Prof Yuval Elovici presents cyber security expertise at BGU gala in Paris

Yuval Elovici, Professor at the Department  of Information Systems Engineering and Director of Deutsche Telekom Laboratories at Ben-Gurion University of the Negev Yuval Elovici, Professor at the Department of Information Systems Engineering and Director of Deutsche Telekom Laboratories at Ben-Gurion University of the Negev
BGU and the Israel National Cyber Bureau have created a center for the protection of cyberspace. The new Center harnesses the University’s expertise to drive research and foster the development of cyber security technologies. At the heart of the endeavor is a dedicated initiative to promote academic research in the field, enabling members of the Center to engage in basic research. Construction of the new Carole and Marcus Weinstein Information Systems Engineering and Cyber Security Building has begun. The state-of-the-art building is expected to open its doors in the summer of 2016. In the meantime, the Cyber Security Research Center is temporarily based at the Advanced Technologies Park, where it is nurtured in the hothouse of innovation that exists there.
The new six-floor building will be a hub of activity, largely comprised of the Department of Information Systems Engineering and the Cyber Security Research Center. The Center will include the Cyber Attack Simulation Lab, Malware Analysis Lab, Mobile Security Lab, Embedded Systems Security Lab and the Secure Cyber Lab, designated for confidential research and designed in accordance with those needs. The presence on campus of a new building dedicated to cyber security reflects the importance of the discipline at BGU and its emergence as a force to be reckoned with worldwide.
BGU’s Cyber Security Labs have identified a critical vulnerability in highly secure Samsung mobile devices

Security researchers at BGU’s Cyber Security Labs have identified a critical vulnerability in highly secure Samsung mobile devices which are based on the Knox architecture. Samsung Knox, which is currently undergoing the US Department of Defense approval review process, features the most advanced security-driven infrastructure for mobile phones. The breach, researchers believe, enables easy interception of data communications between the secure container and the external world including file transfers, emails and browser activity. 

The vulnerability was uncovered by Ph.D. student Mordechai Guri during an unrelated research task. Guri is part of a wider research team at the cyber security labs which focuses on mobile and other cyber related research topics. “To us, Knox symbolizes state-of-the-art in terms of secure mobile architectures and I was surprised to find that such a big ’hole‘ exists and was left untouched. The Knox has been widely adopted by many organizations and government agencies and this weakness has to be addressed immediately before it falls into the wrong hands,” he said. “We are also contacting Samsung in order to provide them with the full technical details of the breach so it can be fixed immediately.”  

The vulnerability was first reported by The Wall Street Journal late Monday evening. 

The Knox architecture features a regular phone environment as well as a secure container that is supposed to add security protection to the phone. All data and communications that take place within the secure container are protected and even if a malicious application should attack the non-secure part all the protected data should be inaccessible under all circumstances. However, the newly found breach can be used to bypass all Knox security measures. By simply installing an “innocent” app on the regular phone (in the non-secure container) all communications from the phone can be captured and exposed.  

The Samsung Knox is based on TrustZone’s mobile virtualization platform which serves as the underlying infrastructure for the available protective measures. “To solve this weakness, Samsung may need to recall their devices or at least publish an over the air software fix immediately. The weakness found may require Samsung to re-think a few aspects of their secure architecture in future models” said Dudu Mimran the Chief Technology Officer of the BGU labs.  

The Cyber Security Labs part of BGU’s Homeland Security Institute are located in the Advanced Technologies Park adjacent to the University in Beer-Sheva. They are headed by Prof. Yuval Elovici of the Department of Information Systems Engineering, who is also director of Telekom Innovation Laboratories at BGU. The labs are a pioneer in Israel’s cyber security powerhouse – actively researching the topic of mobile device security as well as network security for seven years both independently and as part of the existing tight collaboration with Telekom Innovation Laboratories. 

Israël Science Info