Title page for ETD etd-05162011-230143


Type of Document Master's Thesis
Author Deng, Yipan
URN etd-05162011-230143
Title DeviceGuard: External Device-Assisted System And Data Security
Degree Master of Science
Department Computer Science
Advisory Committee
Advisor Name Title
Yao, Danfeng Committee Chair
Butt, Ali R. A. Committee Member
Kafura, Dennis G. Committee Member
Keywords
  • Host Security
  • System Security
  • Data Security
  • Smartphone
Date of Defense 2011-05-02
Availability unrestricted
Abstract
This thesis addresses the threat that personal computer faced from malware when the personal computer is connected to the Internet. Traditional host-based security approaches, such as anti-virus scanning protect the host from virus, worms, Trojans and other malwares. One of the issues of the host-based security approaches is that when the operating system is compromised by the malware, the antivirus software also becomes vulnerable.

In this thesis, we present a novel approach through using an external device to enhance the host security by offloading the security solution from the host to the external device. We describe the design of the DeviceGuard framework that separate the security solution from the host and offload it to the external device, a Trusted Device. The architecture of the DeviceGuard consists of two components, the DeviceGuard application on the Trusted Device and a DeviceGuard daemon on the host.

Our prototype based on Android Development Phone (ADP) shows the feasibilities and efficiency of our approach to provide security features including system file and user data integrity monitoring, secure signing and secure decryption. We use Bluetooth as the communication protocol between the host and the Trusted Device. Our experiment results indicates a practical Bluetooth throughput at about 2M Bytes per second is sufficient for short range communication between the host and the Trusted Device; Message digest with SHA-512, digital signing with 1024 bits signature and secure decryption with AES 256 bits on the Trusted device takes only the scale of 〖10〗^1 and 〖10〗^3 ms for 1K bytes and 1M bytes respectively which are also shows the feasibility and efficiency of the DeviceGuard solution.

We also investigated the use of embedded system as the Trusted Device. Our solution takes advantage of the proliferation of devices, such as Smartphone, for stronger system and data security.

Files
  Filename       Size       Approximate Download Time (Hours:Minutes:Seconds) 
 
 28.8 Modem   56K Modem   ISDN (64 Kb)   ISDN (128 Kb)   Higher-speed Access 
  Deng_Y_T_2011.pdf 915.88 Kb 00:04:14 00:02:10 00:01:54 00:00:57 00:00:04

Browse All Available ETDs by ( Author | Department )

dla home
etds imagebase journals news ereserve special collections
virgnia tech home contact dla university libraries

If you have questions or technical problems, please Contact DLA.