Singapore Academic Cybersecurity R&D

Harnessing R&D to Secure our Nation

Secure Mobile Centre
 

• Lead PI : Robert Deng, Professor, SMU ( robertdeng@smu.edu.sg )
• Host Institution : School of Information Systems, SMU

I. Goal

Secure Mobile Centre (SMC) at the School of Information Systems, Singapore Management University, aims to create novel technologies and solutions to secure different layers of mobile computing systems via the implementation of a holistic, end-to-end approach to mobile computing security.

The four projects under Secure Mobile Centre are:

1. Fortifying mobile platforms with a user-centric trust anchor
2. Analysing, detecting and containing mobile malware>
3. System for scalable access control of encrypted data in untrusted servers
4. Secure and usable authentication systems in mobile computing

II. Technologies

Project 1: Fortifying mobile platforms with a user-centric thrust anchor

Problem: Attacks directed at mobile platforms causing great damage

We have designed a hypervisor-based fully isolated micro computing environment for executing security critical programmes and created a system prototype for user-centric on-demand device control without trusting the operating system.

Project 2: Analyzing, detecting, containing mobile malware

Problem: Mobile device users exposed to malicious programs

We have developed a system prototype for static and dynamic extraction of application behaviour. In addition, we have come up with the system design of communication mechanism between two split components of an Android application.

Project 3: System for scalable access control of encrypted data in untrusted servers

Problem: Outsourcing encrypted data to cloud storage systems protects data privacy but how to share encrypted data with others in a scalable manner?

We have designed protocols and algorithms for highly efficient decryption and user revocation in attribute-based encryption (ABE) systems. We have implemented a prototype of ABE-based secure storage system on top of OneDrive.

Project 4: Secure & usable authentication systems in mobile computing

Problem: Existing user authentication solutions are vulnerable to many pressing attacks

We have managed to design secure and practical user authentication systems. In particular, we completed the design and security evaluation of three novel solutions – FaceLive which is a face authentication system with liveness detection, three schemes for leakage-resilient password entry on Google Glass, and Typing-Proof 2FA which uses password as the 1st factor and proximity of user’s mobile phone to login computer as the 2nd factor.