A Framework for Anomaly Detection in OKL4-Linux Based Smartphones

Smartphones face the same threats as traditional computers. As long as a device has the capabilities to perform logic processing, the threat of running malicious logic exists. The only difference between security threats on traditional computers versus security threats on smartphones is the challenge to understand the inner workings of the operating system on different hardware processor architectures. To improve upon the security of smartphones, anomaly detection capabilities can be implemented at different functional layers of a smartphone in a coherent manner; instead of just looking at individual functional layers. This paper will focus on identifying conceptual points for measuring normalcy in different functional layers of a smartphone based on OKL4 and LiMo Foundation’s platform architecture.

[1]  Christopher Krügel,et al.  Anomalous system call detection , 2006, TSEC.

[2]  Kymie M. C. Tan,et al.  Anomaly Detection in Embedded Systems , 2002, IEEE Trans. Computers.

[3]  Gernot Heiser Virtualization for Embedded Systems , 2007 .

[4]  Mark Burgess,et al.  Probabilistic anomaly detection in distributed computer networks , 2006, Sci. Comput. Program..

[5]  Jochen Liedtke,et al.  On micro-kernel construction , 1995, SOSP.

[6]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[7]  Azzedine Boukerche,et al.  Behavior-Based Intrusion Detection in Mobile Phone Systems , 2002, J. Parallel Distributed Comput..

[8]  J. Liedtke On -Kernel Construction , 1995 .