Paranoid Android: Zero-Day Protection for Smartphones Using the Cloud
Smartphones have come to resemble PCs in software complexity. Moreover, as they are often used for privacy-sensitive tasks, they are becoming attractive targets for attackers. Unfortunately, they are quite different from PCs in terms of resources, so that PC-oriented security solutions are not always applicable. Worse, common security solutions (such as on-access file scanners, system call profilers, etc.) protect against a very limited set of attacks. Comprehensive measures require a far wider and more expensive set of checks - some of which are much beyond the capacity of a phone. The authors propose an alternative solution, where security checks are applied on remote security servers which host exact replicas of the phones in virtual environments.