Development of a Secure Mobile GPS Tracking and Management System
Date
2012-01-30
Authors
Liu, Anyi
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
With increasing demand of mobile devices and cloud computing, it becomes increasingly important to develop efficient mobile application and its secured backend, such as web applications and virtualization environment. This dissertation reports a systematic study of mobile application development and the security issues of its related backend. First, to standardize the software development of mobile application, we design an efficient mobile application that investigate the key issues of mobile application development, such as location tracking, embedded database management (EDBM), and wireless communication. Our application has been implemented and commercialized on Window Mobile smartphones. Second, to prevent SQL injection attacks (SQLIAs), we propose a black-box input validation approach, which harnesses the effectiveness of genetic and input validation algorithms to dynamically extract users' inputs and detect malicious SQL control queries. Compared to state-of-the-art protection approaches, our method does not require any code changes on either the client, the web-server, or the back-end database. To evaluate the overhead and the detection performance of our system, we have implemented the SQLProb and tested it by using benchmark SQL attacks. Our experimental results show that we can detect all known SQL injection attacks while maintaining very low resource utilization. Third, to protect user's private information from being exfiltrated to outside attacker, we propose a architectural solution to detect covert channels in real-time. Our intrusion detection system, namely Observer, runs a secure virtual machine that mimics the malicious virtual machine so that any differences between two virtual machines can be identified in real time. Unlike most existing signature or anomaly-based covert channel detection approaches, Observer does not require any legitimate data to build a normal behavior model. To evaluate Observer, we have run covert channels and detected them in real-time. Our experimental results demonstrate that Observer can detect most covert storage channels with a high detection rate and low latency and overhead. Lastly, to detect more advanced covert channel attacks, such as covert timing channels (CTCs), we design a novel metric that can quantitatively measure the difference between the timing patterns of normal and CTCs. The key challenge we are facing is to detect CTC online in a environment, where accurate time keeping might be affected by many dynamic conditions. Our wavelet-based metric can quantitatively measure the distance between the outbound networking flows of benign VMs and malicious VMs, which contains CTCs. In addition, this online approach reduces the whole procedure of modeling legitimate traffic while remains transparent to end-users. Our experimental result demonstrates a high detection and a low false positive rate in detecting different CTC attacks.
Description
Keywords
Information Security, Mobile Application, Web Security, Intrusion Detection and Prevention, Real-Time Detection, Covert Channel