Center for Cybersecurity and Digital Forensics (CDF): Admin Account

Center for Cybersecurity and Digital Forensics (CDF): Admin Account CDF Membership: Allstate CDF Membership: Samsung - Revision - 2 - Year 4 CDF Membership: Samsung CDF Membership: Samsung In recent years, smartphones, numerous IoT devices, and wearable devices have entered our daily lives with advances in IT technologies, significantly improving qualities of our lives with the convergence of big data, AI, and 5G technologies. While such advancements offer new and convenient experiences to end users, they provide a new security challenge to protect exponentially growing users private data and to provide strong assurance of these devices. However, the attack technologies to analyze mobile devices and IoT systems including their applications have been more advanced and diverse. In particular, compromising OS kernels has been recently addressed in depth. In addition, a variety of new and advanced attack vectors including cache side-channel attack and memory disclosure attack have been also discovered. Recent attempts to protect operating systems from attacks can be categorized into two thrusts: hypervisorbased and hardware-assisted approaches. Hypervisor-based approach employs virtualization techniques to run security tools with higher privileges in the hypervisor. Yet, the hypervisor itself has a larger attack surface because of growing functionalities and the number of modules. On the other hand, hardware-assisted approach utilizes hardware isolation techniques provided by hardware platforms including TrustZone, embedded Secure Element, TPM, etc. With the untethered rate of devices connected to the network and digital information produced, the cybersecurity community needs to constantly innovate to keep pace. For cybersecurity in next generation systems, mission critical safety measures, physical security controls and in-depth verifiability & threat analysis are emerging as core capabilities to incorporate into a security platform. Moreover, attacks through connected devices are surging and the users are becoming targets of cybercrime. Various cybercrimes such as Robocal/Phone scam, ransomware, IP-cam sneaking are becoming social issues and getting more sophisticated. Although traditional security solutions such as system security or anti malware give basic protection against the attacks, they are not sufficient to tackle the emerging attacks and crimes. This project seeks a way to (i) effectively and automatically analyze potential security threats in these domains, (ii) design robust security mechanisms for these areas against diverse attacks by using relevant software and hardware features. These tasks will be performed in parallel and collaboratively with Samsung. Assessment is an important aspect of any research project as it can offer measures of success to the investigations conducted. In particular, the target area and related security & privacy requirements will be annually discussed and determined by the mutual agreement. For the execution of this project, the PIs physical presence is required to perform and discuss the proposed tasks and corresponding outcome with Samsung. At the end of this project, we will provide a document summarizing our results. The recommendation will not be disseminated without having a written approval from Samsung