Symbolic execution and program testing
Communications of the ACM
Reflections on remote reflection
ACSC '01 Proceedings of the 24th Australasian conference on Computer science
IEEE Security and Privacy
Towards an Intrusion Detection System for Battery Exhaustion Attacks on Mobile Computing Devices
PERCOMW '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops
PathExpander: Architectural Support for Increasing the Path Coverage of Dynamic Bug Detection
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Exploring Multiple Execution Paths for Malware Analysis
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Measuring integrity on mobile phone systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Detecting energy-greedy anomalies and mobile malware variants
Proceedings of the 6th international conference on Mobile systems, applications, and services
Cloaker: Hardware Supported Rootkit Concealment
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
VirusMeter: Preventing Your Cellphone from Spies
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Semantically Rich Application-Centric Security in Android
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Rootkits on smart phones: attacks, implications and opportunities
Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications
Effects of Wi-Fi and Bluetooth Battery Exhaustion Attacks on Mobile Devices
HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
A forced sampled execution approach to kernel rootkit identification
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Exploiting smart-phone USB connectivity for fun and profit
Proceedings of the 26th Annual Computer Security Applications Conference
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Address space randomization for mobile devices
Proceedings of the fourth ACM conference on Wireless network security
A study of android application security
SEC'11 Proceedings of the 20th USENIX conference on Security
Crowdroid: behavior-based malware detection system for Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Android permissions demystified
Proceedings of the 18th ACM conference on Computer and communications security
Dissecting Android Malware: Characterization and Evolution
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
| Hi-index | 0.00 |
Recent advances in the hardware capabilities of mobile hand-held devices have fostered the development of open source operating systems and a wealth of applications for mobile phones and tablet devices. This new generation of smart devices, including iPhone and Google Android, are powerful enough to accomplish most of the user tasks previously requiring a personal computer. Moreover, mobile devices have access to Personally Identifiable Information (PII) from a full suite of sensors such as GPS, camera, microphone and others. In this paper, we discuss the security threats that stem from these new smart device capabilities and the online application markets for mobile devices. These threats include malware, data exfiltration, exploitation through USB, and user and data tracking. We present our ongoing research efforts to defend or mitigate the impact of attacks against mobile devices. Our approaches involve analyzing the source code and binaries of mobile applications, kernel-level and data encryption, and controlling the communication mechanisms for synchronizing the user contents with computers and other phones including updates or new version of the operating system or applications over USB. We also explain the emerging challenges in dealing with these security issues when the end-goal is to deploy security-enhanced smart phones into military and tactical scenarios.