Dealing With Mobile Threats in Memory

Many of the threats that infected personal computers have now turned their attention toward mobile devices. A new way to detect malware on mobile devices is presented by a leading security researcher. By this new approach we can catch even unknown threats without draining the battery and slowing the processing power of mobile devices.

Scientists are conducting research to identify ways to protect mobile devices from malicious software. Markus Jakobsson, a principal scientist at Xerox PARC and the person behind the new malware detection technology says, “Traditional ways to protecting personal computers against threats doesn’t translate well to smart phones.”

Most of the antivirus programs take a lot of processing power to compare new files against a huge library of virus signatures while working in the background. Jakobsson says, mobile devices lack this processing power and continual scanning can also drains the batteries. According to his approach there must be a central server which monitors a device’s memory to find out any signs of infection.

There are two types to memories used by mobile devices: Random-access-memory (RAM), which is used by active programs and secondary storage, which has a slow access time and holds data not currently in use. Shutting off all non-vital applications, such as a browser or an e-mail app, Jakobsson’s system would check the device, and at this point only the operating system and the detection software would be running.

If malware is present, it will need to use some RAM to infect the device. So the central server contacts the detection software to check if malware is using RAM by measuring how much memory is available. It does this by completely filling the remaining memory space with random data and checking the amount of data needed against an image of the memory that was created when the device was malware-free.

Any malware running at this point would be revealed. Jakobsson says, the malware could try to hide its presence by allowing the random data to overwrite it in RAM, but this would prevent it from taking any action. And if it tries to hide in the device’s secondary storage, this would slow the device’s response to the central server, revealing the existence of malware.

Enjoyed this article? Submit your email to receive daily news and updates.

***You must click confirmation link sent in email. If you don't see the email, check spam folder.

Filed in: Mobiles Tags: , , ,

Leave a Reply

Submit Comment

© 2022 Tech Readers. Reproduction without explicit permission is prohibited. All Rights Reserved. XHTML / CSS Valid.