Measuring and Mitigating Security and Privacy Issues on Android Applications

Abstract

Over time, the increasing popularity of the Android operating system (OS) has resulted in its user-base surging past 1 billion unique devices. As a result, cybercriminals and other non-criminal actors are attracted to the OS due to the amount of user information they can access, its open-nature, distribution network, etc. Due to the ever-changing nature of the Android ecosystem and the arms race involved in detecting and mitigating malicious applications, it is important to continuously examine the ecosystem for security and privacy issues. In this talk, I will present our research contributions in this space, which investigates two application characteristics: vulnerable and malicious. The first part of the talk focuses on measuring vulnerabilities in applications that are due to poor implementation of security and privacy protocols, which when exploited, results in a compromise of users’ security or privacy. While the second part discusses our work on the detection of applications that are intentionally designed to act maliciously.

Date
Event
Queen Mary University of London Networks Group Seminar
Location
Eng 324 (Engineering Building)