Characterizing and Mitigating Wireless Systems Vulnerabilities

Award #: N/A
Amount Awarded: $150,000
Sponsoring Organization:Defense University Research Instrumentation Program (DURIP), Army Research Office (ARO)
Grant Period:05/22/09-05/21/10
Primary Investigator(s): Patrick McDaniel

Abstract

Wireless systems now form a central, critical, and irreplaceable segment of national communication infrastructure. Technological and financial pressures are moving these systems from the highly specialized systems towards Internet models. While these models ease application development and provide easier integration of critical systems and networks, they introduce heightened dangers for compromise. In this project, we seek to support our ongoing efforts in the characterization of vulnerabilities in wireless systems. Our past work have identified numerous critical failures of civilian cellular systems, and led to changes in the way commercial cellular providers interconnect with Internet services. The requested instrumentation will allow our team to extend these activities to evaluate public and military wireless networks by creating a realistic cellular research network. The requested infrastructure will significantly increase the educational capabilities of Penn State's computer science and engineering department to support wireless and security efforts achieved through coursework and independent research.

Related Research Projects

Mobile Phones

Related Publications

Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android. Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC), December 2009. Honolulu, HI. (best paper). [pdf]

William Enck, Machigar Ongtang, and Patrick McDaniel. On Lightweight Mobile Phone Application Certification. Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), November 2009. Chicago, IL. [pdf]

William Enck, Machigar Ongtang, and Patrick McDaniel, Mitigating Android Software Misuse Before It Happens. Technical Report NAS-TR-0094-2008, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, September 2008. Updated November 2008. [pdf]

William Enck, Machigar Ongtang, and Patrick McDaniel, Understanding Android Security. IEEE Security & Privacy Magazine, 7(1):50--57, January/February, 2009.