This news release is available in German.
The researchers are presenting their app for the first time at the upcoming Cebit computer fair, from March 16 to 20, 2015, in Hanover (Hall 9, Booth E13).
The attacks were perfidious: In February this year, the Czech IT security company Avast declared that it had identified several malicious game apps for mobile phones in the Google Play Store - ones that would only become criminally active on the device after several weeks. Then the affected smartphones or tablet computers would suddenly take minutes, instead of seconds, to display all the usual settings in proper colors. Or a message would appear when unlocking the device, claiming that the memory was infected or full of pornographic data. Anyone following the instructions given there would be redirected to suspicious sites, which make users download even more malicious programs (malware). "Regardless of whether the application is malicious or not, recreational games that you just want to play around with can be downloaded without hesitation using our method," says Philipp von Styp-Rekowsky. The computer scientist is a doctoral candidate at the Saarland University Graduate School for Computer Science, and also a researcher at the Center for IT-Security, Privacy and Accountability (CISPA), one of three security research centers in Germany that are specifically funded by the German Federal Ministry of Education and Research, BMBF.
What von Styp-Rekowsky developed for mobile devices with an Android operating system, already exists for operating systems on personal computers - the keywords are "Application Virtualization" or "Sandboxing". This is what software experts call those specially insulated areas of a program where its computations can have no effect whatsoever on its environment. Accordingly, von Styp-Rekowsky designed an app that acts as a kind of "quarantine station", isolating suspicious-looking apps installed on devices like smartphones and tablet computers.
"This has some significant advantages compared to previous methods", says von Styp-Rekowsky. "So far, this kind of controlled execution of oversight when executing suspicious apps could only be achieved either by interfering with the operating system, or by modifying the executable code of the app. In the first case, users would need to install a special version of the operating system, but in the second case, as soon as you change the code, you are no longer on firm legal ground, and will also lose the application data as well as the automatic update function." However, both these methods would not only be overwhelming to less experienced users, in the worst case, they could even make the device inoperative.
Von Styp-Rekowsky's sandbox approach works around these difficulties. "The installation process for apps is just the same as before. Users only need to make sure that it happens inside the sandbox," the researcher says. Moreover, his system not only serves as a protection against data theft, it is also useful for business clients with issues related to the trend to "bring your own device": It is becoming increasingly common that employees use their personal devices for official duties. In terms of IT security and legal certainty, this is certainly a major challenge for employers. "With the help of our app, a company could set up a segment of the employee's device in such a way that it is limited to work-related activities, allowing better protection of the interests of both the employer and the owner of the device," von Styp-Rekowsky explains. The app is still a research prototype presently, but will be developed into a marketable application in the next few months.
Computer science and informatics at Saarland University
The Department of Computer Science forms the core of the informatics landscape at Saarland University. A further seven internationally renowned research institutes are located in the immediate vicinity on campus. As well as the two Max Planck Institutes for Informatics and for Software Systems, the Saarbrücken campus is also home to the German Research Center for Artificial Intelligence, the Intel Visual Computing Institute, the Center for IT Security, Privacy and Accountability (CISPA) and the Cluster of Excellence 'Multimodal Computing and Interaction'.
Philipp von Styp-Rekowsky
Center for IT-Security, Privacy and Accountability (CISPA)
Phone: +49 681 302 57368
Competence Center Computer Science Saarland
Phone: +49 681 302-70741
Note for radio journalists: Phone interviews with Saarland University scientists can be conducted in studio quality using the Radio Codec (via direct-dial IP connection, or the ARD Sternpunkt 106813020001). Interview requests can be made via our press department (+49 681 302-2601).