Improving Smartphone Security and Reliability

Iulian Neamtiu, Xuetao Wei, Michalis Faloutsos, Lorenzo Gomez, Tanzirul Azim, Yongjian Hu, Zhiyong Shan

Research output: Contribution to journalArticlepeer-review

Abstract

Users are increasingly relying on smartphones, hence concerns such as mobile app security, privacy, and correctness have become increasingly pressing. Software analysis has been successful in tackling many such concerns, albeit on other platforms, such as desktop and server. To fill this gap, he have developed infrastructural tools that permit a wide range of software analyses for the Android smartphone platform. Developing these tools has required surmounting many challenges unique to the smartphone platform: dealing with input non-determinism in sensor-oriented apps, non-standard control ow, low-overhead yet high-fidelity record-and-replay. Our tools can analyze substantial, widely-popular apps running directly on smartphones, and do not require access to the app's source code. We will first present two tools (automated exploration, record-and-replay) that increase Android app reliability by allowing apps to be explored automatically, and bugs replayed or isolated. Next, we present several security applications of our infrastructure: a permission evolution study on the Android ecosystem; understanding and quantifying the risk posed by URL accesses in benign and malicious apps; app profiling to summarize app behavior; and Moving Target Defense for thwarting attacks.

Original languageEnglish (US)
Article number1740002
JournalJournal of Interconnection Networks
Volume17
Issue number1
DOIs
StatePublished - Mar 1 2017

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Keywords

  • Mobile applications
  • android
  • monitoring
  • moving target defense
  • profiling
  • program analysis
  • record-and-replay
  • security

Fingerprint

Dive into the research topics of 'Improving Smartphone Security and Reliability'. Together they form a unique fingerprint.

Cite this