Mobile devices have been very successful and continue to expand their user base. However, the very features that have made these devices successful, e.g., rich sensor inputs (GPS, camera, microphone) and continuous Internet connectivity, have also made the devices a favorite target for attackers. Attacks can have many negative consequences, from stealing users' secrets to spying on the users or installing viruses that render devices inoperable. This project will develop dynamic slicing techniques so that developers and researchers will be able to gain effective insights into device and app behavior, including malicious apps; this will make it easier to construct secure apps and to find/eliminate malicious behavior, which in turn will benefit mobile device users. Undergraduate and graduate students will be introduced to new approaches to smartphone security, which will make students better equipped for tackling emerging software research and development challenges.Dynamic slicing (analyzing an execution to identify relevant code and data dependences) is a particularly effective technique for addressing a wide range of security problems. This project will develop a dynamic slicer for Android and then use the slicer, as well as its integration with other existing tools, for three main security applications. First, improving dynamic taint analysis via efficient, effective, integrated control/data slicing. Second, finding relevant parts in the input to identity which sensor stream and part thereof are responsible for security-relevant behavior, e.g., attack, crash, botnet operation, or use of anti-detection techniques. Third, Undo Computing, in particular combining slicing with record-and-replay to support undo computing on Android. These lines of work are expected to lead to advances in: security, e.g., precise and effective dynamic taint tracking, finding leaks due to control dependences, understanding botnet behavior, principled discovery of anti-detection techniques, sEnvironmental Protection Agencyrating benign from malicious state changes; and program analysis, e.g., slicing programs that are event-oriented or rely heavily on inter-process communication; computing input/data/code interdependences in the presence of high-throughput event streams.
|Effective start/end date||9/1/16 → 8/31/19|
- National Science Foundation