Advanced Security in Smartphone and IoT Systems

Module aims

In contrast with traditional ubiquitous computing, IoT devices use new user-interaction modalities, are more complex, and are interconnected. Thus they introduce new attack surfaces which can result in financial, emotional and physical harm to individuals: the Mirai botnet exploited myriads of insecure IoT devices to bring down a swathe of popular online services; adversaries took advantage of vulnerable smart baby monitors to scream at babies; intelligent vehicles were remotely attacked allowing an adversary to take control of steering, brake and transmission functions.

In this module you will have the opportunity to:

  • learn about state of the art approaches to attack smartphone (e,g, Android) and IoT systems (e,g, Amazon Alexa, Samsung Smartthings, 3D Printers, Autonomous Vehicles)
  • learn about state of the art approaches to defend (detection and prevention) against adversaries in smartphone and IoT systems
  • reflect on the impact of different design choices on the security of a smartphone or IoT system
  • put a black hat on and practice reverse engineering and attack techniques for smartphone apps
  • put a white hat on and write SELinux policies to enforce Mandatory Access Control on Android phones

Learning outcomes

Upon successful completion of this module you will be able to:

- Recall the basic security architecture of modern smartphone operating systems and popular smarthome platforms

- Identify and describe threat models and attack surfaces in smartphone and IoT systems

- Recall and reason about strengths and weaknesses of attack detection and prevention mechanisms on smartphones and IoT systems

- Assess and design the security of smartphone and IoT systems

- Implement confidentiality attacks on real popular smartphone operating systems

- Use reverse engineering tools to analyze real popular smartphone applications

- Write simple SELinux mandatory access control policies for Android

Module syllabus

This module covers the following topics:

- Android and iOS Security Architecture - Android Permission Model - Threats from Mobile Advertising - Side-Channel Attacks on Android and iOS - Offline and Runtime Detection: Information Flow; Malware detection - Prevention: Access Control; SELinux on Android - Smarthome attacks and defences - Attacks on Voice Assistants - Other emerging topics: Threats in Connected Manufacturing, Drones and Autonomous vehicles

Pre-requisites

Required:
• General understanding of fundamental CS concepts: algorithms, data structures, operating systems, networking, software engineering.
• 445H (Advanced Security) - This module goes into an in-depth discussion of the general topics discussed in the following Lectures of 445H)
• Mobile: Mobile platform security and mobile privacy
• Topics: IoT and device security

Recommended (not required):
• CO211 (Operating Systems)
• CO212 (Networks and Communications)
• CO331 (Web and Network Security)

Teaching methods

This module is motivated by security and privacy problems in popular, emerging real-world systems, addressing many application domains, including smartphones (e.g. Android and iOS), smarthome platforms (e.g. Samsung Smartthings), Voice Assistants (e.g. Amazon Alexa), connected manufacturing (e.g. 3D Printers), drones and autonomous vehicles. The module uses the more mature and widespread Android OS as a use case to perform an in-depth analysis of the attack surfaces and defense startegies on contemporary, mobile, connected systems. Then it analyzes the security of emerging IoT systems drawing comparisons and highlitghting differences with smartphone security. Classroom sessions include traditional lectures, discussions and one tutorial. Lectures and reading material are based on classical and state of the art research papers on security and privacy of those systems. Each 2-hour session will dedicate 15-20 minutes for discussion on the introduced topics. This aims to help you develop critical thinking skills (REMEMBER: no system is flawless) by focusing on security, privacy, performance, usability and ethical trade-offs. We will ask you to put your white hat on and dedicate a 1-hour tutorial to train you in writing SELinux security policies for Android phones. We will also ask you to put a black hat on to work on a coursework assignment. This aims to help you practice with reverse engineering Android apps and developing malware for Android. Reverse engineering is a useful technique for application analysis; understanding how malware work helps you better design defense systems (REMEMBER: a defense system is as strong as its adversary model). The coursework has a tutorial section to help you understand the Android app development tools, and a discovery-based section where you will use you creativity to attack Android. The most creative attacks will earn black-hat bragging rights and a prize. The assignment will be 15% of your grade. Discussion participation counts for 5%. Final exam will be 85%. Since this is the first time this module is taught, during revision week you will be exposed to types of questions you might encounter during the final.

Assessments

There will one assessed exercise (you will be guided in developing an Android malware) undertaken in groups of 2-3 people. The assignment counts for 15% of the marks for the module. Discussion participation counts for 5% of the overall module mark. This is to incentivize participation and SPEAKING UP! There will be a final paper-based exam, testing knowledge and critical thinking on an individual basis. This exam counts for the remaining 80% of the marks for the module.

Participation: 5%

Assignment: 15%

Final Exam: 80%

Module leaders

Dr Soteris Demetriou