving ISMS. Implementation of ISMS requiresrole-model attitude from the top management. Without a visionary and supportiveleadership, the ISMS cannot be used to properly identify and address the risks for anorganization. The practices show that an effective ISMS operation may requiremajor changes to some routine work practices. Clear direction from seniormanagers as well as coordination/support among team members is crucial for asuccessful ISMS project execution. In this work, some practical guidelines forsuccessful, cost effective and functional ISMS implementation will be provided.Also, observations gathered from years of auditing trails and lessons obtainedthrough practical applications will be presented. Major considerations for thesuccess/failure of security systems shall be discussed. It is concluded that security ispreparation of adequate policies/procedures/instructions and the support of wellinformed/diligent people, rather than utilization of sophisticated high-technologies.The importance of human factor for the success such management systems will beexemplified with real-life cases

Downconverting Module Architectures for High Performance Multipixel Cameras

Multipixel cameras represent an emerging topology for arrays receivers, improving speed and accuracy of both security scanning systems and radioastronomical sky surveys by means of a matrix of phased elements. Difficulties in the generation and proper distribution to each pixel of the local oscillator signal still limit their use to frequency ranges below a few GHz or at least seriously affect the complexity of the implementable cameras. This work presents a full comparison between two possible system architectures, alternatively based on LO frequency multiplication or subharmonic mixing strategies, aiming to overcome the aforesaid limitations: design and performance of two compact test vehicles in MMIC technology, both operating in the Q-band frequency range with ultrabroadband IF section, are reported

A Platform for monitoring of security and audit events: a test case with windows systems

Thesis submitted in partial fulfillment of the requirements for the Degree of Master of Science in Information Systems Security (MSc.ISS) at Strathmore UniversityThe rise in cyber attacks against organisations and government agencies has created a need for improving security and monitoring of Information Technology assets. Analysis and monitoring of security events are one of the key areas when it comes to detecting and preventing security compromises in any organisation. While intrusion detection and prevention are often used to measure security management in an organisation, there are challenges of false positives, false negatives and information overload to the analysts tasked with monitoring. This work proposes to deliver an event collection and analysis system to monitor the security of Information Technology assets that have Windows Operating Systems, a centralised log management tool and dashboards to monitor analysed events in real-time for security alarms. The system will involve an agent to collect security and events from Windows Operating systems and send the events in a readable JSON format to the processing server for analysis and there after visualisation of various security events of interest. While security alarms such as bruteforce attacks can be identified and escalated to the security analysts. Testing was carried out by generating the desired security events from a Windows 10 virtual machine that were captured by the designed system