Malware.inc: analyzing the security of popular web/mobile frameworks

Abstract

Background and Objectives: A new generation of software emerged with mobile devices, cloud computing and the web. New usages come with new security threats, and a new generation of malware (malicious software) is emerging as well. Recent security reports show that these malware are on the increase. The goal of this project is to evaluate the risk of exposure to malware in popular app ecosystems such as Apple iOS, Google Android, Facebook, Google App Engine, Mozilla Firefox and Google Chrome. Methods: Eight students from Carnegie Mellon Qatar participated in this project. Each looked at a specific technology (either iOS, Android, Facebook, Google App, Mozilla Firefox or Google Chrome). The researchers learned how to develop applications and, as proof of concept, developed several malware apps that were able to steal user's personal information. One collects logins, passwords and credit card numbers from user's Gmail. One collects user's private information on Facebook and propagates through the victim's friends. One records the "clicking" passwords that users enter on online banking websites. One records keystrokes made on the computer without being detected by existing antivirus. One is an Android app that records people conversations while the phone is on standby mode. Results: Based on these experiments, we were able to assess the risks and analyze the security issues of these popular apps that we use everyday. These preliminary results were presented at 6th INTERPOL's Group meeting-MENA Region conference in Doha (March 22nd). We plan to publish the scientific results during the Fall of 2012. As future work, the security expertise gained during this project will allow us to design new security tools to protect users against these new kinds of malware. Conclusion: Qatar offers many services related to e-government, e-business, e-education and e-health through web portals and mobile applications. Deploying such a global infrastructure requires a strong security assurance. This project contributes to this vision by developing a local expertise on cyber security.