Mobility (HCSS'14)

file

Visible to the public Keynote Presentation: Neal Ziring

Abstract

file

Visible to the public Triceratops: Privacy-protecting Mobile Apps

Abstract:

We propose to build a tool, Triceratops, for protecting user privacy in mobile applications. It allows any user to protect his or her personal information from malicious mobile apps, in ways that are not possible today. Triceratops takes a mobile app with a set of privacy policies as input, and generates a secured version of the app. The secured app dynamically and efficiently enforces the specified policies, guaranteeing privacy of its users.

file

Visible to the public Multi-App Security Analysis: Looking for Android App Collusion

Abstract:

The Android security model was built from the ground up to combat potential attacks (or misuse) one app at a time. This model culminates in a user interface that asks for the user's approval each time an app is installed. While the interfaces enables users to avoid applications that may violate their security policy (by using combinations of permissions) applications can freely communicate with each other to share their permissions, achieving capabilities through collusion that astute users would not have approved.