Smartphone Security

Status: Ongoing

We are studying the security of smartphone devices. The project has two focuses: application analysis and platform design. We are developing static and dynamic analyses of Android applications to identify vulnerable and malicious applications. We are also studying the Android and iOS permission systems and communication mechanisms, with the goal of making recommendations for future systems. Our interest in platform design includes usability studies; we are examining how users view smartphone security.

Publications

  • Android Permissions Demystified. Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, and David Wagner. Proceedings of the ACM Conference on Computer and Communication Security (CCS), October 2011. [pdf][website]
  • A Survey of Mobile Malware In The Wild. Adrienne Porter Felt, Matthew Finifter, Erika Chin, Steve Hanna, and David Wagner. Proceedings of the ACM Workshop on Security and Privacy in Mobile Devices (SPSM), October 2011.
  • Permission Re-Delegation: Attacks and Defenses. Adrienne Porter Felt, Helen Wang, Alex Moshchuk, Steve Hanna, and Erika Chin. Proceedings of the USENIX Security Symposium, August 2011. [pdf]
  • Analyzing Inter-Application Communication in Android. Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner. Proceedings of the International Conference on Mobile Systems, Applications, and Services (MobiSys), June 2011. [pdf] [website]
  • The Effectiveness of Application Permissions. Adrienne Porter Felt, Kate Greenwood, and David Wagner. Proceedings of the USENIX Conference on Web Application Development (WebApps), June 2011. [pdf]
  • Phishing on Mobile Devices. Adrienne Porter Felt and David Wagner. Workshop on Web Security and Privacy (W2SP), May 2011. [pdf]

Project members

Collaboration with undergraduate students

  • Charles Chen
  • Royce Cheng-Yue
  • Kate Greenwood
  • David Kantola
  • Kathryn Lingel
  • Tom Magrino
  • Richard Shin
  • Edward Wu
Security Lab