Seminar
Monday, April 11, 12pm
333, IST Bldg.
By: Patrick McDaniel
Penn State University
“EIGHT YEARS OF MOBILE SMARTPHONE SECURITY”
The introduction of smart phones in 2008 forever changed the way users interact with data and computation. These platforms and the network and cloud services supporting them have led to a renaissance of mobile computing. At the same time, changes in the nature of personal computing heightens concerns about security and privacy. Such concerns prompted an ongoing area of scientific study exploring smartphone and application security. Through these efforts, the technical community has become increasingly aware that applications can and often do work against the user's best interests and house new forms of malware.
This talk explores the genesis and evolution of academic research efforts in evaluating smartphone application security over the first eight years of its existence. A retrospective view of how the community's understanding of application security has changed over the years is provided, with a focus on the scientific questions asked and the methods used. We highlight a range of analysis techniques that extract software structures and behaviors from smartphone applications, and describe several studies that identified important security and privacy concerns. The talk concludes by considering the realities of current mobile apps and markets and identifies challenges in preventing misuse of smartphones.
This talk explores the genesis and evolution of academic research efforts in evaluating smartphone application security over the first eight years of its existence. A retrospective view of how the community's understanding of application security has changed over the years is provided, with a focus on the scientific questions asked and the methods used. We highlight a range of analysis techniques that extract software structures and behaviors from smartphone applications, and describe several studies that identified important security and privacy concerns. The talk concludes by considering the realities of current mobile apps and markets and identifies challenges in preventing misuse of smartphones.
BIO
Patrick McDaniel is a Distinguished Professor in the School of Electrical Engineering and Computer Science at the The Pennsylvania State University, co-director of the Systems and Internet Infrastructure Security Laboratory, and Fellow of IEEE and ACM. Dr. McDaniel is also the program manager and lead scientist for the Army Research Laboratory's Cyber-Security Collaborative Research Alliance. Patrick's research efforts focus on a wide range of topics in security technical public policy. Patrick was the editor-in-chief of the ACM Journal Transactions on Internet Technology (TOIT), and served as associate editor of the journals ACM Transactions on Information and System Security, IEEE Transactions on Computers, and IEEE Transactions on Software Engineering. Patrick was awarded the National Science Foundation CAREER Award and has chaired several top conferences in security including the IEEE Symposium on Security and Privacy and the USENIX Security Symposium. Prior being a Senior Research Staff Member at AT&T Labs/Research, Patrick was a software architect and project manager in the telecommunications industry.
