An MTM based watchdog for malware famishment in smartphones
Due to their various wireless interfaces, a continuously increasing number of fishy Apps, and due to their raising popularity, smartphones are becoming a promising target for attackers. Independently of the point of entrance, malwares are typically attached to an App to perform their malicious activities. However, malware can only do harm on a smartphone if it is executed. We thus propose a malware prevention architecture for smartphones that exploits App signatures, process authentication during their creation, and process verification during their execution and scheduling. The proposed security mechanism will allow a smartphone to run only those Apps which are classified as trusted (i.e., signed Apps) and which are not modified after their installation. The trust derived from the App signatures and a Mobile Trusted Module (MTM) is propagated through the processes until their execution via process authentication. The MTM serves as a trust anchor for our malware famishment in smartphones. This work presents our solution conceptually. We will soon start with a proof of concept implementation and a performance study using a software based MTM emulator.
Full Text: PDF