Defence in the field of computer science, Elena Reshetova, M.Sc.(Tech.)

2018-09-14 12:00:00 2018-09-14 23:59:59 Europe/Helsinki Defence in the field of computer science, Elena Reshetova, M.Sc.(Tech.) Real-world security for mobile and embedded devices http://cs.aalto.fi/en/midcom-permalink-1e87878cefd6840787811e885eb43c3e68856325632 Otakaari 2, 02150, Espoo

Real-world security for mobile and embedded devices

14.09.2018 / 12:00

Elena Reshetova, M.Sc.(Tech.), will defend the dissertation "Mobile and embedded platform security" on 14 September 2018 at 12 noon at the Aalto University School of Science, lecture hall T2, Konemiehentie 2, Espoo.The goal of this dissertation is to look at different practical security challenges that modern mobile and embedded systems are facing today and will face in the near future, as well as to develop mechanisms and techniques that can help manufacturers to deliver devices with a better balance of security, practical deployability and usability.

Nowadays we are surrounded by an enormous number of various mobile and embedded devices: smartphones, tablets, video surveillance systems, smart home appliances, in-vehicle infotainment, etc. Many recent attacks have shown that these devices and the associated infrastructure are very vulnerable to different types of attacks, such as leak of private or confidential data, violation of privileges, denial-of-service and many others. While much of research has been done both by academia and industry to bring better security to these devices, many of the proposed approaches are not deployed on a wide scale.

The goal of this dissertation is to look at different practical security challenges that modern mobile and embedded systems are facing today and will face in the near future, as well as to develop mechanisms and techniques that can help manufacturers to deliver devices with a better balance of security, practical deployability and usability. For example, out of all platform security mechanisms present in modern devices, the process and application isolation methods are ultimately the hardest ones to configure and use correctly. Not only there are multiple options that can be used simultaneously, but each of these options has many configurations. This is very challenging given that the final security of such mechanisms depends on their configuration or policy. Another example of the challenging area is the security of the operating system (OS) kernel: any breach in this area almost always leads to a compromise of the whole system, especially if no security hardware support is present. This makes the OS kernel a very attractive target and recent studies as well as increased number of kernel Common Vulnerabilities and Exposures (CVE) reports show that adversaries are focusing their efforts more and more on kernel-level attacks.

Dissertation press release (pdf)

Opponent: Dr. Michael Steiner, Intel Labs, United States

Custos: Professor N.Asokan, Aalto University School of Science, Department of Computer Science