UK universities receive £3m to fight Android hackers

The Engineering and Physical Sciences Research Council (EPSRC) has allocated £3m in funding to academics at Royal Holloway University of London, City University London, Coventry and Swansea Universities, to find new ways to combat mobile malware.
The funding will see the universities set up five cross-university research teams, devoted to creating new anti-malware technologies. Two of the research teams will focus on application security, while the remaining three will work to increase the UK's overall cyber defences.
Information Security lecturer at Royal Holloway University of London Dr Lorenzo Cavallaro will lead one of the application research teams. His team will focus on creating new ways to identify malicious applications running on Android.
Lorenzo said the research is essential as many smartphone users are still ignorant about mobile security threats.
"We're used to considering our phones as a trusted, private channel of communication, and suitable to receive authentication information to access specific online services. Unfortunately, this information can be leaked or abused by colluding malware if the mobile device is infected," he said.
Professor Tom Chen will lead the research teams at City University London, and Swansea and Coventry universities. The teams will focus on detecting and removing colluding apps, which apps are a suite of malicious applications that work together to infect smartphones. Their fragmented nature makes them difficult to spot using traditional security services.
Chen said combating colluding apps is an underexplored area that needs to be addressed. "Currently almost all academic and industry efforts are focusing on single malicious apps; almost no attention has been given to colluding apps. Existing antivirus products are not designed to detect collusion," he said.
Security firm McAfee will help co-ordinate the research teams' efforts. Senior principal architect at McAfee, Dr Igor Muttik said the new research is an essential step in the security community's battle against advanced malware.
"We're up against really sophisticated malware – some even used by nation states for spying. All attackers are well aware of the technology involved in detecting and tracking them," he said.
"These cyber criminals often take an industrial approach to malware: they try to maximise their benefits from it. So, we need to constantly raise the bar by improving the technology and this will make it more complex and less profitable for them to operate."
The funding initiative is one of many to be announced in recent years. Investing in academic research has been an ongoing part of the UK government's Cyber Security Strategy. The UK government invested £7.5m with Royal Holloway University of London and Oxford University in May 2013 to create two new cyber higher education centres.