Posted on 11/03/2014
Royal Holloway has received a share of a £3 million grant from the Engineering and Physical Sciences Research Council (EPSRC) to counter cyber-criminals who are using malicious apps which can collude with each other to infect the smartphone in your pocket.
Malware attacks are rising year on year – and over one million new Android malware attacks were identified in 2013 by McAfee, a division of Intel Security.
Dr Lorenzo Cavallaro, Lecturer in the Information Security Group at Royal Holloway, will lead a research team that will study the behaviour of apps on Android operating systems and develop novel techniques to spot malicious apps which are designed to remain hidden. They will use this information to enrich or enhance devices to counteract attacks.
Dr Cavallaro said: “You may think that the phone in your pocket is safe, but think again. We’re used to considering our phones as a trusted, private channel of communication, and suitable to receive authentication information to access specific online services. Unfortunately, this information can be leaked or abused by colluding malware if the mobile device is infected.”
Malicious apps can gain access to address books, GPS coordinates, passwords or pin numbers. They can redirect your data across the net, send you to phishing sites and also bypass the two-step authentication process used to access an ever-increasing number of online services such as banking or email. Criminals can monetise this information in a number of ways – by getting your phone to send messages to premium numbers, by remotely controlling an infected phone, by tricking you into revealing passwords and by using your stolen data.
The £3 million is funding two app research teams at Royal Holloway and City University London, Coventry and Swansea Universities as well as three teams carrying out research to enhance the UK’s cyber-security.