Implementing and optimizing an encryption filesystem on Android

Proceedings - 2012 IEEE 13th International Conference on Mobile Data Management, MDM 2012

Volumn , Issue , 2012, Pages 52-62

  Wang, Zhaohui ^a   Murmuria, Rahul ^a   Stavrou, Angelos ^a  

^a George Mason University   (United States)

Author keywords

Encrypted filesystem; Full disk encryption; I O performance; Smart handheld devices

Indexed keywords

CRYPTOGRAPHIC ALGORITHMS; DATABASE TRANSACTIONS; END USERS; FILE SYSTEMS; FILESYSTEM; HAND HELD DEVICE; I/O PERFORMANCE; INITIAL COSTS; MICRO-BENCHMARK; OPERATION TIME; PERSISTENT STORAGE; PORTABLE DEVICE; READ OPERATION; SECURITY AND PERFORMANCE; SOCIAL MEDIA; USER SPACES; WRITE OPERATIONS;

DIGITAL STORAGE; HAND HELD COMPUTERS; INFORMATION MANAGEMENT; LOCATION BASED SERVICES; MOBILE DEVICES; NATURAL LANGUAGE PROCESSING SYSTEMS; OPTIMIZATION; ROBOTS;

CRYPTOGRAPHY;

EID: 84870760849     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MDM.2012.31     Document Type: Conference Paper

References (33)

1. "Android honeycomb encryption," http://source.android.com/tech/ encryption/android-crypto-implementation.html.
2. "Android security overview," http://source.android.com/tech/ security/index.html. [Online]. Available: http://source.android.com/tech/ security/index.html
3. "Boost c++ library," http://www.boost.org/. [Online]. Available: http://www.boost.org/
4. "Dalvik format," http://en.wikipedia.org/wiki/Dalvik-(software) . [Online]. Available: http://en.wikipedia.org/wiki/ Dalvik-(software)
5. "File system in user space," http://fuse.sourceforge.net (2006). [Online]. Available: http://fuse.sourceforge.net
6. "Fips pub 1402, security requirements for cryptographic modules." [Online]. Available: http://csrc.nist.gov/publications/fips/ fips1402/fips1402.pdf
7. "iozone," http://www.iozone.org/.
8. "Librlog," http://www.arg0.net/rlog.
9. "Nielsen report," http://blog.nielsen.com/nielsenwire/online- mobile/u-s-smartphone-market-whos-the-most-wanted/.
10. "Openssl fips 1402 security policy, version 1.2."
11. "Rl benchmark: Sqlite," https://market.android.com/details?id= com.redlicense.benchmark.sqlite.
12. "Sqlite," http://www.sqlite.org/.
13. "Whispercore android device encryption," http://whispersys.com/ whispercore.html.
14. J. Bickford, R. O'Hare, A. Baliga, V. Ganapathy, and L. Iftode, "Rootkits on smart phones: attacks, implications and opportunities," in HotMobile '10: Proceedings of the Eleventh Workshop on Mobile Computing Systems - Applications. New York, NY, USA: ACM, 2010, pp. 49-54.
15. H. Bojinov, D. Boneh, R. Cannings, and I. Malchev, "Address space randomization for mobile devices," in Proceedings of the fourth ACM conference on Wireless network security, ser. WiSec '11. New York, NY, USA: ACM, 2011, pp. 127-138. [Online]. Available: http://doi.acm.org/10.1145/1998412. 1998434
16. F. M. David, E. M. Chan, J. C. Carlyle, and R. H. Campbell, "Cloaker: Hardware supported rootkit concealment," in SP '08: Proceedings of the 2008 IEEE Symposium on Security and Privacy. Washington, DC, USA: IEEE Computer Society, 2008, pp. 296-310.
17. S. M. Diesburg and A.-I. A. Wang, "A survey of confidential data storage and deletion methods," ACM Comput. Surv., vol. 43, pp. 2:1-2:37, December 2010. [Online]. Available: http://doi.acm.org/10.1145/1824795.1824797
18. W. Enck, P. Gilbert, B. gon Chun, L. P. C. J. Jung, P. Mc- Daniel, and A. N. Sheth, "Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones," in OSDI '10: Proceedings of the 9th symposium on Operating systems design and implementation. New York, NY, USA: ACM, 2010, pp. 255-270.
19. W. Enck and P. McDaniel, "Understanding android's security framework," in CCS '08: Proceedings of the 15th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2008, pp. 552-561. [Online]. Available: http://siis.cse.psu.edu/android sec tutorial.html
20. R. Geambasu, J. P. John, S. D. Gribble, T. Kohno, and H. M. Levy, "Keypad: an auditing file system for theft-prone devices," in Proceedings of the sixth conference on Computer systems, ser. EuroSys '11. New York, NY, USA: ACM, 2011, pp. 1-16. [Online]. Available: http://doi.acm.org/10. 1145/1966445.1966447
21. H. Kim, J. Smith, and K. G. Shin, "Detecting energy-greedy anomalies and mobile malware variants," in MobiSys '08: Proceeding of the 6th international conference on Mobile systems, applications, and services. New York, NY, USA: ACM, 2008, pp. 239-252.
22. H. Kim, N. Agrawal, and C. Ungureanu, "Examining storage performance on mobile devices," in Proceedings of the 3rd ACM SOSP Workshop on Networking, Systems, and Applications on Mobile Handhelds, ser. MobiHeld '11. New York, NY, USA: ACM, 2011, pp. 6:1-6:6.
23. J. Lee, J. Heo, Y. Cho, J. Hong, and S. Y. Shin, "Secure deletion for nand flash file system," in Proceedings of the 2008 ACM symposium on Applied computing, ser. SAC '08. New York, NY, USA: ACM, 2008, pp. 1710-1714. [Online]. Available: http://doi.acm.org/10.1145/1363686.1364093
24. L. Liu, G. Yan, X. Zhang, and S. Chen, "Virusmeter: Preventing your cellphone from spies," in RAID '09: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection. Berlin, Heidelberg: Springer-Verlag, 2009, pp. 244-264.
25. B. R. Moyers, J. P. Dunning, R. C. Marchany, and J. G. Tront, "Effects of wi-fi and bluetooth battery exhaustion attacks on mobile devices," in HICSS '10: Proceedings of the 2010 43rd Hawaii International Conference on System Sciences. Washington, DC, USA: IEEE Computer Society, 2010, pp. 1-9.
26. D. Muthukumaran, A. Sawani, J. Schiffman, B. M. Jung, and T. Jaeger, "Measuring integrity on mobile phone systems," in SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologies. New York, NY, USA: ACM, 2008, pp. 155-164.
27. D. C. Nash, T. L. Martin, D. S. Ha, and M. S. Hsiao, "Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices," in PERCOMW '05: Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops. Washington, DC, USA: IEEE Computer Society, 2005, pp. 141-145.
28. M. Ongtang, S. Mclaughlin, W. Enck, and P. Mcdaniel, "Semantically rich application-centric security in android," in In ACSAC '09: Annual Computer Security Applications Conference, 2009.
29. D. M. Radmilo Racic and H. Chen, "Exploiting mms vulnerabilities to stealthily exhaust mobile phones battery," in In SecureComm 06. SECURECOMM, 2006, pp. 1-10.
30. A. Rajgarhia and A. Gehani, "Performance and extension of user space file systems," in Proceedings of the 2010 ACM Symposium on Applied Computing, ser. SAC '10. New York, NY, USA: ACM, 2010, pp. 206-213. [Online]. Available: http://doi.acm.org/10.1145/1774088.1774130
31. N. Tolia and M. Satyanarayanan, "Benchmarks for mobile database access," in Proceedings of the 1st international workshop on System evaluation for mobile platforms, ser. MobiEval '07. New York, NY, USA: ACM, 2007, pp. 47-47.
32. N. Tolia, M. Satyanarayanan, and A. Wolbach, "Improving mobile database access over wide-area networks without degrading consistency," in Proceedings of the 5th international conference on Mobile systems, applications and services, ser. MobiSys '07. New York, NY, USA: ACM, 2007, pp. 71-84.
33. Z. Wang and A. Stavrou, "Exploiting smart-phone usb connectivity for fun and profit," in Proceedings of the 26th Annual Computer Security Applications Conference, ser. ACSAC '10. New York, NY, USA: ACM, 2010, pp. 357-366. [Online]. Available: http://doi.acm.org/10.1145/1920261.1920314