Securing the Smartphone
An estimated 80 percent of the U.S. population accesses the Internet though PCs, smartphones and other networked devices, placing vast amounts of personal and business data at risk to malware, identify theft and other forms of cyber attack. Now three ECE faculty members, Professors Mark Karpovsky and David Starobinski and Associate Professor Ari Trachtenberg, are participating in a project that seeks to identify, understand and mitigate security risks to smartphones— particularly those posed by a growing trend to replace their hardwired features with open-source, customizable software programs. Funded by a $3 million grant from the National Science Foundation and based at BU’s Center for Reliable Information Systems and Cyber Security, the project involves nine faculty in the College of Engineering, College of Arts and Sciences, and Metropolitan College; two industrial partners, Deutsche Telekom and Raytheon BBN Technologies; and one academic partner, Warwick University. The ECE researchers’ ultimate goal is to design more secure networking protocols and hardware and develop more effective, software-based strategies to authenticate users and callers. Toward that end, they’re designing new wireless network protocols that are less vulnerable to jamming via radio signal interference and smartphone authentication systems that do more than prompt for a username and password.
Leveraging the devices’ unique features including sensors, accelerometers and digital cameras, they’re developing authentication systems that pose questions only the owner could answer correctly based on data stored in the phone’s memory, or exploit biometric information such data from the phone’s accelerometer characterizing the owner’s distinctive gait. “Because your phone is a microcosm of you, it can capture details that a random person wouldn’t know,” says Trachtenberg. “With fewer of its features hardwired, the...