The Threat in your Pocket: Trends, Challenges, and Solutions in Mobile Application Security

SamMalek-135x150.jpg

Professor Sam Malek
University of California, USA

Abstract

Mobile devices are ubiquitous, with billions of smartphones and tablets used worldwide. Fueling the popularity of such devices is the abundance of apps available on a variety of markets (e.g., Google Play). This abundance of apps arises, in large part, due to the platform’s low barrier to entry for amateur and professional developers alike, where a re-usable infrastructure enables relatively quick production of apps. However, this low barrier to entry is associated with an increased risk of apps with defects, particularly in the form of security vulnerabilities. Consequently, developers and designers of such apps are in need of appropriate approaches, tools, and frameworks that aid them in producing secure apps. In this talk, I will first provide an overview of the security vulnerabilities in Android and the attacks that exploit them. I will then describe a few promising approaches that aim to resolve these security threats. Finally, I will conclude the talk with the lessons learned and the avenues for future research.

Speaker’s Bio

Sam Malek is an Associate Professor in the Informatics Department within the School of Information and Computer Sciences at the University of California, Irvine. He is also Director of the Institute for Software Research and Software Engineering and Analysis Laboratory. Malek’s general research interests are in the field of software engineering, and to date his focus has spanned the areas of software architecture, autonomic computing, mobile computing, security, and software analysis and testing. The underlying theme of his research has been to devise techniques and tools that aid with the construction, analysis, and maintenance of large-scale software systems. Malek received his Ph.D. and M.S. degrees in Computer Science from the University of Southern California and his B.S. degree in Information and Computer Science from the University of California, Irvine. He has received numerous awards for his research contributions, including the National Science Foundation CAREER award (2013), GMU Emerging Researcher/Scholar/Creator award (2013), and GMU Computer Science Department Outstanding Faculty Research Award (2011). Malek is currently on the editorial board of the ACM Transactions on Software Engineering and MethodologyACM Transactions on Autonomous and Adaptive Systems, and Springer Journal of Computing. He provides software expert witness consulting through Quandary Peak Research. Malek is a member of the Association for Computing Machinery (ACM), ACM Special Interest Group on Software Engineering (SIGSOFT), and the Institute of Electrical and Electronics Engineers (IEEE).