Redwall Technologies LLC Redwall Mobile : Secure Mobile Technology Quick Brief 2015 Redwall Technologies LLC This material is for information purposes only and does not constitute and offer to sell any goods or services. Dissemination, distribution, copying or communication of this material without the approval of Redwall Technologies is strictly prohibited. REDWALL MOBILE is a registered trademark of Redwall Technologies LLC. All rights reserved. All other trademarks are the property of their respective owners.
Problem: Present and growing mobile threats Malware infected as many Android devices as it did personal computers in the second half of last year Malware found in top apps on Google Play Store Over one in three of all Android owners are likely to encounter threats on their device this year Malware records voice, intercepts emails, and more, and is not stopped by encryption or antivirus tools Current security measures such as MDMs, security apps, sandboxing, and hypervisors have been wholly ineffective against attackers Possible Unwanted Programs (PUPs), Trojans, Viruses, and other Malware (4K mobile samples/day) Mobile Malware Growth 2013 2014 Q2 2014 Q4 2015 Q2 Redwall Technologies 2
Android is used in more and more devices Redwall Technologies 3
Our offensive work inspired a new defensive technology Wide variety of systems but mobile got really interesting Containers do not address malware or data leakage, and apps must be ported to vendorspecific solutions They are, after all, just apps Cloud solutions have extreme connectivity requirements Hypervisors and RTOSs don't help at the level most attacks occur, and they have high development costs and long times to market TrustZone, dual-personas, and virtualization just pour complexity into a second "container," merely moving the problem, and not solving it Redwall Technologies LLC 4
Offensive work includes Android malware Developed under contract for US government customer Installs implant using Webkit or other flaws, then downloads malware Demo implant available that records ambient audio, steals photos and other data Redwall Mobile blocks our own exploits, as well as those from hackers and researchers S4 with Redwall Mobile Stops Threats Redwall Technologies LLC Redwall Technologies LLC 5
The multiple device problem Because we have multiple missions throughout the day And we switch from role to role and theatre to theatre Because we need to separate and protect data at different levels of security And because we had no other practical choice until now Redwall Technologies LLC 6
Key risks we are addressing with our novel solution Audio spy Room or ambient audio Active or OTA audio VoIP, voice notes, and other audio Location spy GPS WiFi (IP etc.) Other triangulation Data spy Stealing data (e.g. emails, photos, passwords, SMS) Inserting or changing data Mobile malware Roque apps Trojans Kernel and Android exploits Rooting or reflashing Redwall Technologies LLC 7
Solution: New approach to mobile security Military-grade security on a consumer device Clear domain separation to prevent information leakage Unclassified CLASSIFIED Security level of military equipment in a familiar commercial device Multiple, adaptable mission and theatre-specific modes on a single COTS device (turns one physical device into many separate devices) User experience consistent with consumer smartphones Protects phone (or other device) against hackers, eavesdropping, known and unknown malware threats and more using unique, patentpending techniques Keeps sensitive data encrypted and isolated from untrusted apps and networks both while stored and transmitted 2015 Redwall Technologies LLC 8
Like carrying several devices at once, each with its own apps, policies, features, and capabilities Play store Camera GPS Authentication Personal Use Games, Twitter, Gmail, Facebook, and other personal apps Y Y Y None Choose one: Personal Enterprise Restricted Secret Secure Enterprise Install approved apps only from Play Store, no location services Restricted Personal Banking and financial apps only, multifactor authentication required Some Y N PIN Y Y Y Passcode Restricted Secret Comm A encrypted voice and data app only for communicating with highly trusted parties N N N PIV card Multiple policies now define multiple modes on the device Each can operate at different levels, with different capabilities and levels of trust, different file systems, etc. Temporal isolation, biomorphics, and other patent-pending techniques provide protections that virtualization and hypervisors cannot Redwall Technologies 9
The same paradigm applies to a wide range of devices Accept commands Allow data access Take pictures Accept commands Allow data access Take pictures Alice s data Speed alerts Outgoing handsfree Location reports Bob s data Speed alerts Outgoing handsfree Location reports Charlie s data Speed alerts Outgoing handsfree Location reports Redwall Technologies 10
And many, many more Redwall Technologies 11
Key advantages Behavioral vs taxonomic analysis Not looking for specific threats, viruses, files, or patterns, but rather any behavior not allowed in the policy Policies Temporal in addition to cryptographic and other isolation methods Sandboxing, virtualization, etc. cannot provide this level of isolation Allows for both static and dynamic policy definition Device and app support Moves easily to new devices without the re-engineering efforts involved in porting virtualization or hypervisor solutions Apps run as they are from the Play Store - no container or specialized API required Biomorphics... 2015 Redwall Technologies LLC 12
Diversity through research in Biomorphics Humans have it Devices do not Redwall devices do! P τ (f)= 4τP 0 1+(2πfτ) 2 mod tε fh,ε(x, y) = εex,y L x,yε(εu)ϕ(x)du 0 = h Lx,zϕ(x)ρx(dz) [ ( 1 tε + h Ey L x,y x (s)ϕ(x)ds tε tε ( tε tε 0 + 1 tε Ey L x,y x (s)ϕ(x)ds Ex,y 0 0 = h Lxϕ(x) + hθε(x, y) 3 τ=0 P τ G = ( m v t ) ) Lx,zϕ(x)ρx(dz) )] L x,yε(εs)ϕ(x)ds x1 = δ(x2 x1) x2 = rx1 x2 x1x3 x3 = x1x2 bx3 r δ(δ + b +3) δ b 1 ρ (H2 0,t) Attacks on one phone do not work on others Used in cryptography, DPA resistance, and other defenses Redwall Technologies 13
Thank you! For licensing options or more information, please contact us through our website. Redwall is also happy to meet any customization and development needs of your agency or company. Redwall http://www.redwall.us 2015 Redwall Technologies LLC This material is for information purposes only and does not constitute and offer to sell any goods or services. Dissemination, distribution, copying or communication of this material without the approval of Redwall Technologies is strictly prohibited. REDWALL MOBILE is a registered trademark of Redwall Technologies LLC. All rights reserved. All other trademarks are the property of their respective owners.